diff --git a/docs/api-generated/rules/rule-apis-passthru.asciidoc b/docs/api-generated/rules/rule-apis-passthru.asciidoc index 0e9260905cbc8b..8ef9fdfacf5609 100644 --- a/docs/api-generated/rules/rule-apis-passthru.asciidoc +++ b/docs/api-generated/rules/rule-apis-passthru.asciidoc @@ -22,7 +22,9 @@ Any modifications made to this file will be overwritten.
  • post /s/{spaceId}/api/alerting/rule/{ruleId}/_disable
  • post /s/{spaceId}/api/alerting/rule/{ruleId}/_enable
  • get /s/{spaceId}/api/alerting/rules/_find
    • +
  • get /s/{spaceId}/api/alerting/_health
  • get /s/{spaceId}/api/alerting/rule/{ruleId}
    • +
  • get /s/{spaceId}/api/alerting/rule_types
  • post /s/{spaceId}/api/alerting/rule/{ruleId}/alert/{alertId}/_mute
  • post /s/{spaceId}/api/alerting/rule/{ruleId}/_mute_all
  • post /s/{spaceId}/api/alerting/rule/{ruleId}/alert/{alertId}/_unmute
    • @@ -63,18 +65,30 @@ Any modifications made to this file will be overwritten. +

    Produces

    + This API call produces the following media types according to the Accept request header; + the media type will be conveyed by the Content-Type response header. +

    Responses

    204

    Indicates a successful call. +

    401

    + Authorization information is missing or invalid. + 401_response +

    404

    + Object is not found. + 404_response
    Up 
    post /s/{spaceId}/api/alerting/rule/{ruleId}/_disable
    -
    Disable a rule. (disableRule)
    +
    Disables a rule. (disableRule)
    You must have all privileges for the appropriate Kibana features, depending on the consumer and rule_type_id of the rule. For example, the Management > Stack Rules feature, Analytics > Discover and Machine Learning features, Observability, and Security features.

    Path parameters

    @@ -102,18 +116,30 @@ Any modifications made to this file will be overwritten. +

    Produces

    + This API call produces the following media types according to the Accept request header; + the media type will be conveyed by the Content-Type response header. +

    Responses

    204

    Indicates a successful call. +

    401

    + Authorization information is missing or invalid. + 401_response +

    404

    + Object is not found. + 404_response
    Up 
    post /s/{spaceId}/api/alerting/rule/{ruleId}/_enable
    -
    Enable a rule. (enableRule)
    +
    Enables a rule. (enableRule)
    This API supports token-based authentication only. You must have all privileges for the appropriate Kibana features, depending on the consumer and rule_type_id of the rule. For example, the Management > Stack Rules feature, Analytics > Discover and Machine Learning features, Observability, and Security features.

    Path parameters

    @@ -141,11 +167,23 @@ Any modifications made to this file will be overwritten. +

    Produces

    + This API call produces the following media types according to the Accept request header; + the media type will be conveyed by the Content-Type response header. +

    Responses

    204

    Indicates a successful call. +

    401

    + Authorization information is missing or invalid. + 401_response +

    404

    + Object is not found. + 401_response
    @@ -325,13 +363,95 @@ Any modifications made to this file will be overwritten.

    200

    Indicates a successful call.     findRules_200_response +

    401

    + Authorization information is missing or invalid. + 401_response +
    +
    +
    +
    + Up + 
    get /s/{spaceId}/api/alerting/_health
    +
    Retrieves the health status of the alerting framework. (getAlertingHealth)
    +
    You must have read privileges for the Management > Stack Rules feature or for at least one of the Analytics > Discover, Analytics > Machine Learning, Observability, or Security features.
    + +

    Path parameters

    +
    +
    spaceId (required)
    + +
    Path Parameter — An identifier for the space. If /s/ and the identifier are omitted from the path, the default space is used. default: null
    +
    + + + + + + +

    Return type

    +
    + getAlertingHealth_200_response + +
    + + + +

    Example data

    +
    Content-Type: application/json
    + 
    {
+  "alerting_framework_health" : {
+    "execution_health" : {
+      "status" : "ok",
+      "timestamp" : "2023-01-13T01:28:00.28Z"
+    },
+    "read_health" : {
+      "status" : "ok",
+      "timestamp" : "2023-01-13T01:28:00.28Z"
+    },
+    "decryption_health" : {
+      "status" : "ok",
+      "timestamp" : "2023-01-13T01:28:00.28Z"
+    }
+  },
+  "alerting_framework_heath" : {
+    "_deprecated" : "This state property has a typo, use \"alerting_framework_health\" instead.",
+    "execution_health" : {
+      "status" : "ok",
+      "timestamp" : "2023-01-13T01:28:00.28Z"
+    },
+    "read_health" : {
+      "status" : "ok",
+      "timestamp" : "2023-01-13T01:28:00.28Z"
+    },
+    "decryption_health" : {
+      "status" : "ok",
+      "timestamp" : "2023-01-13T01:28:00.28Z"
+    }
+  },
+  "has_permanent_encryption_key" : true,
+  "is_sufficiently_secure" : true
+}
    + +

    Produces

    + This API call produces the following media types according to the Accept request header; + the media type will be conveyed by the Content-Type response header. + + +

    Responses

    +

    200

    + Indicates a successful call. + getAlertingHealth_200_response +

    401

    + Authorization information is missing or invalid. + 401_response
    Up 
    get /s/{spaceId}/api/alerting/rule/{ruleId}
    -
    Retrieve a rule by its identifier. (getRule)
    +
    Retrieves a rule by its identifier. (getRule)
    You must have read privileges for the appropriate Kibana features, depending on the consumer and rule_type_id of the rules you're seeking. For example, the Management > Stack Rules feature, Analytics > Discover and Machine Learning features, Observability features, or Security features. To get rules associated with the Stack Monitoring feature, use the monitoring_user built-in role.

    Path parameters

    @@ -424,13 +544,154 @@ Any modifications made to this file will be overwritten.

    200

    Indicates a successful call. rule_response_properties +

    401

    + Authorization information is missing or invalid. + 401_response +

    404

    + Object is not found. + 404_response +
    +
    +
    +
    + Up + 
    get /s/{spaceId}/api/alerting/rule_types
    +
    Retrieves a list of rule types. (getRuleTypes)
    +
    If you have read privileges for one or more Kibana features, the API response contains information about the appropriate rule types. For example, there are rule types associated with the Management > Stack Rules feature, Analytics > Discover and Machine Learning features, Observability features, and Security features. To get rule types associated with the Stack Monitoring feature, use the monitoring_user built-in role.
    + +

    Path parameters

    +
    +
    spaceId (required)
    + +
    Path Parameter — An identifier for the space. If /s/ and the identifier are omitted from the path, the default space is used. default: null
    +
    + + + + + + +

    Return type

    +
    + array[getRuleTypes_200_response_inner] + +
    + + + +

    Example data

    +
    Content-Type: application/json
    + 
    {
+  "recovery_action_group" : {
+    "name" : "name",
+    "id" : "id"
+  },
+  "does_set_recovery_context" : true,
+  "is_exportable" : true,
+  "authorized_consumers" : {
+    "alerts" : {
+      "all" : true,
+      "read" : true
+    },
+    "discover" : {
+      "all" : true,
+      "read" : true
+    },
+    "stackAlerts" : {
+      "all" : true,
+      "read" : true
+    },
+    "infrastructure" : {
+      "all" : true,
+      "read" : true
+    },
+    "siem" : {
+      "all" : true,
+      "read" : true
+    },
+    "monitoring" : {
+      "all" : true,
+      "read" : true
+    },
+    "logs" : {
+      "all" : true,
+      "read" : true
+    },
+    "apm" : {
+      "all" : true,
+      "read" : true
+    },
+    "ml" : {
+      "all" : true,
+      "read" : true
+    },
+    "uptime" : {
+      "all" : true,
+      "read" : true
+    }
+  },
+  "action_groups" : [ {
+    "name" : "name",
+    "id" : "id"
+  }, {
+    "name" : "name",
+    "id" : "id"
+  } ],
+  "minimum_license_required" : "basic",
+  "action_variables" : {
+    "context" : [ {
+      "name" : "name",
+      "description" : "description",
+      "useWithTripleBracesInTemplates" : true
+    }, {
+      "name" : "name",
+      "description" : "description",
+      "useWithTripleBracesInTemplates" : true
+    } ],
+    "state" : [ {
+      "name" : "name",
+      "description" : "description"
+    }, {
+      "name" : "name",
+      "description" : "description"
+    } ],
+    "params" : [ {
+      "name" : "name",
+      "description" : "description"
+    }, {
+      "name" : "name",
+      "description" : "description"
+    } ]
+  },
+  "rule_task_timeout" : "5m",
+  "name" : "name",
+  "enabled_in_license" : true,
+  "producer" : "stackAlerts",
+  "id" : "id",
+  "default_action_group_id" : "default_action_group_id"
+}
    + +

    Produces

    + This API call produces the following media types according to the Accept request header; + the media type will be conveyed by the Content-Type response header. + + +

    Responses

    +

    200

    + Indicates a successful call. + +

    401

    + Authorization information is missing or invalid. + 401_response
    Up 
    post /s/{spaceId}/api/alerting/rule/{ruleId}/alert/{alertId}/_mute
    -
    Mute an alert. (muteAlert)
    +
    Mutes an alert. (muteAlert)
    You must have all privileges for the appropriate Kibana features, depending on the consumer and rule_type_id of the rule. For example, the Management > Stack Rules feature, Analytics > Discover and Machine Learning features, Observability, and Security features. If the rule has actions, you must also have read privileges for the Management > Actions and Connectors feature.

