Tags endpointedit

Aggregates and returns all rule tags.

The Kibana Console supports only Elasticsearch APIs. Console doesn’t allow interactions with Kibana APIs. You must use curl or another HTTP tool instead. For more information, refer to Console.

Get tagsedit

Aggregates and returns all unique tags from all rules.

Request URLedit

GET <kibana host>:<port>/api/detection_engine/tags

Example requestedit

Gets tags for all rules in the Kibana default space:

GET api/detection_engine/tags

Response codeedit

200
Indicates a successful call.
Example responseedit
[
  "zeek",
  "suricata",
  "windows",
  "linux",
  "network",
  "initial access",
  "remote access",
  "phishing"
]