API structure has changed
GET /api/endpoint/action/{action_id}
- Path
-
query path parameter Removed
-
Removing a resource is always breaking unless it was deprecated before
Breaking
-
- action_id path parameter Added
GET /api/endpoint/action/{action_id}/file/{file_id}/download`
- Path
-
query path parameter Removed
-
Removing a resource is always breaking unless it was deprecated before
Breaking
-
- action_id, file_id path parameters Added
GET /api/endpoint/action/{action_id}/file/{file_id}`
- Path
-
query path parameter Removed
-
Removing a resource is always breaking unless it was deprecated before
Breaking
-
- action_id, file_id path parameters Added
GET /api/endpoint/action_status
- Response
-
200 response Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
- body property Added
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
GET /api/endpoint/metadata/{id}
- Path
-
query path parameter Removed
-
Removing a resource is always breaking unless it was deprecated before
Breaking
-
- id path parameter Added
GET /api/endpoint/policy/summaries
- Operation is now deprecated
PATCH /api/detection_engine/rules
- Body
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
-
Security_Solution_Detections_API_EsqlRulePatchProps alternative Modified
-
response_actions property Removed
-
Removing a resource is always breaking unless it was deprecated before
Breaking
-
-
response_actions property Removed
-
Security_Solution_Detections_API_EsqlRulePatchProps alternative Modified
- Response
-
200 response Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
- Security_Solution_Detections_API_EsqlRuleResponseFields alternative Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
PATCH /api/detection_engine/rules/_bulk_update
- Body
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
- Security_Solution_Detections_API_EsqlRulePatchProps alternative Modified
- Response
-
200 response Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
- Security_Solution_Detections_API_EsqlRuleResponseFields alternative Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
POST /api/detection_engine/rules
- Body
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
-
Security_Solution_Detections_API_EsqlRuleCreateFields alternative Modified
-
response_actions property Removed
-
Removing a resource is always breaking unless it was deprecated before
Breaking
-
-
response_actions property Removed
-
Security_Solution_Detections_API_EsqlRuleCreateFields alternative Modified
- Response
-
200 response Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
- Security_Solution_Detections_API_EsqlRuleResponseFields alternative Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
POST /api/detection_engine/rules/_bulk_create
- Body
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
- Security_Solution_Detections_API_EsqlRuleCreateFields alternative Modified
- Response
-
200 response Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
- Security_Solution_Detections_API_EsqlRuleResponseFields alternative Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
POST /api/detection_engine/rules/_bulk_delete
- Response
-
200 response Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
- Security_Solution_Detections_API_EsqlRuleResponseFields alternative Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
POST /api/detection_engine/rules/preview
- Body
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
-
Security_Solution_Detections_API_RulePreviewParams alternative Modified
-
response_actions property Removed
-
Removing a resource is always breaking unless it was deprecated before
Breaking
-
- data_view_id, event_category_override, filters, index, tiebreaker_field, timestamp_field properties Added
-
response_actions property Removed
-
Security_Solution_Detections_API_RulePreviewParams alternative Modified
-
language, query properties Modified
-
Properties are no longer required
-
- data_view_id, filters, index, saved_id properties Added
-
language, query properties Modified
-
Security_Solution_Detections_API_RulePreviewParams alternative Modified
-
query, language properties Modified
-
Properties are no longer required
-
- saved_id, data_view_id, filters, index properties Added
-
query, language properties Modified
-
Security_Solution_Detections_API_RulePreviewParams alternative Modified
- alert_suppression property Modified
-
language property Modified
-
Property is no longer required
-
-
response_actions property Removed
-
Removing a resource is always breaking unless it was deprecated before
Breaking
-
- threshold, data_view_id, filters, index, saved_id properties Added
-
Security_Solution_Detections_API_RulePreviewParams alternative Modified
-
language property Modified
-
Property is no longer required
-
-
response_actions property Removed
-
Removing a resource is always breaking unless it was deprecated before
Breaking
-
- threat_index, threat_mapping, threat_query, concurrent_searches, data_view_id, filters, index, items_per_search, saved_id, threat_filters, threat_indicator_path, threat_language properties Added
