查找提示
编辑查找提示
编辑检索 Elastic AI 助手提示列表。
请求 URL
编辑GET <kibana 主机>:<端口>/api/security_ai_assistant/prompts/_find
URL 查询参数
编辑| 名称 | 类型 | 描述 | 必填 |
|---|---|---|---|
|
数字 |
要返回的页码。默认为 |
否 |
|
数字 |
每页返回的项目数。默认为 |
否 |
|
字符串 |
要应用于请求的过滤查询。 |
否 |
|
字符串 |
用于对结果排序的字段。有效值为
|
否 |
|
字符串 |
对结果排序的顺序。有效值为
|
否 |
|
字符串 |
定义要在响应中返回的文档字段。 |
否 |
示例请求
编辑示例 1
获取所有消费者的系统和快速(用户)提示列表。
GET api/security_ai_assistant/prompts/_find?page=1&per_page=100&filter=consumer%3A*
响应代码
编辑200 表示调用成功。
响应有效负载
编辑具有唯一 id 的 JSON 提示对象。
示例 1
提示响应有效负载
{
"perPage": 100,
"page": 1,
"total": 9,
"data": [
{
"timestamp": "2024-08-13T01:59:56.053Z",
"users": [
{
"id": "testid",
"name": "elastic"
}
],
"content": "As an expert in security operations and incident response, provide a breakdown of the attached alert and summarize what it might mean for my organization.",
"isDefault": true,
"updatedAt": "2024-08-13T01:59:56.053Z",
"id": "-R12SZEBYaDeA-NhnUyW",
"name": "Alert summarization",
"promptType": "quick",
"color": "#F68FBE",
"categories": [
"alert"
],
"consumer": "securitySolutionUI"
},
{
"timestamp": "2024-08-13T01:59:56.053Z",
"users": [
{
"id": "u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0",
"name": "elastic"
}
],
"content": "As an expert user of Elastic Security, please generate an accurate and valid ESQL query to detect the use case below. Your response should be formatted to be able to use immediately in an Elastic Security timeline or detection rule. Take your time with the answer, check your knowledge really well on all the functions I am asking for. For ES|QL answers specifically, you should only ever answer with what's available in your private knowledge. I cannot afford for queries to be inaccurate. Assume I am using the Elastic Common Schema and Elastic Agent.\n\nEnsure the answers are formatted in a way which is easily copyable as a separate code block in markdown.",
"isDefault": true,
"updatedAt": "2024-08-13T01:59:56.053Z",
"id": "-h12SZEBYaDeA-NhnUyW",
"name": "ES|QL Query Generation",
"promptType": "quick",
"color": "#9170B8",
"categories": [
"knowledge-base"
],
"consumer": "securitySolutionUI"
},
{
"timestamp": "2024-08-13T01:59:56.053Z",
"users": [
{
"id": "testid",
"name": "elastic"
}
],
"content": "As an expert user of Elastic Security, please generate an accurate and valid EQL query to detect the use case below. Your response should be formatted to be able to use immediately in an Elastic Security timeline or detection rule. If Elastic Security already has a prebuilt rule for the use case, or a similar one, please provide a link to it and describe it.",
"isDefault": true,
"updatedAt": "2024-08-13T01:59:56.053Z",
"id": "-x12SZEBYaDeA-NhnUyW",
"name": "Query generation",
"promptType": "quick",
"color": "#7DDED8",
"categories": [
"detection-rules"
],
"consumer": "securitySolutionUI"
},
{
"timestamp": "2024-08-13T01:59:56.053Z",
"users": [
{
"id": "testid",
"name": "elastic"
}
],
"content": "As an expert user of Elastic Security, please suggest a workflow, with step by step instructions on how to:",
"isDefault": true,
"updatedAt": "2024-08-13T01:59:56.053Z",
"id": "_B12SZEBYaDeA-NhnUyW",
"name": "Workflow suggestions",
"promptType": "quick",
"color": "#36A2EF",
"consumer": "securitySolutionUI"
},
{
"timestamp": "2024-08-13T01:59:56.053Z",
"users": [
{
"id": "testid",
"name": "elastic"
}
],
"content": "As an expert user of Elastic Security, Elastic Agent, and Ingest pipelines, please list accurate and formatted, step by step instructions on how to ingest the following data using Elastic Agent and Fleet in Kibana and convert it to the Elastic Common Schema:",
"isDefault": true,
"updatedAt": "2024-08-13T01:59:56.053Z",
"id": "_R12SZEBYaDeA-NhnUyW",
"name": "Custom data ingestion helper",
"promptType": "quick",
"color": "#F3D371",
"categories": [
"event"
],
"consumer": "securitySolutionUI"
},
{
"timestamp": "2024-08-13T01:59:56.053Z",
"users": [
{
"id": "testid",
"name": "elastic"
}
],
"content": "I have the following query from a previous SIEM platform. As an expert user of Elastic Security, please suggest an Elastic EQL equivalent. I should be able to copy it immediately into an Elastic security timeline.",
"isDefault": true,
"updatedAt": "2024-08-13T01:59:56.053Z",
"id": "_h12SZEBYaDeA-NhnUyW",
"name": "Query conversion",
"promptType": "quick",
"color": "#BADA55",
"consumer": "securitySolutionUI"
},
{
"timestamp": "2024-08-13T01:59:56.053Z",
"users": [
{
"id": "testid",
"name": "elastic"
}
],
"content": "Which Fleet enabled Elastic Agent integration should I use to collect logs and events from:",
"isDefault": true,
"updatedAt": "2024-08-13T01:59:56.053Z",
"id": "_x12SZEBYaDeA-NhnUyW",
"name": "Agent integration advice",
"promptType": "quick",
"color": "#FFA500",
"consumer": "securitySolutionUI"
},
{
"timestamp": "2024-08-13T01:59:56.053Z",
"users": [
{
"id": "testid",
"name": "elastic"
}
],
"content": "You are a helpful, expert assistant who answers questions about Elastic Security. Do not answer questions unrelated to Elastic Security.\nIf you answer a question related to KQL, EQL, or ES|QL, it should be immediately usable within an Elastic Security timeline; please always format the output correctly with back ticks. Any answer provided for Query DSL should also be usable in a security timeline. This means you should only ever include the \"filter\" portion of the query.",
"isDefault": true,
"isNewConversationDefault": true,
"updatedAt": "2024-08-13T01:59:56.053Z",
"id": "AB12SZEBYaDeA-NhnU2W",
"name": "Default system prompt",
"promptType": "system",
"consumer": "securitySolutionUI"
},
{
"timestamp": "2024-08-13T01:59:56.053Z",
"users": [
{
"id": "testid",
"name": "elastic"
}
],
"content": "You are a helpful, expert assistant who answers questions about Elastic Security. Do not answer questions unrelated to Elastic Security.\nProvide the most detailed and relevant answer possible, as if you were relaying this information back to a cyber security expert.\nIf you answer a question related to KQL, EQL, or ES|QL, it should be immediately usable within an Elastic Security timeline; please always format the output correctly with back ticks. Any answer provided for Query DSL should also be usable in a security timeline. This means you should only ever include the \"filter\" portion of the query.",
"isDefault": true,
"updatedAt": "2024-08-13T01:59:56.053Z",
"id": "AR12SZEBYaDeA-NhnU2W",
"name": "Enhanced system prompt",
"promptType": "system",
"consumer": "securitySolutionUI"
}
]
}