Change Updates

Do not miss any Kibana API changes, ever again

Subscribe to the Kibana API changelog to be up to date on recent changes.

RSS

Jan 27, 2025

main
1.0.2
Compare

API structure has changed

62 structure changes including:
2 Additions
45 Modifications
15 Removals
Modified 45 Breaking
POST /api/alerting/rule/{id}
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • monitoring property Modified
        • run property Modified
POST /api/asset_criticality
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • service property Added
POST /api/detection_engine/rules
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • Security_Detections_API_EqlRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_QueryRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_SavedQueryRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_ThresholdRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_ThreatMatchRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_MachineLearningRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_NewTermsRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_EsqlRuleResponseFields alternative Modified
        • execution_summary property Modified
POST /api/detection_engine/rules/_bulk_action
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • Security_Detections_API_BulkEditActionResponse alternative Modified
        • attributes property Modified
POST /api/detection_engine/rules/_bulk_create
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • Security_Detections_API_EqlRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_QueryRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_SavedQueryRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_ThresholdRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_ThreatMatchRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_MachineLearningRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_NewTermsRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_EsqlRuleResponseFields alternative Modified
        • execution_summary property Modified
POST /api/detection_engine/rules/_bulk_delete
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • Security_Detections_API_EqlRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_QueryRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_SavedQueryRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_ThresholdRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_ThreatMatchRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_MachineLearningRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_NewTermsRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_EsqlRuleResponseFields alternative Modified
        • execution_summary property Modified
POST /api/detection_engine/signals/finalize_migration
  • Operation is now deprecated
POST /api/detection_engine/signals/migration
  • Operation is now deprecated
POST /api/detection_engine/signals/migration_status
  • Operation is now deprecated
POST /api/entity_store/enable
  • Body
  • application/json; Elastic-Api-Version=2023-10-31 content type Modified
    • enrichPolicyExecutionInterval, entityTypes, lookbackPeriod properties Added
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • engines property Modified
        • lookbackPeriod property Added
POST /api/entity_store/engines/{entityType}/init
  • Body
  • application/json; Elastic-Api-Version=2023-10-31 content type Modified
    • enrichPolicyExecutionInterval property Added
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • lookbackPeriod property Added
POST /api/exception_lists/_duplicate
  • Response
  • 404 response Added
POST /api/exception_lists/_import
  • Query
  • overwrite_exceptions, overwrite_action_connectors query parameters Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
POST /api/fleet/agent_policies
  • Body
  • application/json; Elastic-Api-Version=2023-10-31 content type Modified
    • agentless, required_versions properties Added
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • item property Modified
        • package_policies property Modified
        • agentless, required_versions properties Added
POST /api/fleet/agent_policies/_bulk_get
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • items property Modified
        • package_policies property Modified
        • agentless, required_versions properties Added
POST /api/fleet/agent_policies/{agentPolicyId}/copy
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • item property Modified
        • package_policies property Modified
        • agentless, required_versions properties Added
POST /api/fleet/agents/actions/{actionId}/cancel
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • item property Modified
        • agents property Modified
          • Property is no longer required
POST /api/fleet/agents/{agentId}/actions
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • item property Modified
        • agents property Modified
          • Property is no longer required
POST /api/lists/items
  • Response
  • 404 response Added
PUT /api/alerting/rule/{id}
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • monitoring property Modified
        • run property Modified
PUT /api/detection_engine/rules
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • Security_Detections_API_EqlRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_QueryRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_SavedQueryRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_ThresholdRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_ThreatMatchRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_MachineLearningRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_NewTermsRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_EsqlRuleResponseFields alternative Modified
        • execution_summary property Modified
PUT /api/detection_engine/rules/_bulk_update
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • Security_Detections_API_EqlRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_QueryRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_SavedQueryRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_ThresholdRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_ThreatMatchRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_MachineLearningRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_NewTermsRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_EsqlRuleResponseFields alternative Modified
        • execution_summary property Modified
PUT /api/fleet/agent_policies/{agentPolicyId}
  • Body
  • application/json; Elastic-Api-Version=2023-10-31 content type Modified
    • agentless, required_versions properties Added
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • item property Modified
        • package_policies property Modified
        • agentless, required_versions properties Added
PUT /api/fleet/agents/{agentId}
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • item property Modified
        • audit_unenrolled_reason property Added
DELETE /api/asset_criticality