-
language property Modified
-
Security_Solution_Detections_API_RulePreviewParams alternative Modified
-
response_actions, language, query properties Removed
-
Removing a resource is always breaking unless it was deprecated before
Breaking
-
- anomaly_threshold, machine_learning_job_id properties Added
-
response_actions, language, query properties Removed
-
Security_Solution_Detections_API_RulePreviewParams alternative Modified
-
language property Modified
-
Property is no longer required
-
-
response_actions property Removed
-
Removing a resource is always breaking unless it was deprecated before
Breaking
-
- history_window_start, new_terms_fields, data_view_id, filters, index properties Added
-
language property Modified
-
Security_Solution_Detections_API_RulePreviewParams alternative Modified
-
response_actions property Removed
-
Removing a resource is always breaking unless it was deprecated before
Breaking
-
-
response_actions property Removed
-
Security_Solution_Detections_API_RulePreviewParams alternative Modified
POST /api/endpoint/action/execute
- Body
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
-
Security_Solution_Endpoint_Management_API_ExecuteActionRequestBody alternative Removed
-
Removing a resource is always breaking unless it was deprecated before
Breaking
-
- Security_Solution_Endpoint_Management_API_ExecuteRouteRequestBody alternative Added
-
Security_Solution_Endpoint_Management_API_ExecuteActionRequestBody alternative Removed
POST /api/endpoint/action/get_file
- Body
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
-
Security_Solution_Endpoint_Management_API_GetFileActionRequestBody alternative Removed
-
Removing a resource is always breaking unless it was deprecated before
Breaking
-
- Security_Solution_Endpoint_Management_API_GetFileRouteRequestBody alternative Added
-
Security_Solution_Endpoint_Management_API_GetFileActionRequestBody alternative Removed
POST /api/endpoint/action/kill_process
- Body
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
-
Security_Solution_Endpoint_Management_API_ProcessActionSchemas alternative Removed
-
Removing a resource is always breaking unless it was deprecated before
Breaking
-
- Security_Solution_Endpoint_Management_API_KillOrSuspendActionSchema alternative Added
-
Security_Solution_Endpoint_Management_API_ProcessActionSchemas alternative Removed
POST /api/endpoint/action/scan
- Body
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
-
Security_Solution_Endpoint_Management_API_ScanActionRequestBody alternative Removed
-
Removing a resource is always breaking unless it was deprecated before
Breaking
-
- Security_Solution_Endpoint_Management_API_ScanRouteRequestBody alternative Added
-
Security_Solution_Endpoint_Management_API_ScanActionRequestBody alternative Removed
POST /api/endpoint/action/suspend_process
- Body
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
-
Security_Solution_Endpoint_Management_API_ProcessActionSchemas alternative Removed
-
Removing a resource is always breaking unless it was deprecated before
Breaking
-
- Security_Solution_Endpoint_Management_API_KillOrSuspendActionSchema alternative Added
-
Security_Solution_Endpoint_Management_API_ProcessActionSchemas alternative Removed
POST /api/endpoint/action/upload
- Body
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
-
Security_Solution_Endpoint_Management_API_FileUploadActionRequestBody alternative Removed
-
Removing a resource is always breaking unless it was deprecated before
Breaking
-
- Security_Solution_Endpoint_Management_API_UploadRouteRequestBody alternative Added
-
Security_Solution_Endpoint_Management_API_FileUploadActionRequestBody alternative Removed
POST /api/endpoint/isolate
- Operation is now deprecated
- Body
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
-
endpoint_ids property Modified
-
Property is now required
Breaking
-
endpoint_ids property Modified
-
Property is now required
Breaking
-
-
- agent_type property Added
-
endpoint_ids property Modified
POST /api/endpoint/unisolate
- Operation is now deprecated
- Body
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
-
endpoint_ids property Modified
-
Property is now required
Breaking
-
endpoint_ids property Modified
-
Property is now required
Breaking
-
-
- agent_type property Added
-
endpoint_ids property Modified
PUT /api/detection_engine/rules
- Body
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
-
Security_Solution_Detections_API_EsqlRuleCreateFields alternative Modified
-
response_actions property Removed
-
Removing a resource is always breaking unless it was deprecated before
Breaking
-
-
response_actions property Removed
-
Security_Solution_Detections_API_EsqlRuleCreateFields alternative Modified
- Response
-
200 response Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
- Security_Solution_Detections_API_EsqlRuleResponseFields alternative Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
