Skip to content

Commit

Permalink
Revert security changes
Browse files Browse the repository at this point in the history
  • Loading branch information
@Zacqary
Zacqary committed Sep 19, 2024
1 parent 287793b commit 29c72f7
Show file tree
Hide file tree
Showing 4 changed files with 377 additions and 114 deletions.
36 changes: 36 additions & 0 deletions ...solution/docs/openapi/ess/security_solution_detections_api_2023_10_31.bundled.schema.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -891,6 +891,15 @@ paths:
/api/detection_engine/rules/preview:
post:
operationId: RulePreview
parameters:
- description: >-
Enables logging and returning in response ES queries, performed
during rule execution
in: query
name: enable_logged_requests
required: false
schema:
type: boolean
requestBody:
content:
application/json:
Expand Down Expand Up @@ -2042,6 +2051,10 @@ components:
$ref: '#/components/schemas/RuleFilterArray'
index:
$ref: '#/components/schemas/IndexPatternArray'
response_actions:
items:
$ref: '#/components/schemas/ResponseAction'
type: array
tiebreaker_field:
$ref: '#/components/schemas/TiebreakerField'
timestamp_field:
Expand Down Expand Up @@ -2729,6 +2742,10 @@ components:
properties:
alert_suppression:
$ref: '#/components/schemas/AlertSuppression'
response_actions:
items:
$ref: '#/components/schemas/ResponseAction'
type: array
EsqlRulePatchProps:
allOf:
- type: object
Expand Down Expand Up @@ -3873,6 +3890,10 @@ components:
$ref: '#/components/schemas/RuleFilterArray'
index:
$ref: '#/components/schemas/IndexPatternArray'
response_actions:
items:
$ref: '#/components/schemas/ResponseAction'
type: array
NewTermsRulePatchFields:
allOf:
- type: object
Expand Down Expand Up @@ -5166,6 +5187,17 @@ components:
- $ref: '#/components/schemas/MachineLearningRulePatchProps'
- $ref: '#/components/schemas/NewTermsRulePatchProps'
- $ref: '#/components/schemas/EsqlRulePatchProps'
RulePreviewLoggedRequest:
type: object
properties:
description:
$ref: '#/components/schemas/NonEmptyString'
duration:
type: integer
request:
$ref: '#/components/schemas/NonEmptyString'
required:
- request
RulePreviewLogs:
type: object
properties:
Expand All @@ -5176,6 +5208,10 @@ components:
items:
$ref: '#/components/schemas/NonEmptyString'
type: array
requests:
items:
$ref: '#/components/schemas/RulePreviewLoggedRequest'
type: array
startedAt:
$ref: '#/components/schemas/NonEmptyString'
warnings:
Expand Down
240 changes: 240 additions & 0 deletions ...on/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -437,6 +437,82 @@ paths:
summary: Stop the Entity Store engine
tags:
- Security Solution Entity Analytics API
/api/entity_store/entities/list:
get:
description: List entities records, paging, sorting and filtering as needed.
operationId: ListEntities
parameters:
- in: query
name: sort_field
required: false
schema:
type: string
- in: query
name: sort_order
required: false
schema:
enum:
- asc
- desc
type: string
- in: query
name: page
required: false
schema:
minimum: 1
type: integer
- in: query
name: per_page
required: false
schema:
maximum: 10000
minimum: 1
type: integer
- description: An ES query to filter by.
in: query
name: filterQuery
required: false
schema:
type: string
- in: query
name: entities_types
required: true
schema:
items:
$ref: '#/components/schemas/EntityType'
type: array
responses:
'200':
content:
application/json:
schema:
type: object
properties:
inspect:
$ref: '#/components/schemas/InspectQuery'
page:
minimum: 1
type: integer
per_page:
maximum: 1000
minimum: 1
type: integer
records:
items:
$ref: '#/components/schemas/Entity'
type: array
total:
minimum: 0
type: integer
required:
- records
- page
- per_page
- total
description: Entities returned successfully
summary: List Entity Store Entities
tags:
- Security Solution Entity Analytics API
/api/risk_score/engine/schedule_now:
