获取列表项
编辑获取列表项编辑
使用 id 或 list_id 和 value 字段检索列表项。
对于 ip 和 ip_range 列表容器,您可以检索多达 10,000 个列表项。
请求 URL编辑
GET <kibana 主机>:<端口>/api/lists/items
URL 查询参数编辑
URL 查询必须包含以下内容之一
-
id-GET /api/lists/items?id=<id> -
list_id和value-GET /api/lists/items?list_id=<list_id>&value=<value>
示例请求编辑
检索 id 为 internal-ip-address 的列表项
GET api/lists/items?id=internal-ip-excludes
检索 internal-ip-excludes 容器中 value 为 10.0.0.1 的列表项
GET api/lists/items?list_id=internal-ip-excludes&value=10.0.0.1
使用 CIDR 表示法从 ip 容器检索列表项
GET api/lists/items?list_id=internal-ip-excludes&value=127.0.0.0/30
从包含指定 IP 地址的 ip_range 容器检索列表项
GET api/lists/items?list_id=internal-ip-ranges&value=192.168.1.14
响应代码编辑
-
200 - 指示成功调用。
响应有效负载编辑
[
{
"created_at": "2020-08-11T11:22:13.669Z",
"created_by": "elastic",
"id": "aZdB3XMBx7pemMHopQ6L",
"list_id": "internal-ip-excludes",
"tie_breaker_id": "26115356-c2c2-4f1c-a4ed-19b81191775a",
"type": "ip",
"updated_at": "2020-08-11T11:22:13.669Z",
"updated_by": "elastic",
"value": "127.0.0.1"
},
{
"created_at": "2020-08-11T11:22:13.669Z",
"created_by": "elastic",
"id": "apdB3XMBx7pemMHopQ6L",
"list_id": "internal-ip-excludes",
"tie_breaker_id": "fa247f45-bf8b-48bc-b89d-5191cba096e6",
"type": "ip",
"updated_at": "2020-08-11T11:22:13.669Z",
"updated_by": "elastic",
"value": "127.0.0.2"
},
{
"created_at": "2020-08-11T11:22:13.670Z",
"created_by": "elastic",
"id": "a5dB3XMBx7pemMHopQ6L",
"list_id": "internal-ip-excludes",
"tie_breaker_id": "60edc3e4-9a79-4bff-b7dc-096b052797f8",
"type": "ip",
"updated_at": "2020-08-11T11:22:13.670Z",
"updated_by": "elastic",
"value": "127.0.0.3"
}
]