Disable Attack discovery schedule | Kibana API documentation

Disable Attack discovery schedule Technical Preview; added in 9.2.0

POST /api/attack_discovery/schedules/{id}/_disable

Spaces method and path for this operation:

post /s/{space_id}/api/attack_discovery/schedules/{id}/_disable

Refer to Spaces for more information.

Disables an Attack discovery schedule, preventing it from running according to its configured interval. The schedule configuration is preserved and can be re-enabled later. Any currently running executions will complete, but no new executions will be started. Technical preview

Path parameters

id string(nonempty) Required

The unique identifier (UUID) of the Attack Discovery schedule to disable. This ID is returned when creating a schedule and can be found in schedule listings.

Minimum length is 1.

Responses

200 application/json

Successfully disabled Attack Discovery schedule, returning the schedule ID for confirmation
Hide response attribute Show response attribute object
- id string(nonempty) Required
  
  A string that does not contain only whitespace characters.
  
  Minimum length is 1.
400 application/json

Generic Error
Hide response attributes Show response attributes object
- error string
  
  Error type
- message string
  
  Human-readable error message describing what went wrong
- status_code number
  
  HTTP status code

POST /api/attack_discovery/schedules/{id}/_disable

curl \
 --request POST 'http://localhost:5601/api/attack_discovery/schedules/12345678-1234-1234-1234-123456789012/_disable' \
 --header "Authorization: $API_KEY" \
 --header "Content-Type: application/json"

Response examples (200)

{
  "id": "12345678-1234-1234-1234-123456789012"
}

Response examples (400)

{
  "error": "Bad Request",
  "message": "Invalid request parameters",
  "status_code": 400
}