Set default Elastic Security UI connectoredit
Sets the default connector in the Elastic Security UI.
Connectors are used to interface with external systems. You can only call this method after you have created a connector (see Create connector). After a connector has been created and assigned, call Create or update an external incident to send cases to the external system.
You can also set the default connector in the Elastic Security UI for each case individually (see Update case).
Request URLedit
POST <kibana host>:<port>/api/cases/configure
Request bodyedit
A JSON object with these fields:
Name | Type | Description | Required |
---|---|---|---|
|
String |
The connector ID. |
Yes |
|
String |
The connector name. |
Yes |
|
String |
Determines whether a case is automatically closed in Elastic Security when it is pushed to external systems. Valid values are:
|
Yes |
Call Find connectors to retrieve connector IDs and names.
Example requestedit
POST api/cases/configure { "connector_id": "61787f53-4eee-4741-8df6-8fe84fa616f7", "closure_type": "close-by-user", "connector_name": "ServiceNow" }
Response codeedit
-
200
- Indicates a successful call.
Example responseedit
{ "connector_id": "61787f53-4eee-4741-8df6-8fe84fa616f7", "closure_type": "close-by-user", "connector_name": "ServiceNow", "created_at": "2020-03-30T13:31:38.083Z", "created_by": { "email": "moneypenny@hms.gov.uk", "full_name": "Ms Moneypenny", "username": "moneypenny" }, "updated_at": null, "updated_by": null, "version": "WzE3NywxXQ==" }