Apply a bulk action to anonymization fields

POST /api/security_ai_assistant/anonymization_fields/_bulk_action
Api key auth

Spaces method and path for this operation:

post /s/{space_id}/api/security_ai_assistant/anonymization_fields/_bulk_action

Refer to Spaces for more information.

Apply a bulk action to multiple anonymization fields. The bulk action is applied to all anonymization fields that match the filter or to the list of anonymization fields by their IDs.

application/json

Body

  • create array[object]

    Array of anonymization fields to create.

    Hide create attributes Show create attributes object
    • allowed boolean

      Whether this field is allowed to be sent to the model.

    • anonymized boolean

      Whether this field should be anonymized.

    • field string Required

      Name of the anonymization field to create.

  • delete object

    Object containing the query to filter anonymization fields and/or an array of anonymization field IDs to delete.

    Hide delete attributes Show delete attributes object
    • ids array[string]

      Array of IDs to apply the action to.

      At least 1 element.

    • query string

      Query to filter the bulk action.

  • update array[object]

    Array of anonymization fields to update.

    Hide update attributes Show update attributes object
    • allowed boolean

      Whether this field is allowed to be sent to the model.

    • anonymized boolean

      Whether this field should be anonymized.

    • id string Required

      The ID of the anonymization field to update.

Responses

  • 200 application/json

    Indicates a successful call.

    Hide response attributes Show response attributes object
    • anonymization_fields_count integer

      Total number of anonymization fields processed.

    • attributes object Required
      Hide attributes attributes Show attributes attributes object
      • errors array[object]

        List of errors that occurred during the bulk operation.

        Hide errors attributes Show errors attributes object
        • anonymization_fields array[object] Required

          Array of anonymization fields that caused the error.

          Hide anonymization_fields attributes Show anonymization_fields attributes object
          • id string Required

            The ID of the anonymization field.

          • name string

            Name of the anonymization field.

        • err_code string

          Error code indicating the type of failure.

        • message string Required

          Error message.

        • status_code integer Required

          Status code of the response.

      • results object Required
        Hide results attributes Show results attributes object
        • created array[object] Required

          List of anonymization fields successfully created.

          Hide created attributes Show created attributes object
          • allowed boolean

            Whether this field is allowed to be sent to the model.

          • anonymized boolean

            Whether this field should be anonymized.

          • createdAt string

            Timestamp of when the anonymization field was created.

          • createdBy string

            Username of the person who created the anonymization field.

          • field string Required

            Name of the anonymization field.

          • id string(nonempty) Required

            A string that does not contain only whitespace characters.

            Minimum length is 1.

          • namespace string

            Kibana space in which this anonymization field exists.

          • timestamp string(nonempty)

            A string that represents a timestamp in ISO 8601 format and does not contain only whitespace characters.

            Minimum length is 1.

          • updatedAt string

            Timestamp of the last update.

          • updatedBy string

            Username of the person who last updated the field.

        • deleted array[string] Required

          Array of IDs of anonymization fields that were deleted.

        • skipped array[object] Required

          List of anonymization fields that were skipped during the operation.

          Hide skipped attributes Show skipped attributes object
          • id string Required

            The ID of the anonymization field that was not modified.

          • name string

            Name of the anonymization field that was not modified.

          • skip_reason string Required

            Reason why the anonymization field was not modified.

            Value is ANONYMIZATION_FIELD_NOT_MODIFIED.

        • updated array[object] Required

          List of anonymization fields successfully updated.

          Hide updated attributes Show updated attributes object
          • allowed boolean

            Whether this field is allowed to be sent to the model.

          • anonymized boolean

            Whether this field should be anonymized.

          • createdAt string

            Timestamp of when the anonymization field was created.

          • createdBy string

            Username of the person who created the anonymization field.

          • field string Required

            Name of the anonymization field.

          • id string(nonempty) Required

            A string that does not contain only whitespace characters.

            Minimum length is 1.

          • namespace string

            Kibana space in which this anonymization field exists.

          • timestamp string(nonempty)

            A string that represents a timestamp in ISO 8601 format and does not contain only whitespace characters.

            Minimum length is 1.

          • updatedAt string

            Timestamp of the last update.

          • updatedBy string

            Username of the person who last updated the field.

      • summary object Required
        Hide summary attributes Show summary attributes object
        • failed integer Required

          The number of failed actions.

        • skipped integer Required

          The number of skipped actions.

        • succeeded integer Required

          The number of successfully performed actions.

        • total integer Required

          The total number of actions attempted.

    • message string

      Message providing information about the bulk action result.

    • status_code integer

      HTTP status code returned.

    • success boolean

      Indicates if the bulk action was successful.
  • 400 application/json

    Bad Request response.

    Hide response attributes Show response attributes object
    • error string

      Error type or name.

    • message string

      Detailed error message.

    • statusCode number

      Status code of the response.
POST /api/security_ai_assistant/anonymization_fields/_bulk_action 
curl \
 --request POST 'http://localhost:5601/api/security_ai_assistant/anonymization_fields/_bulk_action' \
 --header "Authorization: $API_KEY" \
 --header "Content-Type: application/json" \
 --data '{"create":[{"field":"host.name","allowed":true,"anonymized":false}]}'
Request example 
{
  "create": [
    {
      "allowed": true,
      "anonymized": false,
      "field": "host.name"
    },
    {
      "allowed": false,
      "anonymized": true,
      "field": "user.name"
    }
  ],
  "delete": {
    "ids": [
      "field5",
      "field6"
    ],
    "query": "field: host.name"
  },
  "update": [
    {
      "allowed": true,
      "anonymized": false,
      "id": "field8"
    },
    {
      "allowed": false,
      "anonymized": true,
      "id": "field9"
    }
  ]
}
Response examples (200) 
{
  "anonymization_fields_count": 4,
  "attributes": {
    "results": {
      "created": [
        {
          "allowed": false,
          "anonymized": true,
          "createdAt": "2023-10-31T12:00:00Z",
          "createdBy": "user1",
          "field": "host.name",
          "id": "field2",
          "namespace": "default",
          "timestamp": "2023-10-31T12:00:00Z",
          "updatedAt": "2023-10-31T12:00:00Z",
          "updatedBy": "user1"
        }
      ],
      "deleted": [
        "field3"
      ],
      "skipped": [
        {
          "id": "field4",
          "name": "user.name",
          "skip_reason": "ANONYMIZATION_FIELD_NOT_MODIFIED"
        }
      ],
      "updated": [
        {
          "allowed": true,
          "anonymized": false,
          "createdAt": "2023-10-31T12:00:00Z",
          "createdBy": "user1",
          "field": "url.domain",
          "id": "field8",
          "namespace": "default",
          "timestamp": "2023-10-31T12:00:00Z",
          "updatedAt": "2023-10-31T12:00:00Z",
          "updatedBy": "user1"
        }
      ]
    },
    "summary": {
      "failed": 0,
      "skipped": 1,
      "succeeded": 3,
      "total": 4
    }
  },
  "message": "Bulk action completed successfully",
  "status_code": 200,
  "success": true
}
Response examples (400) 
{
  "error": "Bad Request",
  "message": "Invalid request body",
  "statusCode": 400
}