Find and/or aggregate detection alerts
Find and/or aggregate detection alerts that match the given query.
Body Required
Search and/or aggregation query
_source boolean | string | array[string]
aggs object
Additional properties are allowed.
fields array[string]
query object
Additional properties are allowed.
runtime_mappings object
Additional properties are allowed.
size integer
Minimum value is
. -
track_total_hits boolean
200 application/json; Elastic-Api-Version=2023-10-31
Successful response
Elasticsearch search response
Additional properties are allowed.
400 application/json; Elastic-Api-Version=2023-10-31
Invalid input data response
401 application/json; Elastic-Api-Version=2023-10-31
Unsuccessful authentication response
500 application/json; Elastic-Api-Version=2023-10-31
Internal server error response
curl \
--request POST https://localhost:5601/api/detection_engine/signals/search \
--header "Content-Type: application/json; Elastic-Api-Version=2023-10-31"
Request examples
"_source": true,
"aggs": {},
"fields": [
"query": {},
"runtime_mappings": {},
"size": 42,
"sort": "string",
"track_total_hits": true
Response examples (200)
Response examples (400)
"error": "string",
"message": "string",
"statusCode": 42
"message": "string",
"status_code": 42
Response examples (401)
"error": "string",
"message": "string",
"statusCode": 42
Response examples (500)
"message": "string",
"status_code": 42