    Path parameters

    @@ -460,18 +721,27 @@ Any modifications made to this file will be overwritten. +

    Produces

    + This API call produces the following media types according to the Accept request header; + the media type will be conveyed by the Content-Type response header. +

    Responses

    204

    Indicates a successful call. +

    401

    + Authorization information is missing or invalid. + 401_response
    Up 
    post /s/{spaceId}/api/alerting/rule/{ruleId}/_mute_all
    -
    Mute all alerts. (muteAllAlerts)
    +
    Mutes all alerts. (muteAllAlerts)
    This API snoozes the notifications for the rule indefinitely. The rule checks continue to occur but alerts will not trigger any actions. You must have all privileges for the appropriate Kibana features, depending on the consumer and rule_type_id of the rule. For example, the Management > Stack Rules feature, Analytics > Discover and Machine Learning features, Observability, and Security features. If the rule has actions, you must also have read privileges for the Management > Actions and Connectors feature.

    Path parameters

    @@ -499,18 +769,27 @@ Any modifications made to this file will be overwritten. +

    Produces

    + This API call produces the following media types according to the Accept request header; + the media type will be conveyed by the Content-Type response header. +

    Responses

    204

    Indicates a successful call. +

    401

    + Authorization information is missing or invalid. + 401_response
    Up 
    post /s/{spaceId}/api/alerting/rule/{ruleId}/alert/{alertId}/_unmute
    -
    Unmute an alert. (unmuteAlert)
    +
    Unmutes an alert. (unmuteAlert)
    You must have all privileges for the appropriate Kibana features, depending on the consumer and rule_type_id of the rule. For example, the Management > Stack Rules feature, Analytics > Discover and Machine Learning features, Observability, and Security features. If the rule has actions, you must also have read privileges for the Management > Actions and Connectors feature.

    Path parameters

    @@ -540,18 +819,27 @@ Any modifications made to this file will be overwritten. +

    Produces

    + This API call produces the following media types according to the Accept request header; + the media type will be conveyed by the Content-Type response header. +

    Responses

    204

    Indicates a successful call. +

    401

    + Authorization information is missing or invalid. + 401_response
    Up 
    post /s/{spaceId}/api/alerting/rule/{ruleId}/_unmute_all
    -
    Unmute all alerts. (unmuteAllAlerts)
    +
    Unmutes all alerts. (unmuteAllAlerts)
    If the rule has its notifications snoozed indefinitely, this API cancels the snooze. You must have all privileges for the appropriate Kibana features, depending on the consumer and rule_type_id of the rule. For example, the Management > Stack Rules feature, Analytics > Discover and Machine Learning features, Observability, and Security features. If the rule has actions, you must also have read privileges for the Management > Actions and Connectors feature.

    Path parameters

    @@ -579,11 +867,20 @@ Any modifications made to this file will be overwritten. +

    Produces

    + This API call produces the following media types according to the Accept request header; + the media type will be conveyed by the Content-Type response header. +

    Responses

    204

    Indicates a successful call. +

    401

    + Authorization information is missing or invalid. + 401_response
    @@ -702,6 +999,12 @@ Any modifications made to this file will be overwritten.

    200

    Indicates a successful call.     rule_response_properties +

    401

    + Authorization information is missing or invalid. + 401_response +

    404

    + Object is not found. + 404_response
    @@ -710,10 +1013,27 @@ Any modifications made to this file will be overwritten.

    Table of Contents

      +
    1. 401_response - Unsuccessful rule API response
      2. +
    2. 404_response -
    3. actions_inner -
    4. findRules_200_response -
    5. findRules_has_reference_parameter -
    6. findRules_search_fields_parameter -
      7. +
    7. getAlertingHealth_200_response -
      8. +
    8. getAlertingHealth_200_response_alerting_framework_health -
      9. +
    9. getAlertingHealth_200_response_alerting_framework_health_decryption_health -
      10. +
    10. getAlertingHealth_200_response_alerting_framework_health_execution_health -
      11. +
    11. getAlertingHealth_200_response_alerting_framework_health_read_health -
      12. +
    12. getAlertingHealth_200_response_alerting_framework_heath -
      13. +
    13. getAlertingHealth_200_response_alerting_framework_heath_decryption_health -
      14. +
    14. getRuleTypes_200_response_inner -
      15. +
    15. getRuleTypes_200_response_inner_action_groups_inner -
      16. +
    16. getRuleTypes_200_response_inner_action_variables -
      17. +
    17. getRuleTypes_200_response_inner_action_variables_context_inner -
      18. +
    18. getRuleTypes_200_response_inner_action_variables_params_inner -
      19. +
    19. getRuleTypes_200_response_inner_authorized_consumers -
      20. +
    20. getRuleTypes_200_response_inner_authorized_consumers_alerts -
      21. +
    21. getRuleTypes_200_response_inner_recovery_action_group -
    22. notify_when -
    23. rule_response_properties - Rule response properties
    24. rule_response_properties_execution_status -
      25. @@ -723,6 +1043,32 @@ Any modifications made to this file will be overwritten.
    25. update_rule_request - Update rule request
    +
    +

    401_response - Unsuccessful rule API response Up

    +
    +
    +
    error (optional)
    String
    +
    Enum:
    +
    Unauthorized
    +
    message (optional)
    String
    +
    statusCode (optional)
    Integer
    +
    Enum:
    +
    401
    +
    +
    +
    +

    404_response - Up

    +
    +
    +
    error (optional)
    String
    +
    Enum:
    +
    Not Found
    +
    message (optional)
    String
    +
    statusCode (optional)
    Integer
    +
    Enum:
    +
    404
    +
    +

    actions_inner - Up

    @@ -756,6 +1102,158 @@ Any modifications made to this file will be overwritten.
    +
    +

    getAlertingHealth_200_response - Up

    +
    +
    +
    alerting_framework_heath (optional)
    getAlertingHealth_200_response_alerting_framework_heath
    +
    alerting_framework_health (optional)
    getAlertingHealth_200_response_alerting_framework_health
    +
    has_permanent_encryption_key (optional)
    Boolean If false, the encrypted saved object plugin does not have a permanent encryption key.
    +
    is_sufficiently_secure (optional)
    Boolean If false, security is enabled but TLS is not.
    +
    +
    +
    +

    getAlertingHealth_200_response_alerting_framework_health - Up

    +
    Three substates identify the health of the alerting framework: decryption_health, execution_health, and read_health.
    +
    +
    decryption_health (optional)
    getAlertingHealth_200_response_alerting_framework_health_decryption_health
    +
    execution_health (optional)
    getAlertingHealth_200_response_alerting_framework_health_execution_health
    +
    read_health (optional)
    getAlertingHealth_200_response_alerting_framework_health_read_health
    +
    +
    +
    +

    getAlertingHealth_200_response_alerting_framework_health_decryption_health - Up

    +
    The timestamp and status of the rule decryption.
    +
    +
    status (optional)
    String
    +
    Enum:
    +
    error
    ok
    warn
    +
    timestamp (optional)
    Date format: date-time
    +
    +
    +
    +

    getAlertingHealth_200_response_alerting_framework_health_execution_health - Up

    +
    The timestamp and status of the rule run.
    +
    +
    status (optional)
    String
    +
    Enum:
    +
    error
    ok
    warn
    +
    timestamp (optional)
    Date format: date-time
    +
    +
    +
    +

    getAlertingHealth_200_response_alerting_framework_health_read_health - Up

    +
    The timestamp and status of the rule reading events.
    +
    +
    status (optional)
    String
    +
    Enum:
    +
    error
    ok
    warn
    +
    timestamp (optional)
    Date format: date-time
    +
    +
    +
    +

    getAlertingHealth_200_response_alerting_framework_heath - Up

    +
    This property has a typo. Use alerting_framework_health instead.
    +
    +
    _deprecated (optional)
    String
    +
    decryption_health (optional)
    getAlertingHealth_200_response_alerting_framework_heath_decryption_health
    +
    execution_health (optional)
    getAlertingHealth_200_response_alerting_framework_heath_decryption_health
    +
    read_health (optional)
    getAlertingHealth_200_response_alerting_framework_heath_decryption_health
    +
    +
    +
    +

    getAlertingHealth_200_response_alerting_framework_heath_decryption_health - Up

    +
    +
    +
    status (optional)
    String
    +
    timestamp (optional)
    Date format: date-time
    +
    +
    +
    +

