Change Updates

Do not miss any Security Solution API Playground (ESS) changes, ever again

Subscribe to the Security Solution API Playground (ESS) changelog to be up to date on recent changes.

RSS

Aug 13, 2024

main
1.0.2
Compare

API structure has changed

100 structure changes including:
6 Breaking changes
66 Additions
28 Modifications
6 Removals
Modified 28 Breaking
GET /api/endpoint/action/{action_id}
  • Path
  • query path parameter Removed

    • Removing a resource is always breaking unless it was deprecated before

      Breaking

  • action_id path parameter Added
GET /api/endpoint/action/{action_id}/file/{file_id}/download`
  • Path
  • query path parameter Removed

    • Removing a resource is always breaking unless it was deprecated before

      Breaking

  • action_id, file_id path parameters Added
GET /api/endpoint/action/{action_id}/file/{file_id}`
  • Path
  • query path parameter Removed

    • Removing a resource is always breaking unless it was deprecated before

      Breaking

  • action_id, file_id path parameters Added
GET /api/endpoint/action_status
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • body property Added
GET /api/endpoint/metadata/{id}
  • Path
  • query path parameter Removed

    • Removing a resource is always breaking unless it was deprecated before

      Breaking

  • id path parameter Added
GET /api/endpoint/policy/summaries
  • Operation is now deprecated
PATCH /api/detection_engine/rules
  • Body
  • application/json; Elastic-Api-Version=2023-10-31 content type Modified
    • Security_Solution_Detections_API_EsqlRulePatchProps alternative Modified
      • response_actions property Removed

        • Removing a resource is always breaking unless it was deprecated before

          Breaking

  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • Security_Solution_Detections_API_EsqlRuleResponseFields alternative Modified
PATCH /api/detection_engine/rules/_bulk_update
  • Body
  • application/json; Elastic-Api-Version=2023-10-31 content type Modified
    • Security_Solution_Detections_API_EsqlRulePatchProps alternative Modified
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • Security_Solution_Detections_API_EsqlRuleResponseFields alternative Modified
POST /api/detection_engine/rules
  • Body
  • application/json; Elastic-Api-Version=2023-10-31 content type Modified
    • Security_Solution_Detections_API_EsqlRuleCreateFields alternative Modified
      • response_actions property Removed

        • Removing a resource is always breaking unless it was deprecated before

          Breaking

  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • Security_Solution_Detections_API_EsqlRuleResponseFields alternative Modified
POST /api/detection_engine/rules/_bulk_create
  • Body
  • application/json; Elastic-Api-Version=2023-10-31 content type Modified
    • Security_Solution_Detections_API_EsqlRuleCreateFields alternative Modified
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • Security_Solution_Detections_API_EsqlRuleResponseFields alternative Modified
POST /api/detection_engine/rules/_bulk_delete
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • Security_Solution_Detections_API_EsqlRuleResponseFields alternative Modified
POST /api/detection_engine/rules/preview
  • Body
  • application/json; Elastic-Api-Version=2023-10-31 content type Modified
    • Security_Solution_Detections_API_RulePreviewParams alternative Modified
      • response_actions property Removed

        • Removing a resource is always breaking unless it was deprecated before

          Breaking

      • data_view_id, event_category_override, filters, index, tiebreaker_field, timestamp_field properties Added
    • Security_Solution_Detections_API_RulePreviewParams alternative Modified
      • language, query properties Modified

        • Properties are no longer required

      • data_view_id, filters, index, saved_id properties Added
    • Security_Solution_Detections_API_RulePreviewParams alternative Modified
      • query, language properties Modified

        • Properties are no longer required

      • saved_id, data_view_id, filters, index properties Added
    • Security_Solution_Detections_API_RulePreviewParams alternative Modified
      • alert_suppression property Modified
      • language property Modified

        • Property is no longer required

      • response_actions property Removed

        • Removing a resource is always breaking unless it was deprecated before

          Breaking

      • threshold, data_view_id, filters, index, saved_id properties Added
    • Security_Solution_Detections_API_RulePreviewParams alternative Modified
      • language property Modified

        • Property is no longer required

      • response_actions property Removed

        • Removing a resource is always breaking unless it was deprecated before

          Breaking

      • threat_index, threat_mapping, threat_query, concurrent_searches, data_view_id, filters, index, items_per_search, saved_id, threat_filters, threat_indicator_path, threat_language properties Added
    • Security_Solution_Detections_API_RulePreviewParams alternative Modified
      • response_actions, language, query properties Removed

