Upsert a query to a stream | Kibana Serverless API documentation

Upsert a query to a stream Technical Preview

PUT /api/streams/{name}/queries/{queryId}

Spaces method and path for this operation:

put /s/{space_id}/api/streams/{name}/queries/{queryId}

Refer to Spaces for more information.

Adds a query to a stream. Noop if the query is already present on the stream.

[Required authorization] Route required privileges: manage_stream.

Headers

kbn-xsrf string Required

A required header to protect against CSRF attacks

Path parameters

name string Required
queryId string Required

application/json

Body

description string

Default value is empty.
esql object Required

Additional properties are NOT allowed.
Hide esql attribute Show esql attribute object
- query string Required
evidence array[string]
severity_score number
title string Required

A non-empty string.

Minimum length is 1.

PUT /api/streams/{name}/queries/{queryId}

curl \
 --request PUT 'https://<KIBANA_URL>/api/streams/{name}/queries/{queryId}' \
 --header "Authorization: $API_KEY" \
 --header "Content-Type: application/json" \
 --header "kbn-xsrf: true" \
 --data '{"description":"","esql":{"query":"string"},"evidence":["string"],"severity_score":42.0,"title":"string"}'