    getRuleTypes_200_response_inner - Up

    +
    +
    +
    action_groups (optional)
    array[getRuleTypes_200_response_inner_action_groups_inner] An explicit list of groups for which the rule type can schedule actions, each with the action group's unique ID and human readable name. Rule actions validation uses this configuration to ensure that groups are valid.
    +
    action_variables (optional)
    getRuleTypes_200_response_inner_action_variables
    +
    authorized_consumers (optional)
    getRuleTypes_200_response_inner_authorized_consumers
    +
    default_action_group_id (optional)
    String The default identifier for the rule type group.
    +
    does_set_recovery_context (optional)
    Boolean Indicates whether the rule passes context variables to its recovery action.
    +
    enabled_in_license (optional)
    Boolean Indicates whether the rule type is enabled or disabled based on the subscription.
    +
    id (optional)
    String The unique identifier for the rule type.
    +
    is_exportable (optional)
    Boolean Indicates whether the rule type is exportable in Stack Management > Saved Objects.
    +
    minimum_license_required (optional)
    String The subscriptions required to use the rule type.
    +
    name (optional)
    String The descriptive name of the rule type.
    +
    producer (optional)
    String An identifier for the application that produces this rule type.
    +
    recovery_action_group (optional)
    getRuleTypes_200_response_inner_recovery_action_group
    +
    rule_task_timeout (optional)
    String
    +
    +
    +
    +

    getRuleTypes_200_response_inner_action_groups_inner - Up

    +
    +
    +
    id (optional)
    String
    +
    name (optional)
    String
    +
    +
    +
    +

    getRuleTypes_200_response_inner_action_variables - Up

    +
    A list of action variables that the rule type makes available via context and state in action parameter templates, and a short human readable description. When you create a rule in Kibana, it uses this information to prompt you for these variables in action parameter editors.
    +
    +
    context (optional)
    array[getRuleTypes_200_response_inner_action_variables_context_inner]
    +
    params (optional)
    array[getRuleTypes_200_response_inner_action_variables_params_inner]
    +
    state (optional)
    array[getRuleTypes_200_response_inner_action_variables_params_inner]
    +
    +
    +
    +

    getRuleTypes_200_response_inner_action_variables_context_inner - Up

    +
    +
    +
    name (optional)
    String
    +
    description (optional)
    String
    +
    useWithTripleBracesInTemplates (optional)
    Boolean
    +
    +
    +
    +

    getRuleTypes_200_response_inner_action_variables_params_inner - Up

    +
    +
    +
    description (optional)
    String
    +
    name (optional)
    String
    +
    +
    +
    +

    getRuleTypes_200_response_inner_authorized_consumers - Up

    +
    The list of the plugins IDs that have access to the rule type.
    +
    +
    alerts (optional)
    getRuleTypes_200_response_inner_authorized_consumers_alerts
    +
    apm (optional)
    getRuleTypes_200_response_inner_authorized_consumers_alerts
    +
    discover (optional)
    getRuleTypes_200_response_inner_authorized_consumers_alerts
    +
    infrastructure (optional)
    getRuleTypes_200_response_inner_authorized_consumers_alerts
    +
    logs (optional)
    getRuleTypes_200_response_inner_authorized_consumers_alerts
    +
    ml (optional)
    getRuleTypes_200_response_inner_authorized_consumers_alerts
    +
    monitoring (optional)
    getRuleTypes_200_response_inner_authorized_consumers_alerts
    +
    siem (optional)
    getRuleTypes_200_response_inner_authorized_consumers_alerts
    +
    stackAlerts (optional)
    getRuleTypes_200_response_inner_authorized_consumers_alerts
    +
    uptime (optional)
    getRuleTypes_200_response_inner_authorized_consumers_alerts
    +
    +
    +
    +

    getRuleTypes_200_response_inner_authorized_consumers_alerts - Up

    +
    +
    +
    all (optional)
    Boolean
    +
    read (optional)
    Boolean
    +
    +
    +
    +

    getRuleTypes_200_response_inner_recovery_action_group - Up

    +
    An action group to use when an alert goes from an active state to an inactive one.
    +
    +
    id (optional)
    String
    +
    name (optional)
    String
    +
    +