PUT /api/detection_engine/rules/_bulk_update
- Body
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
- Security_Solution_Detections_API_EsqlRuleCreateFields alternative Modified
- Response
-
200 response Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
- Security_Solution_Detections_API_EsqlRuleResponseFields alternative Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
GET /api/endpoint/action/state
- Response
-
200 response Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
- body property Added
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
GET /api/endpoint/action
- Query
- query query parameter Modified
GET /api/detection_engine/rules/_find
- Response
-
200 response Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
- data property Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
GET /api/detection_engine/rules
- Response
-
200 response Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
- Security_Solution_Detections_API_EsqlRuleResponseFields alternative Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
DELETE /api/detection_engine/rules/_bulk_delete
- Response
-
200 response Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
- Security_Solution_Detections_API_EsqlRuleResponseFields alternative Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
DELETE /api/detection_engine/rules
- Response
-
200 response Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
- Security_Solution_Detections_API_EsqlRuleResponseFields alternative Modified
-
application/json; Elastic-Api-Version=2023-10-31 content type Modified
GET /api/endpoint/action_log/{agent_id}
- Removing a resource is always breaking unless it was deprecated before Breaking
POST /api/detection_engine/rules/_bulk_action
- Removing a resource is always breaking unless it was deprecated before Breaking
POST /api/endpoint/action/isolate
- Removing a resource is always breaking unless it was deprecated before Breaking
POST /api/endpoint/action/running_procs
- Removing a resource is always breaking unless it was deprecated before Breaking
POST /api/endpoint/action/unisolate
- Removing a resource is always breaking unless it was deprecated before Breaking
POST /api/security_ai_assistant/anonymization_fields/_bulk_action
- Removing a resource is always breaking unless it was deprecated before Breaking
POST /api/saved_objects/_import
POST /api/saved_objects/_resolve_import_errors
POST /api/saved_objects/{type}
POST /api/saved_objects/{type}/{id}
POST /api/security_ai_assistant/anonymization_fields/_bulk_action
POST /api/security_ai_assistant/prompts/_bulk_action
POST /s/{spaceId}/api/observability/slos
POST /s/{spaceId}/api/observability/slos/_delete_instances
POST /s/{spaceId}/api/observability/slos/{sloId}/_reset
POST /s/{spaceId}/api/observability/slos/{sloId}/disable
POST /s/{spaceId}/api/observability/slos/{sloId}/enable
PUT /api/actions/action/{actionId}
PUT /api/actions/connector/{connectorId}
PUT /api/data_views/data_view/{viewId}/runtime_field
PUT /api/saved_objects/{type}/{id}
PUT /s/{spaceId}/api/observability/slos/{sloId}
POST /api/actions
GET /s/{spaceId}/api/observability/slos/{sloId}
GET /s/{spaceId}/api/observability/slos
GET /api/status
GET /api/saved_objects/{type}/{id}
GET /api/saved_objects/resolve/{type}/{id}
GET /api/saved_objects/_find
GET /api/ml/saved_objects/sync
GET /api/endpoint/action_log/{agent_id}
GET /api/data_views/default
GET /api/data_views/data_view/{viewId}/runtime_field/{fieldName}
GET /api/data_views/data_view/{viewId}
GET /api/data_views
GET /api/apm/services/{serviceName}/annotation/search
GET /api/actions/list_action_types
GET /api/actions/connectors
GET /api/actions/connector_types
GET /api/actions/connector/{connectorId}
GET /api/actions/action/{actionId}
GET /api/actions
DELETE /s/{spaceId}/api/observability/slos/{sloId}
DELETE /api/data_views/data_view/{viewId}/runtime_field/{fieldName}
DELETE /api/data_views/data_view/{viewId}
DELETE /api/actions/connector/{connectorId}
DELETE /api/actions/action/{actionId}
POST /api/saved_objects/_export
POST /api/saved_objects/_bulk_update
POST /api/saved_objects/_bulk_resolve
POST /api/saved_objects/_bulk_get
POST /api/saved_objects/_bulk_delete
POST /api/saved_objects/_bulk_create
POST /api/endpoint/action/unisolate
POST /api/endpoint/action/running_procs
POST /api/endpoint/action/isolate
POST /api/encrypted_saved_objects/_rotate_key
POST /api/detection_engine/rules/_bulk_action
POST /api/data_views/swap_references/_preview
POST /api/data_views/swap_references
POST /api/data_views/default
POST /api/data_views/data_view/{viewId}/runtime_field/{fieldName}
POST /api/data_views/data_view/{viewId}/runtime_field
POST /api/data_views/data_view/{viewId}/fields
POST /api/data_views/data_view/{viewId}
POST /api/data_views/data_view
POST /api/apm/services/{serviceName}/annotation
POST /api/apm/agent_keys
POST /api/actions/connector/{connectorId}/_execute
POST /api/actions/connector/{connectorId}
POST /api/actions/connector
POST /api/actions/action/{actionId}/_execute