Find exception itemsedit
Retrieves a paginated subset of exception items in the specified container. By default, the first page is returned with 20 results per page.
Console supports only Elasticsearch APIs. Console doesn’t allow interactions with Kibana APIs. You must use curl
or another HTTP tool instead. For more information, refer to Run Elasticsearch API requests.
Request URLedit
GET <kibana host>:<port>/api/exception_lists/items/_find
URL query parametersedit
Name | Type | Description | Required |
---|---|---|---|
|
String |
ID of the exception container. |
Yes |
|
Integer |
The page number to return. |
No |
|
Integer |
The number of items to return per page. |
No |
|
String |
Determines which field is used to sort the results. |
No |
|
String |
Determines the sort order, which can be |
No |
|
String |
Returns the items that come after the last item
returned in the previous call (use the |
No |
Example requestedit
Retrieves exception items in the allowed-processes
container:
GET api/exception_lists/items/_find?list_id=allowed-processes
Response codeedit
-
200
- Indicates a successful call.
Response payloadedit
{ "data": [ { "_tags": [], "comments": [ { "comment": "Allowed on all hosts.", "created_at": "2020-07-14T13:40:39.804Z", "created_by": "elastic" } ], "created_at": "2020-07-14T13:40:39.804Z", "created_by": "elastic", "description": "Global process allowlist", "entries": [ { "field": "process.name", "operator": "included", "type": "match", "value": "housekeeping" } ], "id": "9b25aec0-c5d7-11ea-a3d8-a5b753aeeb9e", "item_id": "global-allow-processes", "list_id": "allowed-processes", "name": "Host-process global exclusion", "namespace_type": "single", "tags": [ "global", "hosts", "processes" ], "tie_breaker_id": "28c6b069-8e39-4f9a-b93c-95e5a15b46c5", "type": "simple", "updated_at": "2020-07-14T13:40:39.980Z", "updated_by": "elastic" }, { "_tags": [], "comments": [ { "comment": "Allows maintenance process to run on the specified machines", "created_at": "2020-07-14T13:41:24.005Z", "created_by": "elastic" } ], "created_at": "2020-07-14T13:41:24.005Z", "created_by": "elastic", "description": "Process allowlist", "entries": [ { "field": "process.name", "operator": "included", "type": "match", "value": "maintenance" }, { "field": "host.name", "operator": "included", "type": "match_any", "value": [ "liv-win-anf", "livw-win-mel", "linux-anfield" ] } ], "id": "b57e5f60-c5d7-11ea-a3d8-a5b753aeeb9e", "item_id": "allow-process-on-machines", "list_id": "allowed-processes", "name": "Host-process exclusions", "namespace_type": "single", "tags": [ "hosts", "processes" ], "tie_breaker_id": "a1bacb3d-7ce1-4f03-80f4-d49235b6bbde", "type": "simple", "updated_at": "2020-07-14T13:41:24.182Z", "updated_by": "elastic" } ], "page": 1, "per_page": 20, "total": 2 }