Open maximpn opened 2 weeks ago
Pinging @elastic/security-detections-response (Team:Detections and Resp)
Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)
Pinging @elastic/security-solution (Team: SecuritySolution)
Pinging @elastic/security-detection-engine (Team:Detection Engine)
Epic: https://github.com/elastic/security-team/issues/9398
Deadline: Jul 29, 2024 (see milestones in https://github.com/elastic/security-team/issues/9400)
Summary
As part of the Serverless project, we need to make sure OpenAPI specs for all public Detections API endpoints are correct. We want all the APIs documented before Serverless GA. Please look for more context in the epic.
During a Security Solution public API research we discovered that for some of the public Detections API endpoints we already have OpenAPI specs. We just need to make sure they are correct. Please see below what needs to be done exactly.
API endpoints
The following public API endpoints are available in both Serverless and ESS, and have OpenAPI specs:
GET /api/detection_engine/rules
POST /api/detection_engine/rules
PUT /api/detection_engine/rules
PATCH /api/detection_engine/rules
DELETE /api/detection_engine/rules
POST /api/detection_engine/rules/_bulk_action
POST /api/detection_engine/rules/_export
POST /api/detection_engine/rules/_import
GET /api/detection_engine/rules/_find
GET /api/detection_engine/tags
GET /api/detection_engine/rules/prepackaged/_status
PUT /api/detection_engine/rules/prepackaged
POST /api/detection_engine/signals/assignees
POST /api/exceptions/shared
The following public API endpoints are available in ESS only, and have OpenAPI specs:
POST /api/detection_engine/rules/_bulk_create
PUT /api/detection_engine/rules/_bulk_update
PATCH /api/detection_engine/rules/_bulk_update
DELETE /api/detection_engine/rules/_bulk_delete
To do