        • Removing a resource is always breaking unless it was deprecated before

          Breaking

      • anomaly_threshold, machine_learning_job_id properties Added
    • Security_Solution_Detections_API_RulePreviewParams alternative Modified
      • language property Modified

        • Property is no longer required

      • response_actions property Removed

        • Removing a resource is always breaking unless it was deprecated before

          Breaking

      • history_window_start, new_terms_fields, data_view_id, filters, index properties Added
    • Security_Solution_Detections_API_RulePreviewParams alternative Modified
      • response_actions property Removed

        • Removing a resource is always breaking unless it was deprecated before

          Breaking

POST /api/endpoint/action/execute
  • Body
  • application/json; Elastic-Api-Version=2023-10-31 content type Modified
    • Security_Solution_Endpoint_Management_API_ExecuteActionRequestBody alternative Removed

      • Removing a resource is always breaking unless it was deprecated before

        Breaking

    • Security_Solution_Endpoint_Management_API_ExecuteRouteRequestBody alternative Added
POST /api/endpoint/action/get_file
  • Body
  • application/json; Elastic-Api-Version=2023-10-31 content type Modified
    • Security_Solution_Endpoint_Management_API_GetFileActionRequestBody alternative Removed

      • Removing a resource is always breaking unless it was deprecated before

        Breaking

    • Security_Solution_Endpoint_Management_API_GetFileRouteRequestBody alternative Added
POST /api/endpoint/action/kill_process
  • Body
  • application/json; Elastic-Api-Version=2023-10-31 content type Modified
    • Security_Solution_Endpoint_Management_API_ProcessActionSchemas alternative Removed

      • Removing a resource is always breaking unless it was deprecated before

        Breaking

    • Security_Solution_Endpoint_Management_API_KillOrSuspendActionSchema alternative Added
POST /api/endpoint/action/scan
  • Body
  • application/json; Elastic-Api-Version=2023-10-31 content type Modified
    • Security_Solution_Endpoint_Management_API_ScanActionRequestBody alternative Removed

      • Removing a resource is always breaking unless it was deprecated before

        Breaking

    • Security_Solution_Endpoint_Management_API_ScanRouteRequestBody alternative Added
POST /api/endpoint/action/suspend_process
  • Body
  • application/json; Elastic-Api-Version=2023-10-31 content type Modified
    • Security_Solution_Endpoint_Management_API_ProcessActionSchemas alternative Removed

      • Removing a resource is always breaking unless it was deprecated before

        Breaking

    • Security_Solution_Endpoint_Management_API_KillOrSuspendActionSchema alternative Added
POST /api/endpoint/action/upload
  • Body
  • application/json; Elastic-Api-Version=2023-10-31 content type Modified
    • Security_Solution_Endpoint_Management_API_FileUploadActionRequestBody alternative Removed

      • Removing a resource is always breaking unless it was deprecated before

        Breaking

    • Security_Solution_Endpoint_Management_API_UploadRouteRequestBody alternative Added
POST /api/endpoint/isolate
  • Operation is now deprecated
  • Body
  • application/json; Elastic-Api-Version=2023-10-31 content type Modified
    • endpoint_ids property Modified

      • Property is now required

        Breaking

      • endpoint_ids property Modified

        • Property is now required

          Breaking

    • agent_type property Added
POST /api/endpoint/unisolate
  • Operation is now deprecated
  • Body
  • application/json; Elastic-Api-Version=2023-10-31 content type Modified
    • endpoint_ids property Modified

      • Property is now required

        Breaking

      • endpoint_ids property Modified

        • Property is now required

          Breaking

    • agent_type property Added
PUT /api/detection_engine/rules
  • Body
  • application/json; Elastic-Api-Version=2023-10-31 content type Modified
    • Security_Solution_Detections_API_EsqlRuleCreateFields alternative Modified
      • response_actions property Removed

