Lists index endpointedit
Before using exceptions and lists, use the index
endpoint to create .lists
and .items
system indices in the relevant
Kibana space.
For information about the permissions and privileges required to create
.lists
and .items
indices, see Enable and access detections.
Create indexedit
Creates .lists
and .items
indices. The indices naming convention is
.lists-<space name>
and .items-<space name>
.
Request URLedit
POST <kibana host>:<port>/api/lists/index
Example requestedit
Creates .lists
and .items
indices.
POST api/lists/index
Response codeedit
-
200
- Indicates a successful call.
Get indexedit
Verifies .lists
and .items
indices exist.
Request URLedit
GET <kibana host>:<port>/api/lists/index
Example requestedit
Verifies the lists
index for the Kibana security
exists:
GET api/lists/index
Response codeedit
-
200
- Indicates a successful call.
-
404
- Indicates no index exists.
Example responsesedit
Example response when the indices exist:
{ "list_index": true, "list_item_index": true }
Example response when the indices do not exist:
{ "message": "index .lists-default and index .items-default does not exist", "status_code": 404 }
Delete indexedit
Deletes the .lists
and .items
indices.
Request URLedit
DELETE <kibana host>:<port>/api/lists/index
Example requestedit
Deletes the .lists
and .items
indices:
DELETE api/lists/index
Response codeedit
-
200
- Indicates a successful call.