-
Notifications
You must be signed in to change notification settings - Fork 8k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Security Solution] Add missing alerts (signals) API endpoints OpenAP…
…I specs (#184838) **Addresses:** #183661 ## Summary This PR adds missing OpenAPI specs for the following API endpoints (Alerts API and Alerts Migration API) available in both Serverless and ESS - `POST /api/detection_engine/signals/status` - `POST /api/detection_engine/signals/tags` - `POST /api/detection_engine/signals/search` and API endpoints available only in ESS - `POST /api/detection_engine/signals/migration_status` - `POST /api/detection_engine/signals/migration` - `POST /api/detection_engine/signals/finalize_migration` - `DELETE /api/detection_engine/signals/migration` **Note:** Code generation is enabled for the added specs to verify that it works and produces expected results. Generated Zod schemas and types aren't integrated in the route's code.
- Loading branch information
Showing
55 changed files
with
1,325 additions
and
569 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
38 changes: 38 additions & 0 deletions
38
...rity_solution/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.gen.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License | ||
* 2.0; you may not use this file except in compliance with the Elastic License | ||
* 2.0. | ||
*/ | ||
|
||
/* | ||
* NOTICE: Do not edit this file manually. | ||
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. | ||
* | ||
* info: | ||
* title: Manage alert tags API endpoint | ||
* version: 2023-10-31 | ||
*/ | ||
|
||
import { z } from 'zod'; | ||
|
||
import { AlertIds, AlertTags } from '../../../model/alert.gen'; | ||
|
||
export type ManageAlertTags = z.infer<typeof ManageAlertTags>; | ||
export const ManageAlertTags = z.object({ | ||
tags_to_add: AlertTags, | ||
tags_to_remove: AlertTags, | ||
}); | ||
|
||
export type ManageAlertTagsRequestBody = z.infer<typeof ManageAlertTagsRequestBody>; | ||
export const ManageAlertTagsRequestBody = z.object({ | ||
ids: AlertIds, | ||
tags: ManageAlertTags, | ||
}); | ||
export type ManageAlertTagsRequestBodyInput = z.input<typeof ManageAlertTagsRequestBody>; | ||
|
||
/** | ||
* Elasticsearch update by query response | ||
*/ | ||
export type ManageAlertTagsResponse = z.infer<typeof ManageAlertTagsResponse>; | ||
export const ManageAlertTagsResponse = z.object({}).catchall(z.unknown()); |
70 changes: 70 additions & 0 deletions
70
...solution/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.schema.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,70 @@ | ||
openapi: 3.0.0 | ||
info: | ||
title: Manage alert tags API endpoint | ||
version: '2023-10-31' | ||
paths: | ||
/api/detection_engine/signals/tags: | ||
post: | ||
x-labels: [serverless, ess] | ||
operationId: ManageAlertTags | ||
x-codegen-enabled: true | ||
summary: Manage alert tags for a one or more alerts | ||
tags: | ||
- Alerts API | ||
requestBody: | ||
description: An object containing tags to add or remove and alert ids the changes will be applied | ||
required: true | ||
content: | ||
application/json: | ||
schema: | ||
type: object | ||
properties: | ||
ids: | ||
$ref: '../../../model/alert.schema.yaml#/components/schemas/AlertIds' | ||
tags: | ||
$ref: '#/components/schemas/ManageAlertTags' | ||
required: | ||
- ids | ||
- tags | ||
responses: | ||
200: | ||
description: Successful response | ||
content: | ||
application/json: | ||
schema: | ||
type: object | ||
additionalProperties: true | ||
description: Elasticsearch update by query response | ||
400: | ||
description: Invalid input data response | ||
content: | ||
application/json: | ||
schema: | ||
oneOf: | ||
- $ref: '../../../model/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse' | ||
- $ref: '../../../model/error_responses.schema.yaml#/components/schemas/SiemErrorResponse' | ||
401: | ||
description: Unsuccessful authentication response | ||
content: | ||
application/json: | ||
schema: | ||
$ref: '../../../model/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse' | ||
500: | ||
description: Internal server error response | ||
content: | ||
application/json: | ||
schema: | ||
$ref: '../../../model/error_responses.schema.yaml#/components/schemas/SiemErrorResponse' | ||
|
||
components: | ||
schemas: | ||
ManageAlertTags: | ||
type: object | ||
properties: | ||
tags_to_add: | ||
$ref: '../../../model/alert.schema.yaml#/components/schemas/AlertTags' | ||
tags_to_remove: | ||
$ref: '../../../model/alert.schema.yaml#/components/schemas/AlertTags' | ||
required: | ||
- tags_to_add | ||
- tags_to_remove |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
20 changes: 0 additions & 20 deletions
20
...ty_solution/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags_route.ts
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
45 changes: 45 additions & 0 deletions
45
...ity_solution/common/api/detection_engine/signals/query_signals/query_signals_route.gen.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License | ||
* 2.0; you may not use this file except in compliance with the Elastic License | ||
* 2.0. | ||
*/ | ||
|
||
/* | ||
* NOTICE: Do not edit this file manually. | ||
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. | ||
* | ||
* info: | ||
* title: Alerts search API endpoint | ||
* version: 2023-10-31 | ||
*/ | ||
|
||
import { z } from 'zod'; | ||
|
||
export type AlertsSortCombinations = z.infer<typeof AlertsSortCombinations>; | ||
export const AlertsSortCombinations = z.union([z.string(), z.object({}).catchall(z.unknown())]); | ||
|
||
export type AlertsSort = z.infer<typeof AlertsSort>; | ||
export const AlertsSort = z.union([AlertsSortCombinations, z.array(AlertsSortCombinations)]); | ||
|
||
/** | ||
* Elasticsearch query and aggregation request | ||
*/ | ||
export type SearchAlertsRequestBody = z.infer<typeof SearchAlertsRequestBody>; | ||
export const SearchAlertsRequestBody = z.object({ | ||
query: z.object({}).catchall(z.unknown()).optional(), | ||
aggs: z.object({}).catchall(z.unknown()).optional(), | ||
size: z.number().int().min(0).optional(), | ||
track_total_hits: z.boolean().optional(), | ||
_source: z.union([z.boolean(), z.string(), z.array(z.string())]).optional(), | ||
fields: z.array(z.string()).optional(), | ||
runtime_mappings: z.object({}).catchall(z.unknown()).optional(), | ||
sort: AlertsSort.optional(), | ||
}); | ||
export type SearchAlertsRequestBodyInput = z.input<typeof SearchAlertsRequestBody>; | ||
|
||
/** | ||
* Elasticsearch search response | ||
*/ | ||
export type SearchAlertsResponse = z.infer<typeof SearchAlertsResponse>; | ||
export const SearchAlertsResponse = z.object({}).catchall(z.unknown()); |
93 changes: 93 additions & 0 deletions
93
...olution/common/api/detection_engine/signals/query_signals/query_signals_route.schema.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,93 @@ | ||
openapi: 3.0.0 | ||
info: | ||
title: Alerts search API endpoint | ||
version: '2023-10-31' | ||
paths: | ||
/api/detection_engine/signals/search: | ||
post: | ||
x-labels: [serverless, ess] | ||
operationId: SearchAlerts | ||
x-codegen-enabled: true | ||
summary: Find and/or aggregate detection alerts that match the given query | ||
tags: | ||
- Alerts API | ||
requestBody: | ||
description: Search and/or aggregation query | ||
required: true | ||
content: | ||
application/json: | ||
schema: | ||
type: object | ||
properties: | ||
query: | ||
type: object | ||
additionalProperties: true | ||
aggs: | ||
type: object | ||
additionalProperties: true | ||
size: | ||
type: integer | ||
minimum: 0 | ||
track_total_hits: | ||
type: boolean | ||
_source: | ||
oneOf: | ||
- type: boolean | ||
- type: string | ||
- type: array | ||
items: | ||
type: string | ||
fields: | ||
type: array | ||
items: | ||
type: string | ||
runtime_mappings: | ||
type: object | ||
additionalProperties: true | ||
sort: | ||
$ref: '#/components/schemas/AlertsSort' | ||
description: Elasticsearch query and aggregation request | ||
responses: | ||
200: | ||
description: Successful response | ||
content: | ||
application/json: | ||
schema: | ||
type: object | ||
additionalProperties: true | ||
description: Elasticsearch search response | ||
400: | ||
description: Invalid input data response | ||
content: | ||
application/json: | ||
schema: | ||
oneOf: | ||
- $ref: '../../../model/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse' | ||
- $ref: '../../../model/error_responses.schema.yaml#/components/schemas/SiemErrorResponse' | ||
401: | ||
description: Unsuccessful authentication response | ||
content: | ||
application/json: | ||
schema: | ||
$ref: '../../../model/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse' | ||
500: | ||
description: Internal server error response | ||
content: | ||
application/json: | ||
schema: | ||
$ref: '../../../model/error_responses.schema.yaml#/components/schemas/SiemErrorResponse' | ||
|
||
components: | ||
schemas: | ||
AlertsSortCombinations: | ||
anyOf: | ||
- type: string | ||
- type: object | ||
additionalProperties: true | ||
|
||
AlertsSort: | ||
oneOf: | ||
- $ref: '#/components/schemas/AlertsSortCombinations' | ||
- type: array | ||
items: | ||
$ref: '#/components/schemas/AlertsSortCombinations' |
Oops, something went wrong.