    notify_when - Up

    Indicates how often alerts generate actions. Valid values include: onActionGroupChange: Actions run when the alert status changes; onActiveAlert: Actions run when the alert becomes active and at each check interval while the rule conditions are met; onThrottleInterval: Actions run when the alert becomes active and at the interval specified in the throttle property while the rule conditions are met.
    diff --git a/docs/api/alerting/health.asciidoc b/docs/api/alerting/health.asciidoc index 1f0c8936419b5e..ce22ece799b76f 100644 --- a/docs/api/alerting/health.asciidoc +++ b/docs/api/alerting/health.asciidoc @@ -6,6 +6,12 @@ Retrieve the health status of the alerting framework. +[NOTE] +==== +For the most up-to-date API details, refer to the +{kib-repo}/tree/{branch}/x-pack/plugins/alerting/docs/openapi[open API specification]. For a preview, check out <>. +==== + [[get-alerting-framework-health-api-request]] === {api-request-title} diff --git a/docs/api/alerting/list_rule_types.asciidoc b/docs/api/alerting/list_rule_types.asciidoc index 1d37ff9e4dbcc6..32b4be086705a7 100644 --- a/docs/api/alerting/list_rule_types.asciidoc +++ b/docs/api/alerting/list_rule_types.asciidoc @@ -6,6 +6,13 @@ Retrieve a list of rule types that the user is authorized to access. +[NOTE] +==== +For the most up-to-date API details, refer to the +{kib-repo}/tree/{branch}/x-pack/plugins/alerting/docs/openapi[open API specification]. For a preview, check out <>. +==== + + [[list-rule-types-api-request]] === {api-request-title} diff --git a/x-pack/plugins/alerting/docs/openapi/bundled.json b/x-pack/plugins/alerting/docs/openapi/bundled.json index 8adf80f41a8361..53b0ad2e75a732 100644 --- a/x-pack/plugins/alerting/docs/openapi/bundled.json +++ b/x-pack/plugins/alerting/docs/openapi/bundled.json @@ -27,7 +27,7 @@ "paths": { "/s/{spaceId}/api/alerting/rule/{ruleId}": { "get": { - "summary": "Retrieve a rule by its identifier.", + "summary": "Retrieves a rule by its identifier.", "operationId": "getRule", "description": "You must have `read` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rules you're seeking. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability** features, or **Security** features. To get rules associated with the **Stack Monitoring** feature, use the `monitoring_user` built-in role.\n", "tags": [ @@ -50,14 +50,39 @@ "$ref": "#/components/schemas/rule_response_properties" }, "examples": { - "updateRuleResponse": { + "getRuleResponse": { "$ref": "#/components/examples/get_rule_response" } } } } + }, + "401": { + "description": "Authorization information is missing or invalid.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/401_response" + } + } + } + }, + "404": { + "description": "Object is not found.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/404_response" + } + } + } } - } + }, + "servers": [ + { + "url": "https://localhost:5601" + } + ] }, "delete": { "summary": "Deletes a rule.", @@ -80,6 +105,26 @@ "responses": { "204": { "description": "Indicates a successful call." + }, + "401": { + "description": "Authorization information is missing or invalid.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/401_response" + } + } + } + }, + "404": { + "description": "Object is not found.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/404_response" + } + } + } } }, "servers": [ @@ -136,6 +181,26 @@ } } } + }, + "401": { + "description": "Authorization information is missing or invalid.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/401_response" + } + } + } + }, + "404": { + "description": "Object is not found.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/404_response" + } + } + } } }, "servers": [ @@ -152,7 +217,7 @@ }, "/s/{spaceId}/api/alerting/rule/{ruleId}/_disable": { "post": { - "summary": "Disable a rule.", + "summary": "Disables a rule.", "operationId": "disableRule", "description": "You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features.\n", "tags": [ @@ -172,6 +237,26 @@ "responses": { "204": { "description": "Indicates a successful call." + }, + "401": { + "description": "Authorization information is missing or invalid.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/401_response" + } + } + } + }, + "404": { + "description": "Object is not found.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/404_response" + } + } + } } }, "servers": [ @@ -188,7 +273,7 @@ }, "/s/{spaceId}/api/alerting/rule/{ruleId}/_enable": { "post": { - "summary": "Enable a rule.", + "summary": "Enables a rule.", "operationId": "enableRule", "description": "This API supports token-based authentication only. You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features.\n", "tags": [ @@ -208,6 +293,26 @@ "responses": { "204": { "description": "Indicates a successful call." + }, + "401": { + "description": "Authorization information is missing or invalid.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/401_response" + } + } + } + }, + "404": { + "description": "Object is not found.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/401_response" + } + } + } } }, "servers": [ @@ -380,6 +485,16 @@ } } } + }, + "401": { + "description": "Authorization information is missing or invalid.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/401_response" + } + } + } } }, "servers": [ @@ -394,9 +509,471 @@ } ] }, + "/s/{spaceId}/api/alerting/_health": { + "get": { + "summary": "Retrieves the health status of the alerting framework.", + "operationId": "getAlertingHealth", + "description": "You must have `read` privileges for the **Management > Stack Rules** feature or for at least one of the **Analytics > Discover**, **Analytics > Machine Learning**, **Observability**, or **Security** features.\n", + "tags": [ + "alerting" + ], + "parameters": [ + { + "$ref": "#/components/parameters/space_id" + } + ], + "responses": { + "200": { + "description": "Indicates a successful call.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "alerting_framework_heath": { + "type": "object", + "description": "This property has a typo. Use `alerting_framework_health` instead.", + "deprecated": true, + "properties": { + "_deprecated": { + "type": "string", + "example": "This state property has a typo, use \"alerting_framework_health\" instead." + }, + "decryption_health": { + "type": "object", + "properties": { + "status": { + "type": "string", + "example": "ok" + }, + "timestamp": { + "type": "string", + "format": "date-time", + "example": "2023-01-13T01:28:00.280Z" + } + } + }, + "execution_health": { + "type": "object", + "properties": { + "status": { + "type": "string", + "example": "ok" + }, + "timestamp": { + "type": "string", + "format": "date-time", + "example": "2023-01-13T01:28:00.280Z" + } + } + }, + "read_health": { + "type": "object", + "properties": { + "status": { + "type": "string", + "example": "ok" + }, + "timestamp": { + "type": "string", + "format": "date-time", + "example": "2023-01-13T01:28:00.280Z" + } + } + } + } + }, + "alerting_framework_health": { + "type": "object", + "description": "Three substates identify the health of the alerting framework: `decryption_health`, `execution_health`, and `read_health`.\n", + "properties": { + "decryption_health": { + "type": "object", + "description": "The timestamp and status of the rule decryption.", + "properties": { + "status": { + "type": "string", + "example": "ok", + "enum": [ + "error", + "ok", + "warn" + ] + }, + "timestamp": { + "type": "string", + "format": "date-time", + "example": "2023-01-13T01:28:00.280Z" + } + } + }, + "execution_health": { + "type": "object", + "description": "The timestamp and status of the rule run.", + "properties": { + "status": { + "type": "string", + "example": "ok", + "enum": [ + "error", + "ok", + "warn" + ] + }, + "timestamp": { + "type": "string", + "format": "date-time", + "example": "2023-01-13T01:28:00.280Z" + } + } + }, + "read_health": { + "type": "object", + "description": "The timestamp and status of the rule reading events.", + "properties": { + "status": { + "type": "string", + "example": "ok", + "enum": [ + "error", + "ok", + "warn" + ] + }, + "timestamp": { + "type": "string", + "format": "date-time", + "example": "2023-01-13T01:28:00.280Z" + } + } + } + } + }, + "has_permanent_encryption_key": { + "type": "boolean", + "description": "If `false`, the encrypted saved object plugin does not have a permanent encryption key.", + "example": true + }, + "is_sufficiently_secure": { + "type": "boolean", + "description": "If `false`, security is enabled but TLS is not.", + "example": true + } + } + }, + "examples": { + "getAlertingHealthResponse": { + "$ref": "#/components/examples/get_health_response" + } + } + } + } + }, + "401": { + "description": "Authorization information is missing or invalid.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/401_response" + } + } + } + } + } + }, + "servers": [ + { + "url": "https://localhost:5601" + } + ] + }, + "/s/{spaceId}/api/alerting/rule_types": { + "get": { + "summary": "Retrieves a list of rule types.", + "operationId": "getRuleTypes", + "description": "If you have `read` privileges for one or more Kibana features, the API response contains information about the appropriate rule types. For example, there are rule types associated with the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability** features, and **Security** features. To get rule types associated with the **Stack Monitoring** feature, use the `monitoring_user` built-in role.\n", + "tags": [ + "alerting" + ], + "parameters": [ + { + "$ref": "#/components/parameters/space_id" + } + ], + "responses": { + "200": { + "description": "Indicates a successful call.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "action_groups": { + "description": "An explicit list of groups for which the rule type can schedule actions, each with the action group's unique ID and human readable name. Rule actions validation uses this configuration to ensure that groups are valid.\n", + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string" + }, + "name": { + "type": "string" + } + } + } + }, + "action_variables": { + "description": "A list of action variables that the rule type makes available via context and state in action parameter templates, and a short human readable description. When you create a rule in Kibana, it uses this information to prompt you for these variables in action parameter editors.