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • record property Modified
        • service property Added
DELETE /api/detection_engine/rules
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • Security_Detections_API_EqlRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_QueryRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_SavedQueryRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_ThresholdRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_ThreatMatchRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_MachineLearningRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_NewTermsRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_EsqlRuleResponseFields alternative Modified
        • execution_summary property Modified
DELETE /api/detection_engine/rules/_bulk_delete
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • Security_Detections_API_EqlRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_QueryRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_SavedQueryRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_ThresholdRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_ThreatMatchRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_MachineLearningRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_NewTermsRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_EsqlRuleResponseFields alternative Modified
        • execution_summary property Modified
DELETE /api/detection_engine/signals/migration
  • Operation is now deprecated
GET /api/alerting/rule/{id}
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • monitoring property Modified
        • run property Modified
GET /api/alerting/rules/_find
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • monitoring property Modified
        • run property Modified
GET /api/asset_criticality
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • service property Added
GET /api/asset_criticality/list
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • records property Modified
        • service property Added
GET /api/detection_engine/rules
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • Security_Detections_API_EqlRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_QueryRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_SavedQueryRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_ThresholdRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_ThreatMatchRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_MachineLearningRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_NewTermsRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_EsqlRuleResponseFields alternative Modified
        • execution_summary property Modified
GET /api/detection_engine/rules/_find
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • data property Modified
        • Security_Detections_API_EqlRuleResponseFields, Security_Detections_API_QueryRuleResponseFields, Security_Detections_API_SavedQueryRuleResponseFields, Security_Detections_API_ThresholdRuleResponseFields, Security_Detections_API_ThreatMatchRuleResponseFields, Security_Detections_API_MachineLearningRuleResponseFields, Security_Detections_API_NewTermsRuleResponseFields, Security_Detections_API_EsqlRuleResponseFields alternatives Modified
GET /api/entity_store/engines
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • engines property Modified
        • lookbackPeriod property Added
GET /api/entity_store/engines/{entityType}
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • lookbackPeriod property Added
GET /api/entity_store/entities/list
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • records property Modified
        • Security_Entity_Analytics_API_ServiceEntity alternative Added
  • Query
  • entities_types query parameter Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • entity_types query parameter Added
GET /api/entity_store/status
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • engines property Modified
        • lookbackPeriod property Added
GET /api/fleet/agent_policies
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • items property Modified
        • package_policies property Modified
        • agentless, required_versions properties Added
GET /api/fleet/agent_policies/{agentPolicyId}
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • item property Modified
        • package_policies property Modified
        • agentless, required_versions properties Added
GET /api/fleet/agent_status
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • results property Modified
        • orphaned, uninstalled properties Added
GET /api/fleet/agents
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • items property Modified
        • audit_unenrolled_reason property Added
GET /api/fleet/agents/{agentId}
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • item property Modified
        • audit_unenrolled_reason property Added
PATCH /api/detection_engine/rules
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • Security_Detections_API_EqlRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_QueryRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_SavedQueryRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_ThresholdRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_ThreatMatchRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_MachineLearningRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_NewTermsRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_EsqlRuleResponseFields alternative Modified
        • execution_summary property Modified
PATCH /api/detection_engine/rules/_bulk_update
  • Response
  • 200 response Modified
    • application/json; Elastic-Api-Version=2023-10-31 content type Modified
      • Security_Detections_API_EqlRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_QueryRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_SavedQueryRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_ThresholdRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_ThreatMatchRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_MachineLearningRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_NewTermsRuleResponseFields alternative Modified
        • execution_summary property Modified
      • Security_Detections_API_EsqlRuleResponseFields alternative Modified
        • execution_summary property Modified
Removed 15
POST /api/alerts/alert/{alertId}/_disable
POST /api/alerts/alert/{alertId}/_enable
POST /api/alerts/alert/{alertId}/_mute_all
POST /api/alerts/alert/{alertId}
GET /api/cases/{caseId}/user_actions
POST /api/alerts/alert/{alertId}/_unmute_all
POST /api/alerts/alert/{alertId}/alert_instance/{alertInstanceId}/_mute
POST /api/alerts/alert/{alertId}/alert_instance/{alertInstanceId}/_unmute
PUT /api/alerts/alert/{alertId}
GET /api/cases/{caseId}/comments
GET /api/alerts/alerts/list_alert_types
GET /api/alerts/alerts/_health
GET /api/alerts/alerts/_find
GET /api/alerts/alert/{alertId}
DELETE /api/alerts/alert/{alertId}
Added 2
POST /api/endpoint/action/runscript
PATCH /api/risk_score/engine/saved_object/configure