Tags endpointedit

Aggregates and returns all rule tags.

Console supports only Elasticsearch APIs. Console doesn’t allow interactions with Kibana APIs. You must use curl or another HTTP tool instead. For more information, refer to Run Elasticsearch API requests.

Get tagsedit

Aggregates and returns all unique tags from all rules.

Request URLedit

GET <kibana host>:<port>/api/detection_engine/tags

Example requestedit

Gets tags for all rules in the Kibana default space:

GET api/detection_engine/tags

Response codeedit

200
Indicates a successful call.
Example responseedit
[
  "zeek",
  "suricata",
  "windows",
  "linux",
  "network",
  "initial access",
  "remote access",
  "phishing"
]