        • Removing a resource is always breaking unless it was deprecated before

          Breaking

  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • Security_Solution_Detections_API_EsqlRuleResponseFields alternative Modified
PUT /api/detection_engine/rules/_bulk_update
  • Body
  • application/json; Elastic-Api-Version=2023-10-31 content type Modified
    • Security_Solution_Detections_API_EsqlRuleCreateFields alternative Modified
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • Security_Solution_Detections_API_EsqlRuleResponseFields alternative Modified
GET /api/endpoint/action/state
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • body property Added
GET /api/endpoint/action
  • Query
  • query query parameter Modified
GET /api/detection_engine/rules/_find
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • data property Modified
GET /api/detection_engine/rules
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • Security_Solution_Detections_API_EsqlRuleResponseFields alternative Modified
DELETE /api/detection_engine/rules/_bulk_delete
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • Security_Solution_Detections_API_EsqlRuleResponseFields alternative Modified
DELETE /api/detection_engine/rules
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • Security_Solution_Detections_API_EsqlRuleResponseFields alternative Modified
Removed 6 Breaking
GET /api/endpoint/action_log/{agent_id}
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
POST /api/detection_engine/rules/_bulk_action
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
POST /api/endpoint/action/isolate
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
POST /api/endpoint/action/running_procs
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
POST /api/endpoint/action/unisolate
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
POST /api/security_ai_assistant/anonymization_fields/_bulk_action
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
Added 66
POST /api/saved_objects/_import
POST /api/saved_objects/_resolve_import_errors
POST /api/saved_objects/{type}
POST /api/saved_objects/{type}/{id}
POST /api/security_ai_assistant/anonymization_fields/_bulk_action
POST /api/security_ai_assistant/prompts/_bulk_action
POST /s/{spaceId}/api/observability/slos
POST /s/{spaceId}/api/observability/slos/_delete_instances
POST /s/{spaceId}/api/observability/slos/{sloId}/_reset
POST /s/{spaceId}/api/observability/slos/{sloId}/disable
POST /s/{spaceId}/api/observability/slos/{sloId}/enable
PUT /api/actions/action/{actionId}
PUT /api/actions/connector/{connectorId}
PUT /api/data_views/data_view/{viewId}/runtime_field
PUT /api/saved_objects/{type}/{id}
PUT /s/{spaceId}/api/observability/slos/{sloId}
POST /api/actions
GET /s/{spaceId}/api/observability/slos/{sloId}
GET /s/{spaceId}/api/observability/slos
GET /api/status
GET /api/saved_objects/{type}/{id}
GET /api/saved_objects/resolve/{type}/{id}
GET /api/saved_objects/_find
GET /api/ml/saved_objects/sync
GET /api/endpoint/action_log/{agent_id}
GET /api/data_views/default
GET /api/data_views/data_view/{viewId}/runtime_field/{fieldName}
GET /api/data_views/data_view/{viewId}
GET /api/data_views
GET /api/apm/services/{serviceName}/annotation/search
GET /api/actions/list_action_types
GET /api/actions/connectors
GET /api/actions/connector_types
GET /api/actions/connector/{connectorId}
GET /api/actions/action/{actionId}
GET /api/actions
DELETE /s/{spaceId}/api/observability/slos/{sloId}
DELETE /api/data_views/data_view/{viewId}/runtime_field/{fieldName}
DELETE /api/data_views/data_view/{viewId}
DELETE /api/actions/connector/{connectorId}
DELETE /api/actions/action/{actionId}
POST /api/saved_objects/_export
POST /api/saved_objects/_bulk_update
POST /api/saved_objects/_bulk_resolve
POST /api/saved_objects/_bulk_get
POST /api/saved_objects/_bulk_delete
POST /api/saved_objects/_bulk_create
POST /api/endpoint/action/unisolate
POST /api/endpoint/action/running_procs
POST /api/endpoint/action/isolate
POST /api/encrypted_saved_objects/_rotate_key
POST /api/detection_engine/rules/_bulk_action
POST /api/data_views/swap_references/_preview
POST /api/data_views/swap_references
POST /api/data_views/default
POST /api/data_views/data_view/{viewId}/runtime_field/{fieldName}
POST /api/data_views/data_view/{viewId}/runtime_field
POST /api/data_views/data_view/{viewId}/fields
POST /api/data_views/data_view/{viewId}
POST /api/data_views/data_view
POST /api/apm/services/{serviceName}/annotation
POST /api/apm/agent_keys
POST /api/actions/connector/{connectorId}/_execute
POST /api/actions/connector/{connectorId}
POST /api/actions/connector
POST /api/actions/action/{actionId}/_execute