导出异常列表
编辑导出异常列表
编辑将异常列表及其关联项导出到 .ndjson
文件。
请求 URL
编辑POST <kibana 主机>:<端口>/api/exception_lists/_export
URL 查询参数
编辑名称 | 类型 | 描述 | 必填 |
---|---|---|---|
|
字符串 |
异常列表的 ID。 |
是。 |
|
字符串 |
异常列表的列表 ID。 |
是。 |
|
字符串 |
确定导出的异常列表是与单个 Kibana 空间关联还是在所有空间中可用,使用以下其中之一
|
否,默认为 |
|
布尔值 |
确定是否在导出的列表中包含已过期的异常。 |
否,默认为 |
示例请求
编辑导出 id
值为 b590e8f0-43fa-11eb-ad0b-97969c856022
且 list_id
值为 4fcd2765-0ba8-4048-8a65-27afcab72b12
的异常列表,与单个 Kibana 空间关联。
POST api/exception_lists/_export?id=b590e8f0-43fa-11eb-ad0b-97969c856022&list_id=4fcd2765-0ba8-4048-8a65-27afcab72b12&namespace_type=single
响应代码
编辑-
200
- 指示调用成功。
示例 .ndjson
文件
编辑{"_version":"WzgxLDFd","created_at":"2020-12-22T02:09:23.199Z","created_by":"elastic","description":"test","id":"b590e8f0-43fa-11eb-ad0b-97969c856022","immutable":false,"list_id":"4fcd2765-0ba8-4048-8a65-27afcab72b12","name":"Test Exception List","namespace_type":"single","os_types":[],"tags":[],"tie_breaker_id":"0437982d-4f48-4bcd-ab78-3a9b0696bae9","type":"detection","updated_at":"2020-12-22T02:09:23.257Z","updated_by":"elastic","version":1} {"_version":"Wzg5LDFd","comments":[],"created_at":"2020-12-22T02:09:48.419Z","created_by":"elastic","description":"test - exception list item","entries":[{"field":"host.name","type":"match","operator":"included","value":"siem-kibana"}],"id":"c4992d30-43fa-11eb-ad0b-97969c856022","item_id":"0f9edfd7-a5b0-4974-b5de-f949b7b89465","list_id":"4fcd2765-0ba8-4048-8a65-27afcab72b12","name":"Test - exception list item","namespace_type":"single","os_types":[],"tags":[],"tie_breaker_id":"56564ed3-c85d-4399-b6ea-cd12617530bd","type":"simple","updated_at":"2020-12-22T02:09:48.486Z","updated_by":"elastic"} {"exception_list_items_details":{"exported_count":1}}