IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.
Elastic Docs Elastic Security Solution [8.1] Elastic Security APIs
« Import timelines and timeline templates Create case »

Cases APIedit

You can create, manage, configure, and send cases to external systems with these APIs:

Console supports only Elasticsearch APIs. Console doesn’t allow interactions with Kibana APIs. You must use curl or another HTTP tool instead. For more information, refer to Run Elasticsearch API requests.

Cases return a warning header for deprecated endpoints. The value of the warning header is in the form 299 Kibana-{kibana_version} "{warning_text}"

  • Cases API: Used to open and manage security action items.
  • Actions API: Used to send cases to external systems. Create connector stores the data required to interface with third-party systems, and Create or update an external incident sends Elastic Security cases to external systems.
« Import timelines and timeline templates Create case »