Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution] Create missing OpenAPI specs for Detections API #183661

Open
14 tasks
maximpn opened this issue May 16, 2024 · 4 comments
Open
14 tasks

[Security Solution] Create missing OpenAPI specs for Detections API #183661

maximpn opened this issue May 16, 2024 · 4 comments
Assignees
@maximpn
Labels
8.15 candidate docs Project:Serverless Work as part of the Serverless project for its initial release Team:Detection Engine Security Solution Detection Engine Area Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.

Comments

@maximpn
Copy link
Contributor

maximpn commented May 16, 2024
edited by banderror

Epic: https://github.com/elastic/security-team/issues/9398

Deadline: Jul 29, 2024 (see milestones in https://github.com/elastic/security-team/issues/9400)

Summary

As part of the Serverless project, we need to create OpenAPI specs for all public Detections API endpoints, because we want all of them documented before Serverless GA. Please look for more context in the epic.

During a Security Solution public API research we discovered that some public Detections API endpoints have missing OpenAPI specs. We need to add them.

API endpoints

The following public API endpoints are available in both Serverless and ESS, and don't have any OpenAPI specs:

  • POST /api/detection_engine/rules/{id}/exceptions
  • POST /api/detection_engine/rules/preview
  • POST /api/detection_engine/signals/status
  • POST /api/detection_engine/signals/tags
  • POST /api/detection_engine/signals/search
  • GET /api/detection_engine/privileges

The following public API endpoints are available in ESS only, and don't have any OpenAPI specs:

  • POST /api/detection_engine/index
  • GET /api/detection_engine/index
  • DELETE /api/detection_engine/index
  • POST /api/detection_engine/signals/migration_status
  • POST /api/detection_engine/signals/migration
  • POST /api/detection_engine/signals/finalize_migration
  • DELETE /api/detection_engine/signals/migration
  • POST /api/detection_engine/rules/_bulk_delete

To do

  • Create OpenAPI specs for the endpoints listed above.
  • Check if there are any other public endpoints that you own that don't have OpenAPI specs.
  • Make sure the specs you add are valid OpenAPI documents.
  • Make sure the specs you add match the actual API contract defined in the code.
  • Mark the endpoints as available in ESS, or Serverless, or in both offerings (depends on: https://github.com/elastic/security-team/issues/9516).
@maximpn maximpn added docs Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Detection Rule Management Security Detection Rule Management Team Project:Serverless Work as part of the Serverless project for its initial release Team:Detection Engine Security Solution Detection Engine Area labels May 16, 2024
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detection-engine (Team:Detection Engine)

@maximpn maximpn changed the title [Security Solution] Create missing OpenAPI specs for Detections API [Security Solution] Create missing OpenAPI specs for Detection Engine API May 17, 2024
@maximpn maximpn mentioned this issue May 17, 2024
Open
18 tasks
@banderror banderror changed the title [Security Solution] Create missing OpenAPI specs for Detection Engine API [Security Solution] Create missing OpenAPI specs for Detections API May 17, 2024
@banderror banderror mentioned this issue May 17, 2024
Open
30 tasks
This was referenced May 20, 2024
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@maximpn maximpn

Labels
8.15 candidate docs Project:Serverless Work as part of the Serverless project for its initial release Team:Detection Engine Security Solution Detection Engine Area Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@maximpn @banderror @elasticmachine