A newer version is available. For the latest information, see the current release documentation.
« Index endpoint Import rules »
Elastic Docs SIEM Guide [7.7] SIEM APIs Detections API

Tags endpoint

edit
IMPORTANT: This documentation is no longer updated. Refer to Elastic's version policy and the latest documentation.

Tags endpoint

edit

Aggregates and returns all rule tags.

Get tags

edit

Aggregates and returns all unique tags from all rules.

Request URL

edit

GET <kibana host>:<port>/api/detection_engine/tags

Example request
edit

Gets tags for all rules in the Kibana default space:

GET api/detection_engine/tags

Response code

edit
200
Indicates a successful call.
Example response
edit
[
  "zeek",
  "suricata",
  "windows",
  "linux",
  "network",
  "initial access",
  "remote access",
  "phishing"
]
« Index endpoint Import rules »