Adding exceptions list export route documentation #3061
Labels
API
Effort: Medium
Issues that take moderate but not substantial time to complete
Feature: Exceptions
Priority: Medium
Issues that have relevance, but aren't urgent
Team: Security Platform
Includes Cyber Threat Intelligence (CTI) team
Projects
Description
The documentation seems to be missing for our exception list export which was added (I believe) in this PR dating back all the way to some
7.x
builds. We should add this in and backport it to the relevant releases. From what I can tell, the route and its query parameters have remained the same since it was written, but we added another query parameter in the exceptions TTL PR which should be reflected only in the8.7
docs versionThis route itself exports an exception list by providing an exception list ID and the list is exported into an
.ndjson
format. Exception lists consist of two elements - the list itself, and its items. The export file should now contain both these elements, the list followed by its items. The first PR link has examples of exported lists.The route, following the current docs format, should be
POST <kibana host>:<port>/api/exception_lists/_export
The query parameters are
So an example request would be
with the response being an aforementioned
.ndjson
fileThe text was updated successfully, but these errors were encountered: