Apply a bulk action to anonymization fields

POST /api/security_ai_assistant/anonymization_fields/_bulk_action

Apply a bulk action to multiple anonymization fields. The bulk action is applied to all anonymization fields that match the filter or to the list of anonymization fields by their IDs.

application/json

Body

create array[object]

Array of anonymization fields to create.
Hide create attributes Show create attributes object
- allowed boolean
  
  Whether this field is allowed to be sent to the model.
- anonymized boolean
  
  Whether this field should be anonymized.
- field string Required
  
  Name of the anonymization field to create.
delete object

Object containing the query to filter anonymization fields and/or an array of anonymization field IDs to delete.
Hide delete attributes Show delete attributes object
- ids array[string]
  
  Array of IDs to apply the action to.
  
  At least 1 element.
- query string
  
  Query to filter the bulk action.
update array[object]

Array of anonymization fields to update.
Hide update attributes Show update attributes object
- allowed boolean
  
  Whether this field is allowed to be sent to the model.
- anonymized boolean
  
  Whether this field should be anonymized.
- id string Required
  
  The ID of the anonymization field to update.

Responses

200 application/json

Indicates a successful call.
Hide response attributes Show response attributes object
- anonymization_fields_count integer
  
  Total number of anonymization fields processed.
- attributes object Required
  
  Hide attributes attributes Show attributes attributes object
  
  errors array[object]
  
  List of errors that occurred during the bulk operation.
  
  Hide errors attributes Show errors attributes object
  
  anonymization_fields array[object] Required
  
  Array of anonymization fields that caused the error.
  
  Hide anonymization_fields attributes Show anonymization_fields attributes object
  
  id string Required
  
  The ID of the anonymization field.
  
  name string
  
  Name of the anonymization field.
  
  err_code string
  
  Error code indicating the type of failure.
  
  message string Required
  
  Error message.
  
  status_code integer Required
  
  Status code of the response.
  
  results object Required
  
  Hide results attributes Show results attributes object
  
  created array[object] Required
  
  List of anonymization fields successfully created.
  
  Hide created attributes Show created attributes object
  
  allowed boolean
  
  Whether this field is allowed to be sent to the model.
  
  anonymized boolean
  
  Whether this field should be anonymized.
  
  createdAt string
  
  Timestamp of when the anonymization field was created.
  
  createdBy string
  
  Username of the person who created the anonymization field.
  
  field string Required
  
  Name of the anonymization field.
  
  id string(nonempty) Required
  
  The ID of the anonymization field.
  
  Minimum length is 1.
  
  namespace string
  
  Kibana space in which this anonymization field exists.
  
  timestamp string(nonempty)
  
  Timestamp when the anonymization field was initially created.
  
  Minimum length is 1.
  
  updatedAt string
  
  Timestamp of the last update.
  
  updatedBy string
  
  Username of the person who last updated the field.
  
  deleted array[string] Required
  
  Array of IDs of anonymization fields that were deleted.
  
  skipped array[object] Required
  
  List of anonymization fields that were skipped during the operation.
  
  Hide skipped attributes Show skipped attributes object
  
  id string Required
  
  The ID of the anonymization field that was not modified.
  
  name string
  
  Name of the anonymization field that was not modified.
  
  skip_reason string Required
  
  Reason why the anonymization field was not modified.
  
  Value is ANONYMIZATION_FIELD_NOT_MODIFIED.
  
  updated array[object] Required
  
  List of anonymization fields successfully updated.
  
  Hide updated attributes Show updated attributes object
  
  allowed boolean
  
  Whether this field is allowed to be sent to the model.
  
  anonymized boolean
  
  Whether this field should be anonymized.
  
  createdAt string
  
  Timestamp of when the anonymization field was created.
  
  createdBy string
  
  Username of the person who created the anonymization field.
  
  field string Required
  
  Name of the anonymization field.
  
  id string(nonempty) Required
  
  The ID of the anonymization field.
  
  Minimum length is 1.
  
  namespace string
  
  Kibana space in which this anonymization field exists.
  
  timestamp string(nonempty)
  
  Timestamp when the anonymization field was initially created.
  
  Minimum length is 1.
  
  updatedAt string
  
  Timestamp of the last update.
  
  updatedBy string
  
  Username of the person who last updated the field.
  
  summary object Required
  
  Hide summary attributes Show summary attributes object
  
  failed integer Required
  
  The number of failed actions.
  
  skipped integer Required
  
  The number of skipped actions.
  
  succeeded integer Required
  
  The number of successfully performed actions.
  
  total integer Required
  
  The total number of actions attempted.
- message string
  
  Message providing information about the bulk action result.
- status_code integer
  
  HTTP status code returned.
- success boolean
  
  Indicates if the bulk action was successful.
400 application/json

Generic Error
Hide response attributes Show response attributes object
- error string
  
  Error type or name.
- message string
  
  Detailed error message.
- statusCode number
  
  Status code of the response.

POST /api/security_ai_assistant/anonymization_fields/_bulk_action

curl \
 --request POST 'https://localhost:5601/api/security_ai_assistant/anonymization_fields/_bulk_action' \
 --header "Authorization: $API_KEY" \
 --header "Content-Type: application/json" \
 --data '{"create":[{"field":"host.name","allowed":true,"anonymized":false},{"field":"user.name","allowed":false,"anonymized":true}],"delete":{"ids":["field5","field6"],"query":"field: host.name"},"update":[{"id":"field8","allowed":true,"anonymized":false},{"id":"field9","allowed":false,"anonymized":true}]}'

Request example

{
  "create": [
    {
      "field": "host.name",
      "allowed": true,
      "anonymized": false
    },
    {
      "field": "user.name",
      "allowed": false,
      "anonymized": true
    }
  ],
  "delete": {
    "ids": [
      "field5",
      "field6"
    ],
    "query": "field: host.name"
  },
  "update": [
    {
      "id": "field8",
      "allowed": true,
      "anonymized": false
    },
    {
      "id": "field9",
      "allowed": false,
      "anonymized": true
    }
  ]
}

Response examples (200)

{
  "message": "Bulk action completed successfully",
  "success": true,
  "attributes": {
    "results": {
      "created": [
        {
          "id": "field2",
          "field": "host.name",
          "allowed": false,
          "createdAt": "2023-10-31T12:00:00Z",
          "createdBy": "user1",
          "namespace": "default",
          "timestamp": "2023-10-31T12:00:00Z",
          "updatedAt": "2023-10-31T12:00:00Z",
          "updatedBy": "user1",
          "anonymized": true
        }
      ],
      "deleted": [
        "field3"
      ],
      "skipped": [
        {
          "id": "field4",
          "name": "user.name",
          "skip_reason": "ANONYMIZATION_FIELD_NOT_MODIFIED"
        }
      ],
      "updated": [
        {
          "id": "field8",
          "field": "url.domain",
          "allowed": true,
          "createdAt": "2023-10-31T12:00:00Z",
          "createdBy": "user1",
          "namespace": "default",
          "timestamp": "2023-10-31T12:00:00Z",
          "updatedAt": "2023-10-31T12:00:00Z",
          "updatedBy": "user1",
          "anonymized": false
        }
      ]
    },
    "summary": {
      "total": 5,
      "failed": 1,
      "skipped": 1,
      "succeeded": 2
    }
  },
  "status_code": 200,
  "anonymization_fields_count": 5
}

Response examples (400)

{
  "error": "Bad Request",
  "message": "Invalid request body",
  "statusCode": 400
}