post:
operationId: ScheduleRiskEngineNow
Expand Down Expand Up @@ -549,18 +625,111 @@ components:
- started
- stopped
type: string
Entity:
oneOf:
- $ref: '#/components/schemas/UserEntity'
- $ref: '#/components/schemas/HostEntity'
EntityType:
enum:
- user
- host
type: string
HostEntity:
type: object
properties:
entity:
type: object
properties:
definitionId:
type: string
definitionVersion:
type: string
displayName:
type: string
firstSeenTimestamp:
format: date-time
type: string
id:
type: string
identityFields:
items:
type: string
type: array
lastSeenTimestamp:
format: date-time
type: string
schemaVersion:
type: string
type:
enum:
- node
type: string
required:
- lastSeenTimestamp
- schemaVersion
- definitionVersion
- displayName
- identityFields
- id
- type
- firstSeenTimestamp
- definitionId
host:
type: object
properties:
architecture:
items:
type: string
type: array
domain:
items:
type: string
type: array
hostname:
items:
type: string
type: array
id:
items:
type: string
type: array
ip:
items:
type: string
type: array
mac:
items:
type: string
type: array
name:
type: string
type:
items:
type: string
type: array
required:
- name
IdField:
enum:
- host.name
- user.name
type: string
IndexPattern:
type: string
InspectQuery:
type: object
properties:
dsl:
items:
type: string
type: array
response:
items:
type: string
type: array
required:
- dsl
- response
RiskEngineScheduleNowErrorResponse:
type: object
properties:
Expand Down Expand Up @@ -588,6 +757,77 @@ components:
required:
- status_code
- message
UserEntity:
type: object
properties:
entity:
type: object
properties:
definitionId:
type: string
definitionVersion:
type: string
displayName:
type: string
firstSeenTimestamp:
format: date-time
type: string
id:
type: string
identityFields:
items:
type: string
type: array
lastSeenTimestamp:
format: date-time
type: string
schemaVersion:
type: string
type:
enum:
- node
type: string
required:
- lastSeenTimestamp
- schemaVersion
- definitionVersion
- displayName
- identityFields
- id
- type
- firstSeenTimestamp
- definitionId
user:
type: object
properties:
domain:
items:
type: string
type: array
email:
items:
type: string
type: array
full_name:
items:
type: string
type: array
hash:
items:
type: string
type: array
id:
items:
type: string
type: array
name:
type: string
roles:
items:
type: string
type: array
required:
- name
securitySchemes:
BasicAuth:
scheme: basic
Expand Down
12 changes: 6 additions & 6 deletions ...n/docs/openapi/serverless/security_solution_detections_api_2023_10_31.bundled.schema.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ info:
title: Security Solution Detections API (Elastic Cloud Serverless)
version: '2023-10-31'
servers:
- url: http://{kibana_host}:{port}
- url: 'http://{kibana_host}:{port}'
variables:
kibana_host:
default: localhost
Expand Down Expand Up @@ -962,12 +962,12 @@ components:
Interval in which the rule runs. For example, `"1h"` means the
rule runs every hour.
example: 1h
pattern: ^[1-9]\d*[smh]$
pattern: '^[1-9]\d*[smh]$'
type: string
lookback:
description: Lookback time for the rule
example: 1h
pattern: ^[1-9]\d*[smh]$
pattern: '^[1-9]\d*[smh]$'
type: string
required:
- interval
Expand Down Expand Up @@ -4131,9 +4131,9 @@ components:
- no_actions
- rule
type: string
- description: Time interval in seconds, minutes, hours, or days.
- description: 'Time interval in seconds, minutes, hours, or days.'
example: 1h
pattern: ^[1-9]\d*[smhd]$
pattern: '^[1-9]\d*[smhd]$'
type: string
RuleAuthorArray:
items:
Expand Down Expand Up @@ -4369,7 +4369,7 @@ components:
discriminator:
propertyName: type
RuleSignatureId:
description: Could be any string, not necessarily a UUID
description: 'Could be any string, not necessarily a UUID'
type: string
RuleSource:
description: >-
Expand Down
Loading

0 comments on commit 29c72f7

Please sign in to comment.