\n", + "type": "object", + "properties": { + "context": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "description": { + "type": "string" + }, + "useWithTripleBracesInTemplates": { + "type": "boolean" + } + } + } + }, + "params": { + "type": "array", + "items": { + "type": "object", + "properties": { + "description": { + "type": "string" + }, + "name": { + "type": "string" + } + } + } + }, + "state": { + "type": "array", + "items": { + "type": "object", + "properties": { + "description": { + "type": "string" + }, + "name": { + "type": "string" + } + } + } + } + } + }, + "authorized_consumers": { + "description": "The list of the plugins IDs that have access to the rule type.", + "type": "object", + "properties": { + "alerts": { + "type": "object", + "properties": { + "all": { + "type": "boolean" + }, + "read": { + "type": "boolean" + } + } + }, + "apm": { + "type": "object", + "properties": { + "all": { + "type": "boolean" + }, + "read": { + "type": "boolean" + } + } + }, + "discover": { + "type": "object", + "properties": { + "all": { + "type": "boolean" + }, + "read": { + "type": "boolean" + } + } + }, + "infrastructure": { + "type": "object", + "properties": { + "all": { + "type": "boolean" + }, + "read": { + "type": "boolean" + } + } + }, + "logs": { + "type": "object", + "properties": { + "all": { + "type": "boolean" + }, + "read": { + "type": "boolean" + } + } + }, + "ml": { + "type": "object", + "properties": { + "all": { + "type": "boolean" + }, + "read": { + "type": "boolean" + } + } + }, + "monitoring": { + "type": "object", + "properties": { + "all": { + "type": "boolean" + }, + "read": { + "type": "boolean" + } + } + }, + "siem": { + "type": "object", + "properties": { + "all": { + "type": "boolean" + }, + "read": { + "type": "boolean" + } + } + }, + "stackAlerts": { + "type": "object", + "properties": { + "all": { + "type": "boolean" + }, + "read": { + "type": "boolean" + } + } + }, + "uptime": { + "type": "object", + "properties": { + "all": { + "type": "boolean" + }, + "read": { + "type": "boolean" + } + } + } + } + }, + "default_action_group_id": { + "description": "The default identifier for the rule type group.", + "type": "string" + }, + "does_set_recovery_context": { + "description": "Indicates whether the rule passes context variables to its recovery action.", + "type": "boolean" + }, + "enabled_in_license": { + "description": "Indicates whether the rule type is enabled or disabled based on the subscription.", + "type": "boolean" + }, + "id": { + "description": "The unique identifier for the rule type.", + "type": "string" + }, + "is_exportable": { + "description": "Indicates whether the rule type is exportable in **Stack Management > Saved Objects**.", + "type": "boolean" + }, + "minimum_license_required": { + "description": "The subscriptions required to use the rule type.", + "type": "string", + "example": "basic" + }, + "name": { + "description": "The descriptive name of the rule type.", + "type": "string" + }, + "producer": { + "description": "An identifier for the application that produces this rule type.", + "type": "string", + "example": "stackAlerts" + }, + "recovery_action_group": { + "description": "An action group to use when an alert goes from an active state to an inactive one.", + "type": "object", + "properties": { + "id": { + "type": "string" + }, + "name": { + "type": "string" + } + } + }, + "rule_task_timeout": { + "type": "string", + "example": "5m" + } + } + } + }, + "examples": { + "getRuleTypesResponse": { + "$ref": "#/components/examples/get_rule_types_response" + } + } + } + } + }, + "401": { + "description": "Authorization information is missing or invalid.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/401_response" + } + } + } + } + } + }, + "servers": [ + { + "url": "https://localhost:5601" + } + ] + }, "/s/{spaceId}/api/alerting/rule/{ruleId}/_mute_all": { "post": { - "summary": "Mute all alerts.", + "summary": "Mutes all alerts.", "operationId": "muteAllAlerts", "description": "This API snoozes the notifications for the rule indefinitely. The rule checks continue to occur but alerts will not trigger any actions. You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features. If the rule has actions, you must also have `read` privileges for the **Management > Actions and Connectors** feature.\n", "tags": [ @@ -416,6 +993,16 @@ "responses": { "204": { "description": "Indicates a successful call." + }, + "401": { + "description": "Authorization information is missing or invalid.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/401_response" + } + } + } } }, "servers": [ @@ -432,7 +1019,7 @@ }, "/s/{spaceId}/api/alerting/rule/{ruleId}/_unmute_all": { "post": { - "summary": "Unmute all alerts.", + "summary": "Unmutes all alerts.", "operationId": "unmuteAllAlerts", "description": "If the rule has its notifications snoozed indefinitely, this API cancels the snooze. You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features. If the rule has actions, you must also have `read` privileges for the **Management > Actions and Connectors** feature.\n", "tags": [ @@ -452,6 +1039,16 @@ "responses": { "204": { "description": "Indicates a successful call." + }, + "401": { + "description": "Authorization information is missing or invalid.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/401_response" + } + } + } } }, "servers": [ @@ -468,7 +1065,7 @@ }, "/s/{spaceId}/api/alerting/rule/{ruleId}/alert/{alertId}/_mute": { "post": { - "summary": "Mute an alert.", + "summary": "Mutes an alert.", "operationId": "muteAlert", "description": "You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features. If the rule has actions, you must also have `read` privileges for the **Management > Actions and Connectors** feature. \n", "tags": [ @@ -491,6 +1088,16 @@ "responses": { "204": { "description": "Indicates a successful call." + }, + "401": { + "description": "Authorization information is missing or invalid.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/401_response" + } + } + } } }, "servers": [ @@ -507,7 +1114,7 @@ }, "/s/{spaceId}/api/alerting/rule/{ruleId}/alert/{alertId}/_unmute": { "post": { - "summary": "Unmute an alert.", + "summary": "Unmutes an alert.", "operationId": "unmuteAlert", "description": "You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features. If the rule has actions, you must also have `read` privileges for the **Management > Actions and Connectors** feature. \n", "tags": [ @@ -530,6 +1137,16 @@ "responses": { "204": { "description": "Indicates a successful call." + }, + "401": { + "description": "Authorization information is missing or invalid.", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/401_response" + } + } + } } }, "servers": [ @@ -838,6 +1455,52 @@ } } }, + "401_response": { + "type": "object", + "title": "Unsuccessful rule API response", + "properties": { + "error": { + "type": "string", + "example": "Unauthorized", + "enum": [ + "Unauthorized" + ] + }, + "message": { + "type": "string" + }, + "statusCode": { + "type": "integer", + "example": 401, + "enum": [ + 401 + ] + } + } + }, + "404_response": { + "type": "object", + "properties": { + "error": { + "type": "string", + "example": "Not Found", + "enum": [ + "Not Found" + ] + }, + "message": { + "type": "string", + "example": "Saved object [alert/caaad6d0-920c-11ed-b36a-874bd1548a00] not found" + }, + "statusCode": { + "type": "integer", + "example": 404, + "enum": [ + 404 + ] + } + } + }, "update_rule_request": { "title": "Update rule request", "description": "The update rule API request body varies depending on the type of rule and actions.", @@ -1115,6 +1778,174 @@ } ] } + }, + "get_health_response": { + "summary": "Retrieve information about the health of the alerting framework.", + "value": { + "is_sufficiently_secure": true, + "has_permanent_encryption_key": true, + "alerting_framework_health": { + "decryption_health": { + "status": "ok", + "timestamp": "2023-01-13T01:28:00.280Z" + }, + "execution_health": { + "status": "ok", + "timestamp": "2023-01-13T01:28:00.280Z" + }, + "read_health": { + "status": "ok", + "timestamp": "2023-01-13T01:28:00.280Z" + } + }, + "alerting_framework_heath": { + "_deprecated": "This state property has a typo, use \"alerting_framework_health\" instead.", + "decryption_health": { + "status": "ok", + "timestamp": "2023-01-13T01:28:00.280Z" + }, + "execution_health": { + "status": "ok", + "timestamp": "2023-01-13T01:28:00.280Z" + }, + "read_health": { + "status": "ok", + "timestamp": "2023-01-13T01:28:00.280Z" + } + } + } + }, + "get_rule_types_response": { + "summary": "Retrieve rule types associated with Kibana machine learning features", + "value": [ + { + "id": "xpack.ml.anomaly_detection_alert", + "action_groups": [ + { + "id": "anomaly_score_match", + "name": "Anomaly score matched the condition" + }, + { + "id": "recovered", + "name": "Recovered" + } + ], + "action_variables": { + "context": [ + { + "name": "timestamp", + "description": "The bucket timestamp of the anomaly" + }, + { + "name": "timestampIso8601", + "description": "The bucket time of the anomaly in ISO8601 format" + }, + { + "name": "jobIds", + "description": "List of job IDs that triggered the alert" + }, + { + "name": "message", + "description": "Alert info message" + }, + { + "name": "isInterim", + "description": "Indicate if top hits contain interim results" + }, + { + "name": "score", + "description": "Anomaly score at the time of the notification action" + }, + { + "name": "topRecords", + "description": "Top records" + }, + { + "name": "topInfluencers", + "description": "Top influencers" + }, + { + "name": "anomalyExplorerUrl", + "description": "URL to open in the Anomaly Explorer", + "useWithTripleBracesInTemplates": true + } + ], + "params": [], + "state": [] + }, + "authorized_consumers": { + "alerts": { + "all": true, + "read": true + }, + "ml": { + "all": true, + "read": true + } + }, + "default_action_group_id": "anomaly_score_match", + "does_set_recovery_context": true, + "enabled_in_license": true, + "is_exportable": true, + "minimum_license_required": "platinum", + "name": "Anomaly detection alert", + "producer": "ml", + "recovery_action_group": { + "id": "recovered", + "name": "Recovered" + }, + "rule_task_timeout": "5m" + }, + { + "id": "xpack.ml.anomaly_detection_jobs_health", + "action_groups": [ + { + "id": "anomaly_detection_realtime_issue", + "name": "Issue detected" + }, + { + "id": "recovered", + "name": "Recovered" + } + ], + "action_variables": { + "context": [ + { + "name": "results", + "description": "Results of the rule execution" + }, + { + "name": "message", + "description": "Alert info message" + } + ], + "params": [], + "state": [] + }, + "authorized_consumers": { + "alerts": { + "all": true, + "read": true + }, + "ml": { + "all": true, + "read": true + } + }, + "default_action_group_id": "anomaly_detection_realtime_issue", + "does_set_recovery_context": true, + "enabled_in_license": true, + "is_exportable": true, + "minimum_license_required": "platinum", + "name": "Anomaly detection jobs health", + "producer": "ml", + "recovery_action_group": { + "id": "recovered", + "name": "Recovered" + }, + "rule_task_timeout": "5m" + } + ] } } }, diff --git a/x-pack/plugins/alerting/docs/openapi/bundled.yaml b/x-pack/plugins/alerting/docs/openapi/bundled.yaml index 029c6293557ce3..95c0f0c266f1f7 100644 --- a/x-pack/plugins/alerting/docs/openapi/bundled.yaml +++ b/x-pack/plugins/alerting/docs/openapi/bundled.yaml @@ -17,7 +17,7 @@ servers: paths: /s/{spaceId}/api/alerting/rule/{ruleId}: get: - summary: Retrieve a rule by its identifier. + summary: Retrieves a rule by its identifier. operationId: getRule description: | You must have `read` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rules you're seeking. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability** features, or **Security** features. To get rules associated with the **Stack Monitoring** feature, use the `monitoring_user` built-in role. @@ -34,8 +34,22 @@ paths: schema: $ref: '#/components/schemas/rule_response_properties' examples: - updateRuleResponse: + getRuleResponse: $ref: '#/components/examples/get_rule_response' + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '#/components/schemas/401_response' + '404': + description: Object is not found. + content: + application/json: + schema: + $ref: '#/components/schemas/404_response' + servers: + - url: https://localhost:5601 delete: summary: Deletes a rule. operationId: deleteRule @@ -50,6 +64,18 @@ paths: responses: '204': description: Indicates a successful call. + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '#/components/schemas/401_response' + '404': + description: Object is not found. + content: + application/json: + schema: + $ref: '#/components/schemas/404_response' servers: - url: https://localhost:5601 put: @@ -82,13 +108,25 @@ paths: examples: updateRuleResponse: $ref: '#/components/examples/update_rule_response' + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '#/components/schemas/401_response' + '404': + description: Object is not found. + content: + application/json: + schema: + $ref: '#/components/schemas/404_response' servers: - url: https://localhost:5601 servers: - url: https://localhost:5601 /s/{spaceId}/api/alerting/rule/{ruleId}/_disable: post: - summary: Disable a rule. + summary: Disables a rule. operationId: disableRule description: | You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features. @@ -101,13 +139,25 @@ paths: responses: '204': description: Indicates a successful call. + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '#/components/schemas/401_response' + '404': + description: Object is not found. + content: + application/json: + schema: + $ref: '#/components/schemas/404_response' servers: - url: https://localhost:5601 servers: - url: https://localhost:5601 /s/{spaceId}/api/alerting/rule/{ruleId}/_enable: post: - summary: Enable a rule. + summary: Enables a rule. operationId: enableRule description: | This API supports token-based authentication only. You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features. @@ -120,6 +170,18 @@ paths: responses: '204': description: Indicates a successful call. + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '#/components/schemas/401_response' + '404': + description: Object is not found. + content: + application/json: + schema: + $ref: '#/components/schemas/401_response' servers: - url: https://localhost:5601 servers: @@ -229,13 +291,331 @@ paths: examples: findRulesResponse: $ref: '#/components/examples/find_rules_response' + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '#/components/schemas/401_response' servers: - url: https://localhost:5601 servers: - url: https://localhost:5601 + /s/{spaceId}/api/alerting/_health: + get: + summary: Retrieves the health status of the alerting framework. + operationId: getAlertingHealth + description: | + You must have `read` privileges for the **Management > Stack Rules** feature or for at least one of the **Analytics > Discover**, **Analytics > Machine Learning**, **Observability**, or **Security** features. + tags: + - alerting + parameters: + - $ref: '#/components/parameters/space_id' + responses: + '200': + description: Indicates a successful call. + content: + application/json: + schema: + type: object + properties: + alerting_framework_heath: + type: object + description: This property has a typo. Use `alerting_framework_health` instead. + deprecated: true + properties: + _deprecated: + type: string + example: This state property has a typo, use "alerting_framework_health" instead. + decryption_health: + type: object + properties: + status: + type: string + example: ok + timestamp: + type: string + format: date-time + example: '2023-01-13T01:28:00.280Z' + execution_health: + type: object + properties: + status: + type: string + example: ok + timestamp: + type: string + format: date-time + example: '2023-01-13T01:28:00.280Z' + read_health: + type: object + properties: + status: + type: string + example: ok + timestamp: + type: string + format: date-time + example: '2023-01-13T01:28:00.280Z' + alerting_framework_health: + type: object + description: | + Three substates identify the health of the alerting framework: `decryption_health`, `execution_health`, and `read_health`. + properties: + decryption_health: + type: object + description: The timestamp and status of the rule decryption. + properties: + status: + type: string + example: ok + enum: + - error + - ok + - warn + timestamp: + type: string + format: date-time + example: '2023-01-13T01:28:00.280Z' + execution_health: + type: object + description: The timestamp and status of the rule run. + properties: + status: + type: string + example: ok + enum: + - error + - ok + - warn + timestamp: + type: string + format: date-time + example: '2023-01-13T01:28:00.280Z' + read_health: + type: object + description: The timestamp and status of the rule reading events. + properties: + status: + type: string + example: ok + enum: + - error + - ok + - warn + timestamp: + type: string + format: date-time + example: '2023-01-13T01:28:00.280Z' + has_permanent_encryption_key: + type: boolean + description: If `false`, the encrypted saved object plugin does not have a permanent encryption key. + example: true + is_sufficiently_secure: + type: boolean + description: If `false`, security is enabled but TLS is not. + example: true + examples: + getAlertingHealthResponse: + $ref: '#/components/examples/get_health_response' + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '#/components/schemas/401_response' + servers: + - url: https://localhost:5601 + /s/{spaceId}/api/alerting/rule_types: + get: + summary: Retrieves a list of rule types. + operationId: getRuleTypes + description: | + If you have `read` privileges for one or more Kibana features, the API response contains information about the appropriate rule types. For example, there are rule types associated with the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability** features, and **Security** features. To get rule types associated with the **Stack Monitoring** feature, use the `monitoring_user` built-in role. + tags: + - alerting + parameters: + - $ref: '#/components/parameters/space_id' + responses: + '200': + description: Indicates a successful call. + content: + application/json: + schema: + type: array + items: + type: object + properties: + action_groups: + description: | + An explicit list of groups for which the rule type can schedule actions, each with the action group's unique ID and human readable name. Rule actions validation uses this configuration to ensure that groups are valid. + type: array + items: + type: object + properties: + id: + type: string + name: + type: string + action_variables: + description: | + A list of action variables that the rule type makes available via context and state in action parameter templates, and a short human readable description. When you create a rule in Kibana, it uses this information to prompt you for these variables in action parameter editors. + type: object + properties: + context: + type: array + items: + type: object + properties: + name: + type: string + description: + type: string + useWithTripleBracesInTemplates: + type: boolean + params: + type: array + items: + type: object + properties: + description: + type: string + name: + type: string + state: + type: array + items: + type: object + properties: + description: + type: string + name: + type: string + authorized_consumers: + description: The list of the plugins IDs that have access to the rule type. + type: object + properties: + alerts: + type: object + properties: + all: + type: boolean + read: + type: boolean + apm: + type: object + properties: + all: + type: boolean + read: + type: boolean + discover: + type: object + properties: + all: + type: boolean + read: + type: boolean + infrastructure: + type: object + properties: + all: + type: boolean + read: + type: boolean + logs: + type: object + properties: + all: + type: boolean + read: + type: boolean + ml: + type: object + properties: + all: + type: boolean + read: + type: boolean + monitoring: + type: object + properties: + all: + type: boolean + read: + type: boolean + siem: + type: object + properties: + all: + type: boolean + read: + type: boolean + stackAlerts: + type: object + properties: + all: + type: boolean + read: + type: boolean + uptime: + type: object + properties: + all: + type: boolean + read: + type: boolean + default_action_group_id: + description: The default identifier for the rule type group. + type: string + does_set_recovery_context: + description: Indicates whether the rule passes context variables to its recovery action. + type: boolean + enabled_in_license: + description: Indicates whether the rule type is enabled or disabled based on the subscription. + type: boolean + id: + description: The unique identifier for the rule type. + type: string + is_exportable: + description: Indicates whether the rule type is exportable in **Stack Management > Saved Objects**. + type: boolean + minimum_license_required: + description: The subscriptions required to use the rule type. + type: string + example: basic + name: + description: The descriptive name of the rule type. + type: string + producer: + description: An identifier for the application that produces this rule type. + type: string + example: stackAlerts + recovery_action_group: + description: An action group to use when an alert goes from an active state to an inactive one. + type: object + properties: + id: + type: string + name: + type: string + rule_task_timeout: + type: string + example: 5m + examples: + getRuleTypesResponse: + $ref: '#/components/examples/get_rule_types_response' + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '#/components/schemas/401_response' + servers: + - url: https://localhost:5601 /s/{spaceId}/api/alerting/rule/{ruleId}/_mute_all: post: - summary: Mute all alerts. + summary: Mutes all alerts. operationId: muteAllAlerts description: | This API snoozes the notifications for the rule indefinitely. The rule checks continue to occur but alerts will not trigger any actions. You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features. If the rule has actions, you must also have `read` privileges for the **Management > Actions and Connectors** feature. @@ -248,13 +628,19 @@ paths: responses: '204': description: Indicates a successful call. + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '#/components/schemas/401_response' servers: - url: https://localhost:5601 servers: - url: https://localhost:5601 /s/{spaceId}/api/alerting/rule/{ruleId}/_unmute_all: post: - summary: Unmute all alerts. + summary: Unmutes all alerts. operationId: unmuteAllAlerts description: | If the rule has its notifications snoozed indefinitely, this API cancels the snooze. You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features. If the rule has actions, you must also have `read` privileges for the **Management > Actions and Connectors** feature. @@ -267,13 +653,19 @@ paths: responses: '204': description: Indicates a successful call. + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '#/components/schemas/401_response' servers: - url: https://localhost:5601 servers: - url: https://localhost:5601 /s/{spaceId}/api/alerting/rule/{ruleId}/alert/{alertId}/_mute: post: - summary: Mute an alert. + summary: Mutes an alert. operationId: muteAlert description: | You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features. If the rule has actions, you must also have `read` privileges for the **Management > Actions and Connectors** feature. @@ -287,13 +679,19 @@ paths: responses: '204': description: Indicates a successful call. + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '#/components/schemas/401_response' servers: - url: https://localhost:5601 servers: - url: https://localhost:5601 /s/{spaceId}/api/alerting/rule/{ruleId}/alert/{alertId}/_unmute: post: - summary: Unmute an alert. + summary: Unmutes an alert. operationId: unmuteAlert description: | You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features. If the rule has actions, you must also have `read` privileges for the **Management > Actions and Connectors** feature. @@ -307,6 +705,12 @@ paths: responses: '204': description: Indicates a successful call. + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '#/components/schemas/401_response' servers: - url: https://localhost:5601 servers: @@ -539,6 +943,38 @@ components: description: The identifier for the user that updated this rule most recently. nullable: true example: elastic + 401_response: + type: object + title: Unsuccessful rule API response + properties: + error: + type: string + example: Unauthorized + enum: + - Unauthorized + message: + type: string + statusCode: + type: integer + example: 401 + enum: + - 401 + 404_response: + type: object + properties: + error: + type: string + example: Not Found + enum: + - Not Found + message: + type: string + example: Saved object [alert/caaad6d0-920c-11ed-b36a-874bd1548a00] not found + statusCode: + type: integer + example: 404 + enum: + - 404 update_rule_request: title: Update rule request description: The update rule API request body varies depending on the type of rule and actions. @@ -770,6 +1206,114 @@ components: warning: null outcome: succeeded next_run: '2022-12-06T01:45:23.912Z' + get_health_response: + summary: Retrieve information about the health of the alerting framework. + value: + is_sufficiently_secure: true + has_permanent_encryption_key: true + alerting_framework_health: + decryption_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + execution_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + read_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + alerting_framework_heath: + _deprecated: This state property has a typo, use "alerting_framework_health" instead. + decryption_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + execution_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + read_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + get_rule_types_response: + summary: Retrieve rule types associated with Kibana machine learning features + value: + - id: xpack.ml.anomaly_detection_alert + action_groups: + - id: anomaly_score_match + name: Anomaly score matched the condition + - id: recovered + name: Recovered + action_variables: + context: + - name: timestamp + description: The bucket timestamp of the anomaly + - name: timestampIso8601 + description: The bucket time of the anomaly in ISO8601 format + - name: jobIds + description: List of job IDs that triggered the alert + - name: message + description: Alert info message + - name: isInterim + description: Indicate if top hits contain interim results + - name: score + description: Anomaly score at the time of the notification action + - name: topRecords + description: Top records + - name: topInfluencers + description: Top influencers + - name: anomalyExplorerUrl + description: URL to open in the Anomaly Explorer + useWithTripleBracesInTemplates: true + params: [] + state: [] + authorized_consumers: + alerts: + all: true + read: true + ml: + all: true + read: true + default_action_group_id: anomaly_score_match + does_set_recovery_context: true + enabled_in_license: true + is_exportable: true + minimum_license_required: platinum + name: Anomaly detection alert + producer: ml + recovery_action_group: + id: recovered + name: Recovered + rule_task_timeout: 5m + - id: xpack.ml.anomaly_detection_jobs_health + action_groups: + - id: anomaly_detection_realtime_issue + name: Issue detected + - id: recovered + name: Recovered + action_variables: + context: + - name: results + description: Results of the rule execution + - name: message + description: Alert info message + params: [] + state: [] + authorized_consumers: + alerts: + all: true + read: true + ml: + all: true + read: true + default_action_group_id: anomaly_detection_realtime_issue + does_set_recovery_context: true + enabled_in_license: true + is_exportable: true + minimum_license_required: platinum + name: Anomaly detection jobs health + producer: ml + recovery_action_group: + id: recovered + name: Recovered + rule_task_timeout: 5m security: - basicAuth: [] - apiKeyAuth: [] diff --git a/x-pack/plugins/alerting/docs/openapi/components/examples/get_health_response.yaml b/x-pack/plugins/alerting/docs/openapi/components/examples/get_health_response.yaml new file mode 100644 index 00000000000000..fcd334cc677cfc --- /dev/null +++ b/x-pack/plugins/alerting/docs/openapi/components/examples/get_health_response.yaml @@ -0,0 +1,25 @@ +summary: Retrieve information about the health of the alerting framework. +value: + is_sufficiently_secure: true + has_permanent_encryption_key: true + alerting_framework_health: + decryption_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + execution_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + read_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + alerting_framework_heath: + _deprecated: "This state property has a typo, use \"alerting_framework_health\" instead." + decryption_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + execution_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + read_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' \ No newline at end of file diff --git a/x-pack/plugins/alerting/docs/openapi/components/examples/get_rule_types_response.yaml b/x-pack/plugins/alerting/docs/openapi/components/examples/get_rule_types_response.yaml new file mode 100644 index 00000000000000..8299f7357a2173 --- /dev/null +++ b/x-pack/plugins/alerting/docs/openapi/components/examples/get_rule_types_response.yaml @@ -0,0 +1,81 @@ +summary: Retrieve rule types associated with Kibana machine learning features +value: + - id: xpack.ml.anomaly_detection_alert + action_groups: + - id: anomaly_score_match + name: Anomaly score matched the condition + - id: recovered + name: Recovered + action_variables: + context: + - name: timestamp + description: The bucket timestamp of the anomaly + - name: timestampIso8601 + description: The bucket time of the anomaly in ISO8601 format + - name: jobIds + description: List of job IDs that triggered the alert + - name: message + description: Alert info message + - name: isInterim + description: Indicate if top hits contain interim results + - name: score + description: Anomaly score at the time of the notification action + - name: topRecords + description: Top records + - name: topInfluencers + description: Top influencers + - name: anomalyExplorerUrl + description: URL to open in the Anomaly Explorer + useWithTripleBracesInTemplates: true + params: [] + state: [] + authorized_consumers: + alerts: + all: true + read: true + ml: + all: true + read: true + default_action_group_id: anomaly_score_match + does_set_recovery_context: true + enabled_in_license: true + is_exportable: true + minimum_license_required: platinum + name: Anomaly detection alert + producer: ml + recovery_action_group: + id: recovered + name: Recovered + rule_task_timeout: 5m + - id: xpack.ml.anomaly_detection_jobs_health + action_groups: + - id: anomaly_detection_realtime_issue + name: Issue detected + - id: recovered + name: Recovered + action_variables: + context: + - name: results + description: Results of the rule execution + - name: message + description: Alert info message + params: [] + state: [] + authorized_consumers: + alerts: + all: true + read: true + ml: + all: true + read: true + default_action_group_id: anomaly_detection_realtime_issue + does_set_recovery_context: true + enabled_in_license: true + is_exportable: true + minimum_license_required: platinum + name: Anomaly detection jobs health + producer: ml + recovery_action_group: + id: recovered + name: Recovered + rule_task_timeout: 5m diff --git a/x-pack/plugins/alerting/docs/openapi/components/schemas/401_response.yaml b/x-pack/plugins/alerting/docs/openapi/components/schemas/401_response.yaml new file mode 100644 index 00000000000000..c6044998f86499 --- /dev/null +++ b/x-pack/plugins/alerting/docs/openapi/components/schemas/401_response.yaml @@ -0,0 +1,15 @@ +type: object +title: Unsuccessful rule API response +properties: + error: + type: string + example: Unauthorized + enum: + - Unauthorized + message: + type: string + statusCode: + type: integer + example: 401 + enum: + - 401 \ No newline at end of file diff --git a/x-pack/plugins/alerting/docs/openapi/components/schemas/404_response.yaml b/x-pack/plugins/alerting/docs/openapi/components/schemas/404_response.yaml new file mode 100644 index 00000000000000..1b8a118703ecbc --- /dev/null +++ b/x-pack/plugins/alerting/docs/openapi/components/schemas/404_response.yaml @@ -0,0 +1,15 @@ +type: object +properties: + error: + type: string + example: Not Found + enum: + - Not Found + message: + type: string + example: "Saved object [alert/caaad6d0-920c-11ed-b36a-874bd1548a00] not found" + statusCode: + type: integer + example: 404 + enum: + - 404 \ No newline at end of file diff --git a/x-pack/plugins/alerting/docs/openapi/entrypoint.yaml b/x-pack/plugins/alerting/docs/openapi/entrypoint.yaml index b26443cfc8dcee..3b141954b30da8 100644 --- a/x-pack/plugins/alerting/docs/openapi/entrypoint.yaml +++ b/x-pack/plugins/alerting/docs/openapi/entrypoint.yaml @@ -23,10 +23,10 @@ paths: $ref: 'paths/s@{spaceid}@api@alerting@rule@{ruleid}@_enable.yaml' '/s/{spaceId}/api/alerting/rules/_find': $ref: 'paths/s@{spaceid}@api@alerting@rules@_find.yaml' -# '/s/{spaceId}/api/alerting/_health': -# $ref: paths/s@{spaceid}@api@alerting@_health.yaml -# '/s/{spaceId}/api/alerting/rule_types': -# $ref: 'paths/s@{spaceid}@api@alerting@rule_types.yaml' + '/s/{spaceId}/api/alerting/_health': + $ref: paths/s@{spaceid}@api@alerting@_health.yaml + '/s/{spaceId}/api/alerting/rule_types': + $ref: 'paths/s@{spaceid}@api@alerting@rule_types.yaml' '/s/{spaceId}/api/alerting/rule/{ruleId}/_mute_all': $ref: 'paths/s@{spaceid}@api@alerting@rule@{ruleid}@_mute_all.yaml' '/s/{spaceId}/api/alerting/rule/{ruleId}/_unmute_all': diff --git a/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@_health.yaml b/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@_health.yaml new file mode 100644 index 00000000000000..6934bddfa9580f --- /dev/null +++ b/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@_health.yaml @@ -0,0 +1,126 @@ +get: + summary: Retrieves the health status of the alerting framework. + operationId: getAlertingHealth + description: > + You must have `read` privileges for the **Management > Stack Rules** feature + or for at least one of the **Analytics > Discover**, + **Analytics > Machine Learning**, **Observability**, or **Security** features. + tags: + - alerting + parameters: + - $ref: '../components/parameters/space_id.yaml' + responses: + '200': + description: Indicates a successful call. + content: + application/json: + schema: + type: object + properties: + alerting_framework_heath: + type: object + description: This property has a typo. Use `alerting_framework_health` instead. + deprecated: true + properties: + _deprecated: + type: string + example: "This state property has a typo, use \"alerting_framework_health\" instead." + decryption_health: + type: object + properties: + status: + type: string + example: ok + timestamp: + type: string + format: date-time + example: "2023-01-13T01:28:00.280Z" + execution_health: + type: object + properties: + status: + type: string + example: ok + timestamp: + type: string + format: date-time + example: "2023-01-13T01:28:00.280Z" + read_health: + type: object + properties: + status: + type: string + example: ok + timestamp: + type: string + format: date-time + example: "2023-01-13T01:28:00.280Z" + alerting_framework_health: + type: object + description: > + Three substates identify the health of the alerting framework: `decryption_health`, `execution_health`, and `read_health`. + properties: + decryption_health: + type: object + description: The timestamp and status of the rule decryption. + properties: + status: + type: string + example: ok + enum: + - error + - ok + - warn + timestamp: + type: string + format: date-time + example: "2023-01-13T01:28:00.280Z" + execution_health: + type: object + description: The timestamp and status of the rule run. + properties: + status: + type: string + example: ok + enum: + - error + - ok + - warn + timestamp: + type: string + format: date-time + example: "2023-01-13T01:28:00.280Z" + read_health: + type: object + description: The timestamp and status of the rule reading events. + properties: + status: + type: string + example: ok + enum: + - error + - ok + - warn + timestamp: + type: string + format: date-time + example: "2023-01-13T01:28:00.280Z" + has_permanent_encryption_key: + type: boolean + description: If `false`, the encrypted saved object plugin does not have a permanent encryption key. + example: true + is_sufficiently_secure: + type: boolean + description: If `false`, security is enabled but TLS is not. + example: true + examples: + getAlertingHealthResponse: + $ref: '../components/examples/get_health_response.yaml' + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '../components/schemas/401_response.yaml' +servers: + - url: https://localhost:5601 \ No newline at end of file diff --git a/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}.yaml b/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}.yaml index cb6a4a34525d96..91ef40aa0c2e91 100644 --- a/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}.yaml +++ b/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}.yaml @@ -1,5 +1,5 @@ get: - summary: Retrieve a rule by its identifier. + summary: Retrieves a rule by its identifier. operationId: getRule description: > You must have `read` privileges for the appropriate Kibana features, @@ -21,8 +21,22 @@ get: schema: $ref: '../components/schemas/rule_response_properties.yaml' examples: - updateRuleResponse: + getRuleResponse: $ref: '../components/examples/get_rule_response.yaml' + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '../components/schemas/401_response.yaml' + '404': + description: Object is not found. + content: + application/json: + schema: + $ref: '../components/schemas/404_response.yaml' + servers: + - url: https://localhost:5601 delete: summary: Deletes a rule. @@ -42,6 +56,18 @@ delete: responses: '204': description: Indicates a successful call. + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '../components/schemas/401_response.yaml' + '404': + description: Object is not found. + content: + application/json: + schema: + $ref: '../components/schemas/404_response.yaml' servers: - url: https://localhost:5601 @@ -88,6 +114,18 @@ put: examples: updateRuleResponse: $ref: '../components/examples/update_rule_response.yaml' + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '../components/schemas/401_response.yaml' + '404': + description: Object is not found. + content: + application/json: + schema: + $ref: '../components/schemas/404_response.yaml' servers: - url: https://localhost:5601 servers: diff --git a/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@_disable.yaml b/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@_disable.yaml index 8c8a60ae2ce2ef..d0d5321a484206 100644 --- a/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@_disable.yaml +++ b/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@_disable.yaml @@ -1,5 +1,5 @@ post: - summary: Disable a rule. + summary: Disables a rule. operationId: disableRule description: > You must have `all` privileges for the appropriate Kibana features, @@ -15,6 +15,18 @@ post: responses: '204': description: Indicates a successful call. + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '../components/schemas/401_response.yaml' + '404': + description: Object is not found. + content: + application/json: + schema: + $ref: '../components/schemas/404_response.yaml' servers: - url: https://localhost:5601 servers: diff --git a/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@_enable.yaml b/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@_enable.yaml index ee4ef54fc43f63..cb7991c2d9185c 100644 --- a/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@_enable.yaml +++ b/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@_enable.yaml @@ -1,5 +1,5 @@ post: - summary: Enable a rule. + summary: Enables a rule. operationId: enableRule description: > This API supports token-based authentication only. @@ -16,6 +16,18 @@ post: responses: '204': description: Indicates a successful call. + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '../components/schemas/401_response.yaml' + '404': + description: Object is not found. + content: + application/json: + schema: + $ref: '../components/schemas/401_response.yaml' servers: - url: https://localhost:5601 servers: diff --git a/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@_mute_all.yaml b/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@_mute_all.yaml index a816ed0b0b7ef0..00250d5a754a40 100644 --- a/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@_mute_all.yaml +++ b/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@_mute_all.yaml @@ -1,5 +1,5 @@ post: - summary: Mute all alerts. + summary: Mutes all alerts. operationId: muteAllAlerts description: > This API snoozes the notifications for the rule indefinitely. The rule @@ -19,6 +19,12 @@ post: responses: '204': description: Indicates a successful call. + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '../components/schemas/401_response.yaml' servers: - url: https://localhost:5601 servers: diff --git a/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@_unmute_all.yaml b/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@_unmute_all.yaml index 38e8f0807c9988..b0a887e7b427e0 100644 --- a/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@_unmute_all.yaml +++ b/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@_unmute_all.yaml @@ -1,5 +1,5 @@ post: - summary: Unmute all alerts. + summary: Unmutes all alerts. operationId: unmuteAllAlerts description: > If the rule has its notifications snoozed indefinitely, this API cancels the snooze. @@ -18,6 +18,12 @@ post: responses: '204': description: Indicates a successful call. + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '../components/schemas/401_response.yaml' servers: - url: https://localhost:5601 servers: diff --git a/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@alert@{alertid}@_mute.yaml b/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@alert@{alertid}@_mute.yaml index d120c06e7a6c4c..2356bf4a603944 100644 --- a/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@alert@{alertid}@_mute.yaml +++ b/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@alert@{alertid}@_mute.yaml @@ -1,5 +1,5 @@ post: - summary: Mute an alert. + summary: Mutes an alert. operationId: muteAlert description: > You must have `all` privileges for the appropriate Kibana features, @@ -18,6 +18,12 @@ post: responses: '204': description: Indicates a successful call. + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '../components/schemas/401_response.yaml' servers: - url: https://localhost:5601 servers: diff --git a/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@alert@{alertid}@_unmute.yaml b/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@alert@{alertid}@_unmute.yaml index bbc92453e236b8..c06eccb531b469 100644 --- a/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@alert@{alertid}@_unmute.yaml +++ b/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule@{ruleid}@alert@{alertid}@_unmute.yaml @@ -1,5 +1,5 @@ post: - summary: Unmute an alert. + summary: Unmutes an alert. operationId: unmuteAlert description: > You must have `all` privileges for the appropriate Kibana features, @@ -18,6 +18,12 @@ post: responses: '204': description: Indicates a successful call. + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '../components/schemas/401_response.yaml' servers: - url: https://localhost:5601 servers: diff --git a/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule_types.yaml b/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule_types.yaml new file mode 100644 index 00000000000000..8b7019ee54539c --- /dev/null +++ b/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rule_types.yaml @@ -0,0 +1,198 @@ +get: + summary: Retrieves a list of rule types. + operationId: getRuleTypes + description: > + If you have `read` privileges for one or more Kibana features, the API + response contains information about the appropriate rule types. For example, + there are rule types associated with the **Management > Stack Rules** feature, + **Analytics > Discover** and **Machine Learning** features, **Observability** + features, and **Security** features. To get rule types associated with the + **Stack Monitoring** feature, use the `monitoring_user` built-in role. + tags: + - alerting + parameters: + - $ref: '../components/parameters/space_id.yaml' + responses: + '200': + description: Indicates a successful call. + content: + application/json: + schema: + type: array + items: + type: object + properties: + action_groups: + description: > + An explicit list of groups for which the rule type can + schedule actions, each with the action group's unique ID and + human readable name. Rule actions validation uses this + configuration to ensure that groups are valid. + type: array + items: + type: object + properties: + id: + type: string + name: + type: string + action_variables: + description: > + A list of action variables that the rule type makes available + via context and state in action parameter templates, and a + short human readable description. When you create a rule in + Kibana, it uses this information to prompt you for these + variables in action parameter editors. + type: object + properties: + context: + type: array + items: + type: object + properties: + name: + type: string + description: + type: string + useWithTripleBracesInTemplates: + type: boolean + params: + type: array + items: + type: object + properties: + description: + type: string + name: + type: string + state: + type: array + items: + type: object + properties: + description: + type: string + name: + type: string + authorized_consumers: + description: The list of the plugins IDs that have access to the rule type. + type: object + properties: + alerts: + type: object + properties: + all: + type: boolean + read: + type: boolean + apm: + type: object + properties: + all: + type: boolean + read: + type: boolean + discover: + type: object + properties: + all: + type: boolean + read: + type: boolean + infrastructure: + type: object + properties: + all: + type: boolean + read: + type: boolean + logs: + type: object + properties: + all: + type: boolean + read: + type: boolean + ml: + type: object + properties: + all: + type: boolean + read: + type: boolean + monitoring: + type: object + properties: + all: + type: boolean + read: + type: boolean + siem: + type: object + properties: + all: + type: boolean + read: + type: boolean + stackAlerts: + type: object + properties: + all: + type: boolean + read: + type: boolean + uptime: + type: object + properties: + all: + type: boolean + read: + type: boolean + default_action_group_id: + description: The default identifier for the rule type group. + type: string + does_set_recovery_context: + description: Indicates whether the rule passes context variables to its recovery action. + type: boolean + enabled_in_license: + description: Indicates whether the rule type is enabled or disabled based on the subscription. + type: boolean + id: + description: The unique identifier for the rule type. + type: string + is_exportable: + description: Indicates whether the rule type is exportable in **Stack Management > Saved Objects**. + type: boolean + minimum_license_required: + description: The subscriptions required to use the rule type. + type: string + example: basic + name: + description: The descriptive name of the rule type. + type: string + producer: + description: An identifier for the application that produces this rule type. + type: string + example: stackAlerts + recovery_action_group: + description: An action group to use when an alert goes from an active state to an inactive one. + type: object + properties: + id: + type: string + name: + type: string + rule_task_timeout: + type: string + example: 5m + examples: + getRuleTypesResponse: + $ref: '../components/examples/get_rule_types_response.yaml' + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '../components/schemas/401_response.yaml' +servers: + - url: https://localhost:5601 \ No newline at end of file diff --git a/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rules@_find.yaml b/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rules@_find.yaml index 42c4b817f79683..2f84059aa392d5 100644 --- a/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rules@_find.yaml +++ b/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rules@_find.yaml @@ -113,6 +113,12 @@ get: examples: findRulesResponse: $ref: '../components/examples/find_rules_response.yaml' + '401': + description: Authorization information is missing or invalid. + content: + application/json: + schema: + $ref: '../components/schemas/401_response.yaml' servers: - url: https://localhost:5601 servers: