Kibana
kibanaKibana is a visualization and analytics platform for Elasticsearch, offering dashboards, data exploration, and monitoring capabilities for gaining insights from data
Acciones disponibles (49)
Cada acción es una operación que el agente puede ejecutar contra este conector. Haz clic en una acción para ver sus parámetros.
Delete ActionKIBANA_DELETE_ACTIONAcciónTool to delete an action in kibana. use when you need to remove a specific action by its id, optionally within a specific space.
KIBANA_DELETE_ACTIONAcciónTool to delete an action in kibana. use when you need to remove a specific action by its id, optionally within a specific space.
Parámetros de entrada
space_idstringThe space ID to delete the action from. If not provided, the default space is used.
action_idstringObligatorioThe ID of the action to delete.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Delete Alerting RuleKIBANA_DELETE_ALERTING_RULESAcciónTool to delete an alerting rule in kibana. use when you need to remove a specific alerting rule by its id.
KIBANA_DELETE_ALERTING_RULESAcciónTool to delete an alerting rule in kibana. use when you need to remove a specific alerting rule by its id.
Parámetros de entrada
idstringObligatorioThe ID of the rule to delete.
kbn_xsrfstringObligatorioA required header to protect against CSRF attacks.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Delete ConnectorKIBANA_DELETE_CONNECTORSAcciónTool to delete a connector in kibana. use when you need to remove an existing connector.
KIBANA_DELETE_CONNECTORSAcciónTool to delete a connector in kibana. use when you need to remove an existing connector.
Parámetros de entrada
idstringObligatorioThe unique identifier of the connector to be deleted.
space_idstringAn identifier for the space. If not provided, the default space is used.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Delete Fleet OutputKIBANA_DELETE_FLEET_OUTPUTAcciónTool to delete a specific output configuration in kibana fleet. use when you need to remove an existing output by its id.
KIBANA_DELETE_FLEET_OUTPUTAcciónTool to delete a specific output configuration in kibana fleet. use when you need to remove an existing output by its id.
Parámetros de entrada
kbn_xsrfstringA header to protect against Cross-Site Request Forgery (CSRF) attacks. Typically 'true' or a generated token.
output_idstringObligatorioThe ID of the output configuration to delete.
elastic_api_versionstringSpecifies the API version to use. Defaults to '2023-10-31' if not provided.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Delete Fleet ProxyKIBANA_DELETE_FLEET_PROXYAcciónTool to delete a specific fleet proxy configuration by its id. use when you need to remove an existing proxy setup.
KIBANA_DELETE_FLEET_PROXYAcciónTool to delete a specific fleet proxy configuration by its id. use when you need to remove an existing proxy setup.
Parámetros de entrada
kbnXsrfstringA header to protect against Cross-Site Request Forgery (CSRF) attacks. Typically 'true' or a generated token.
proxyIdstringObligatorioThe ID of the proxy configuration to delete.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Delete ListKIBANA_DELETE_LISTAcciónDeletes a list. use when you want to delete a list by its id.
KIBANA_DELETE_LISTAcciónDeletes a list. use when you want to delete a list by its id.
Parámetros de entrada
idstringObligatorioList's id value.
delete_referencesbooleanDetermines whether exception items referencing this value list should be deleted.
ignore_referencesbooleanDetermines whether to delete value list without performing any additional checks of where this list may be utilized.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Delete Osquery Saved QueryKIBANA_DELETE_OSQUERY_SAVED_QUERIESAcciónTool to delete a saved osquery query by its id. use when you need to remove a specific osquery saved query.
KIBANA_DELETE_OSQUERY_SAVED_QUERIESAcciónTool to delete a saved osquery query by its id. use when you need to remove a specific osquery saved query.
Parámetros de entrada
idstringObligatorioThe ID of the saved Osquery query to delete.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Delete Saved ObjectKIBANA_DELETE_SAVED_OBJECTSAcciónTool to delete a saved object in kibana. use when you need to remove a specific saved object like a visualization or dashboard.
KIBANA_DELETE_SAVED_OBJECTSAcciónTool to delete a saved object in kibana. use when you need to remove a specific saved object like a visualization or dashboard.
Parámetros de entrada
idstringObligatorioThe ID of the saved object to delete.
typestringObligatorioThe type of the saved object.
forcebooleanWhen true, forces the deletion of objects that exist in multiple namespaces.
kbn_xsrfstringA required header to protect against CSRF attacks. Defaults to 'true'.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Find Kibana AlertsKIBANA_FIND_ALERTSAcciónTool to find and/or aggregate detection alerts in kibana. use this to retrieve a list of alerts, optionally filtering them with a query and performing aggregations.
KIBANA_FIND_ALERTSAcciónTool to find and/or aggregate detection alerts in kibana. use this to retrieve a list of alerts, optionally filtering them with a query and performing aggregations.
Parámetros de entrada
aggsobjectDefines aggregations to be performed. Refer to Elasticsearch aggregation documentation.
sizeintegerNumber of alerts to return. Defaults to a server-side limit if not specified.
queryobjectObligatorioElasticsearch query to filter alerts. For example, to match all alerts: {"match_all": {}}
runtime_mappingsobjectDefines runtime fields. Refer to Elasticsearch runtime fields documentation.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Action TypesKIBANA_GET_ACTION_TYPESAcciónTool to fetch the list of available action types (e.g., '.slack', '.email', '.webhook') in kibana. use this to discover the 'actiontypeid' needed when creating a new action.
KIBANA_GET_ACTION_TYPESAcciónTool to fetch the list of available action types (e.g., '.slack', '.email', '.webhook') in kibana. use this to discover the 'actiontypeid' needed when creating a new action.
Parámetros de entrada
Sin parámetros.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Alerting RulesKIBANA_GET_ALERTING_RULESAcciónTool to retrieve a list of alerting rules in kibana. use when you need to get a paginated set of rules based on specified conditions.
KIBANA_GET_ALERTING_RULESAcciónTool to retrieve a list of alerting rules in kibana. use when you need to get a paginated set of rules based on specified conditions.
Parámetros de entrada
pageintegerPage number to return. Minimum value is 1; default is 1.
fieldsstring[]Fields to return in the `attributes` key of the response.
filterstringA KQL string to filter with an attribute from your saved object.
searchstringAn Elasticsearch `simple_query_string` to filter the rules.
per_pageintegerNumber of rules to return per page. Minimum value is 0; default is 10.
sort_fieldstringField used to sort the results; must exist in the `attributes` key of the response.
sort_orderstringenumSort order.
ascdeschas_referenceobjectFilters rules with a relation to reference objects of a specific type and identifier.
search_fieldsstring[]Fields to perform the `simple_query_string` query against.
filter_consumersstring[]List of consumers to filter.
default_search_operatorstringenumDefault operator for the `simple_query_string`. Default is `OR`.
ORAND
Parámetros de salida
dataobject[]ObligatorioArray of rule objects.
pageintegerObligatorioCurrent page number.
errorstringError if any occurred during the execution of the action
totalintegerObligatorioTotal number of rules matching the query.
per_pageintegerObligatorioNumber of rules returned per page.
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Alert TypesKIBANA_GET_ALERT_TYPESAcciónTool to retrieve available alert types in kibana. use when you need to get a list of all possible alert types and their metadata.
KIBANA_GET_ALERT_TYPESAcciónTool to retrieve available alert types in kibana. use when you need to get a list of all possible alert types and their metadata.
Parámetros de entrada
Sin parámetros.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get CasesKIBANA_GET_CASESAcciónTool to retrieve a list of cases in kibana. use when you need to find or list existing security or operational cases, potentially filtering by various attributes like status, assignee, or severity.
KIBANA_GET_CASESAcciónTool to retrieve a list of cases in kibana. use when you need to find or list existing security or operational cases, potentially filtering by various attributes like status, assignee, or severity.
Parámetros de entrada
pageintegerThe page number of objects to return.
tagsstring[]Filters cases by tags.
ownerstring[]Filters cases by owner. Valid values are `cases`, `observability`, and `securitySolution`.
searchstringFilters response objects using an Elasticsearch `simple_query_string` query.
statusstringenumFilters cases by status.
openin-progressclosedperPageintegerThe number of objects to return per page.
severitystringenumFilters cases by severity.
criticalhighmediumlowassigneesstring[]Filters the returned cases by assignees. Valid values are `none` or unique identifiers for the user profiles.
reportersstring[]Filters cases by reporters' usernames.
sortFieldstringenumDetermines which field to sort results by.
createdAtupdatedAtsortOrderstringenumDetermines the sorting order.
ascdescsearchFieldsstring[]Fields to perform the `simple_query_string` parsed query against.
to_date_paramstringReturns cases created before a specific date (ISO 8601 format).
from_date_paramstringReturns cases created after a specific date (ISO 8601 format).
defaultSearchOperatorstringenumThe default operator to use for the `simple_query_string`.
ORAND
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get All ConnectorsKIBANA_GET_CONNECTORSAcciónTool to retrieve a list of all connectors in kibana. use this tool when you need to get information about available connectors.
KIBANA_GET_CONNECTORSAcciónTool to retrieve a list of all connectors in kibana. use this tool when you need to get information about available connectors.
Parámetros de entrada
space_idstringAn identifier for the space. If not provided, the default space is used.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Data ViewsKIBANA_GET_DATA_VIEWSAcciónTool to retrieve a list of data views available in kibana. use when you need to get a list of available data views, optionally filtering by a name pattern.
KIBANA_GET_DATA_VIEWSAcciónTool to retrieve a list of data views available in kibana. use when you need to get a list of available data views, optionally filtering by a name pattern.
Parámetros de entrada
patternstringA pattern to filter data views by name.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Find Detection Engine RulesKIBANA_GET_DETECTION_ENGINE_RULES_FINDAcciónRetrieves a list of detection engine rules based on specified criteria. use this tool to find detection rules.
KIBANA_GET_DETECTION_ENGINE_RULES_FINDAcciónRetrieves a list of detection engine rules based on specified criteria. use this tool to find detection rules.
Parámetros de entrada
pageintegerPage number. Must be greater than or equal to 1. Defaults to 1.
fieldsstring[]Specifies which fields to include in the response.
filterstringFilters the returned results based on specified criteria. Example: 'kql_query_here' or 'saved_query_id:some_id'.
per_pageintegerNumber of rules per page. Must be greater than or equal to 0. Defaults to 20.
sort_fieldstringField to sort by.
sort_orderstringenumSort order. Defaults to desc.
ascdescgaps_range_endstringGaps range end. ISO 8601 date string.
gaps_range_startstringGaps range start. ISO 8601 date string.
Parámetros de salida
dataobject[]ObligatorioArray of detection rules.
pageintegerObligatorioCurrent page number.
errorstringError if any occurred during the execution of the action
totalintegerObligatorioTotal number of rules found.
perPageintegerObligatorioNumber of rules per page.
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Endpoint List ItemsKIBANA_GET_ENDPOINT_LIST_ITEMSAcciónTool to retrieve all items from an endpoint exception list. use when you need to get a list of endpoint exceptions, for example, to check existing exceptions before adding a new one.
KIBANA_GET_ENDPOINT_LIST_ITEMSAcciónTool to retrieve all items from an endpoint exception list. use when you need to get a list of endpoint exceptions, for example, to check existing exceptions before adding a new one.
Parámetros de entrada
pageintegerPage number to return. Minimum value is 0.
filterstringFilters results using `<field name>:<field value>` syntax. Minimum length is 1.
per_pageintegerNumber of items per page. Minimum value is 0.
sort_fieldstringField used to sort results. Minimum length is 1.
sort_orderstringenumSort order, either `desc` or `asc`.
descasc
Parámetros de salida
pitstringPoint-in-time ID for search.
dataobject[]ObligatorioList of endpoint list items.
pageintegerObligatorioCurrent page number.
errorstringError if any occurred during the execution of the action
totalintegerObligatorioTotal number of items.
per_pageintegerObligatorioNumber of items per page.
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Entity Store EnginesKIBANA_GET_ENTITY_STORE_ENGINESAcciónRetrieves the list of engines from the entity store.
KIBANA_GET_ENTITY_STORE_ENGINESAcciónRetrieves the list of engines from the entity store.
Parámetros de entrada
Sin parámetros.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
List Entity Store EntitiesKIBANA_GET_ENTITY_STORE_ENTITIES_LISTAcciónTool to list entity records in the entity store with support for paging, sorting, and filtering. use when you need to retrieve a list of entities such as users, hosts, or services.
KIBANA_GET_ENTITY_STORE_ENTITIES_LISTAcciónTool to list entity records in the entity store with support for paging, sorting, and filtering. use when you need to retrieve a list of entities such as users, hosts, or services.
Parámetros de entrada
pageintegerPage number, minimum value is 1.
per_pageintegerNumber of records per page, minimum value is 1, maximum value is 10000.
sort_fieldstringField to sort by.
sort_orderstringenumSort order, either 'asc' or 'desc'.
ascdescfilterQuerystringElasticsearch query to filter results.
entity_typesstring[]ObligatorioTypes of entities to list; valid values are 'user', 'host', or 'service'.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Entity Store StatusKIBANA_GET_ENTITY_STORE_STATUSAcciónTool to retrieve the status of the entity store in kibana. use this to check if the entity store is operational.
KIBANA_GET_ENTITY_STORE_STATUSAcciónTool to retrieve the status of the entity store in kibana. use this to check if the entity store is operational.
Parámetros de entrada
Sin parámetros.
Parámetros de salida
dataobjectThe status details of the entity store.
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Fleet Agent PoliciesKIBANA_GET_FLEET_AGENT_POLICIESAcciónFetches a list of agent policies in fleet. use when you need to retrieve agent policy configurations.
KIBANA_GET_FLEET_AGENT_POLICIESAcciónFetches a list of agent policies in fleet. use when you need to retrieve agent policy configurations.
Parámetros de entrada
pageintegerPage number.
kuerystringKQL filter for agent policies.
perPageintegerItems per page.
sortFieldstringField to sort by.
sortOrderstringenumOrder to sort: asc or desc.
ascdesc
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Fleet Agents Available VersionsKIBANA_GET_FLEET_AGENTS_AVAILABLE_VERSIONSAcciónTool to retrieve the available versions for fleet agents. use when you need to get a list of all available elastic agent versions.
KIBANA_GET_FLEET_AGENTS_AVAILABLE_VERSIONSAcciónTool to retrieve the available versions for fleet agents. use when you need to get a list of all available elastic agent versions.
Parámetros de entrada
elastic-api-versionstringSpecifies the API version to use.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Fleet Agents Setup StatusKIBANA_GET_FLEET_AGENTS_SETUP_STATUSAcciónTool to check if the fleet agents are set up. use when you need to verify the fleet agent setup status.
KIBANA_GET_FLEET_AGENTS_SETUP_STATUSAcciónTool to check if the fleet agents are set up. use when you need to verify the fleet agent setup status.
Parámetros de entrada
Sin parámetros.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Check Fleet PermissionsKIBANA_GET_FLEET_CHECK_PERMISSIONSAcciónTool to check the permissions for the fleet api. use when you need to verify if the current user has the necessary privileges for fleet operations.
KIBANA_GET_FLEET_CHECK_PERMISSIONSAcciónTool to check the permissions for the fleet api. use when you need to verify if the current user has the necessary privileges for fleet operations.
Parámetros de entrada
fleetServerSetupbooleanIndicates if Fleet Server setup permissions should be checked.
elastic-api-versionstringSpecifies the API version to use.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Fleet Data StreamsKIBANA_GET_FLEET_DATA_STREAMSAcciónRetrieves the list of data streams in fleet.
KIBANA_GET_FLEET_DATA_STREAMSAcciónRetrieves the list of data streams in fleet.
Parámetros de entrada
typestringenumFilters data streams by type.
logsmetricstracessyntheticsprofilingsortOrderstringenumSpecifies the sort order of the results. Default is asc.
ascdescdatasetQuerystringFilters data streams by dataset name.
uncategorisedOnlybooleanIf set to true, returns only uncategorized data streams. Default is false.
elastic-api-versionstringSpecifies the API version to use. Default is 2023-10-31.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Fleet Enrollment API KeyKIBANA_GET_FLEET_ENROLLMENT_API_KEYAcciónTool to retrieve details of a specific enrollment api key by its id. use when you have the id of an enrollment api key and need its details.
KIBANA_GET_FLEET_ENROLLMENT_API_KEYAcciónTool to retrieve details of a specific enrollment api key by its id. use when you have the id of an enrollment api key and need its details.
Parámetros de entrada
key_idstringObligatorioThe ID of the enrollment API key to retrieve.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Fleet Enrollment API KeysKIBANA_GET_FLEET_ENROLLMENT_API_KEYSAcciónTool to fetch a list of enrollment api keys. use when you need to retrieve existing enrollment tokens for kibana fleet.
KIBANA_GET_FLEET_ENROLLMENT_API_KEYSAcciónTool to fetch a list of enrollment api keys. use when you need to retrieve existing enrollment tokens for kibana fleet.
Parámetros de entrada
pageintegerThe page number to return.
perPageintegerThe number of results to return per page.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Fleet EPM CategoriesKIBANA_GET_FLEET_EPM_CATEGORIESAcciónTool to fetch the list of categories in the elastic package manager. use when you need to retrieve available package categories.
KIBANA_GET_FLEET_EPM_CATEGORIESAcciónTool to fetch the list of categories in the elastic package manager. use when you need to retrieve available package categories.
Parámetros de entrada
prereleasebooleanIf true, include pre-release categories.
elastic_api_versionstringSpecifies the API version to use.
include_policy_templatesbooleanIf true, include policy templates in the response.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Fleet EPM Data StreamsKIBANA_GET_FLEET_EPM_DATA_STREAMSAcciónTool to retrieve the list of data streams in the elastic package manager. use when you need to get a list of available data streams, optionally filtering by type, dataset, or categorization.
KIBANA_GET_FLEET_EPM_DATA_STREAMSAcciónTool to retrieve the list of data streams in the elastic package manager. use when you need to get a list of available data streams, optionally filtering by type, dataset, or categorization.
Parámetros de entrada
typestringFilters data streams by type. Valid values are `logs`, `metrics`, `traces`, `synthetics`, or `profiling`.
sortOrderstringSpecifies the sort order of the results. Valid values are `asc` or `desc`.
datasetQuerystringFilters data streams by dataset name.
uncategorisedOnlybooleanIf set to `true`, returns only uncategorized data streams.
elastic-api-versionstringSpecifies the API version to use.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Fleet EPM Package DetailsKIBANA_GET_FLEET_EPM_PACKAGE_DETAILSAcciónTool to fetch details of a specific package and version in the elastic package manager (epm). use when you need to get information about a particular epm package, such as its title, description, or type.
KIBANA_GET_FLEET_EPM_PACKAGE_DETAILSAcciónTool to fetch details of a specific package and version in the elastic package manager (epm). use when you need to get information about a particular epm package, such as its title, description, or type.
Parámetros de entrada
package_namestringObligatorioThe name of the package.
package_versionstringObligatorioThe version of the package.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Fleet EPM Package FileKIBANA_GET_FLEET_EPM_PACKAGE_FILEAcciónTool to retrieve a specific file from a package in the elastic package manager. use when you need to inspect the contents of a package file.
KIBANA_GET_FLEET_EPM_PACKAGE_FILEAcciónTool to retrieve a specific file from a package in the elastic package manager. use when you need to inspect the contents of a package file.
Parámetros de entrada
pkgNamestringObligatorioThe name of the package.
filePathstringObligatorioThe path to the specific file within the package.
pkgVersionstringObligatorioThe version of the package.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Fleet EPM PackagesKIBANA_GET_FLEET_EPM_PACKAGESAcciónTool to fetch the list of available packages in the elastic package manager. use when you need to find available integrations or their details.
KIBANA_GET_FLEET_EPM_PACKAGESAcciónTool to fetch the list of available packages in the elastic package manager. use when you need to find available integrations or their details.
Parámetros de entrada
categorystringFilter packages by category.
prereleasebooleanInclude pre-release packages.
excludeInstallStatusbooleanExclude installation status information.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Installed EPM PackagesKIBANA_GET_FLEET_EPM_PACKAGES_INSTALLEDAcciónTool to retrieve the list of installed packages in the elastic package manager. use this when you need to check which packages are currently installed in fleet.
KIBANA_GET_FLEET_EPM_PACKAGES_INSTALLEDAcciónTool to retrieve the list of installed packages in the elastic package manager. use this when you need to check which packages are currently installed in fleet.
Parámetros de entrada
Sin parámetros.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Fleet EPM Packages (Limited)KIBANA_GET_FLEET_EPM_PACKAGES_LIMITEDAcciónTool to fetch a limited list of packages from the elastic package manager. use when you need to retrieve a list of available epm packages with minimal details.
KIBANA_GET_FLEET_EPM_PACKAGES_LIMITEDAcciónTool to fetch a limited list of packages from the elastic package manager. use when you need to retrieve a list of available epm packages with minimal details.
Parámetros de entrada
Sin parámetros.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get EPM Package StatisticsKIBANA_GET_FLEET_EPM_PACKAGE_STATSAcciónTool to retrieve statistics for a specific package in the elastic package manager. use when you need to get epm package statistics.
KIBANA_GET_FLEET_EPM_PACKAGE_STATSAcciónTool to retrieve statistics for a specific package in the elastic package manager. use when you need to get epm package statistics.
Parámetros de entrada
package_namestringObligatorioThe name of the package to retrieve statistics for.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Fleet Package PoliciesKIBANA_GET_FLEET_PACKAGE_POLICIESAcciónTool to retrieve a list of all package policies (agent & epm), providing their ids and associated details. use when you need to get an overview of existing package policies.
KIBANA_GET_FLEET_PACKAGE_POLICIESAcciónTool to retrieve a list of all package policies (agent & epm), providing their ids and associated details. use when you need to get an overview of existing package policies.
Parámetros de entrada
pageintegerPage number for pagination.
kuerystringKQL query to filter results.
formatstringenumResponse format.
simplifiedlegacyperPageintegerNumber of items per page.
sortFieldstringField to sort by.
sortOrderstringenumSort order.
ascdescwithAgentCountbooleanInclude agent count in response.
showUpgradeablebooleanShow upgradeable packages.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Fleet Server HostKIBANA_GET_FLEET_SERVER_HOSTAcciónTool to fetch details of a specific fleet server host by its item id. use when you need to get information about a particular fleet server host.
KIBANA_GET_FLEET_SERVER_HOSTAcciónTool to fetch details of a specific fleet server host by its item id. use when you need to get information about a particular fleet server host.
Parámetros de entrada
host_idstringObligatorioThe ID of the Fleet server host to retrieve.
elastic_api_versionstringSpecifies the API version to use.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Fleet Server HostsKIBANA_GET_FLEET_SERVER_HOSTSAcciónTool to retrieve the list of fleet server hosts. use when you need to get information about the available fleet server hosts.
KIBANA_GET_FLEET_SERVER_HOSTSAcciónTool to retrieve the list of fleet server hosts. use when you need to get information about the available fleet server hosts.
Parámetros de entrada
pageintegerPage number of the results to return.
perPageintegerNumber of results to return per page.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Index Management IndicesKIBANA_GET_INDEX_MANAGEMENT_INDICESAcciónTool to fetch information about indices managed by kibana's index management feature. it queries the underlying elasticsearch / cat/indices api to retrieve index details. use when you need to list or get details about one or more indices in the cluster.
KIBANA_GET_INDEX_MANAGEMENT_INDICESAcciónTool to fetch information about indices managed by kibana's index management feature. it queries the underlying elasticsearch / cat/indices api to retrieve index details. use when you need to list or get details about one or more indices in the cluster.
Parámetros de entrada
hstringA comma-separated string of column names to display. If not provided, a default set of columns is shown. Example: 'index,health,status,docs.count,store.size'.
sstringA comma-separated string of column names or column aliases to sort by. For example, 'index,health'.
pribooleanIf true, only shows information about primary shards.
bytesstringenumThe unit in which to display byte values.
bkkbmmbggbttbppbindexstringA comma-separated string of index names or wildcard expressions to limit the returned information. For example, 'my-index-*,another-index'. If not provided, information for all indices is returned.
healthstringenumThe health status to filter indices by (green, yellow, or red).
greenyellowredexpand_wildcardsstringenumType of index that wildcard patterns can match. Supports comma-separated values, e.g., 'open,hidden'. 'all' matches all indices by default.
openclosedhiddennoneall
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Node MetricsKIBANA_GET_METRICSAcciónTool to retrieve statistics for nodes in an elasticsearch cluster, often visualized in kibana. use when you need to monitor node health, performance, or resource usage. this action calls the elasticsearch nodes stats api.
KIBANA_GET_METRICSAcciónTool to retrieve statistics for nodes in an elasticsearch cluster, often visualized in kibana. use when you need to monitor node health, performance, or resource usage. this action calls the elasticsearch nodes stats api.
Parámetros de entrada
levelstringenumIndicates whether statistics are aggregated at the cluster, index, or shard level.
clusterindicesshardstypesstringA comma-separated list of document types for the indexing index metric.
fieldsstringComma-separated list or wildcard expressions of fields to include in the statistics.
groupsbooleanIf true, includes search group statistics.
metricstringComma-separated list of metrics to retrieve. Examples: jvm, os, process, indices, fs, http, transport, breaker, thread_pool, ingest.
node_idstringComma-separated list of node IDs or names to limit the returned information. Special values like '_all', '_local', '_master' can be used.
timeoutstringPeriod to wait for a response. If no response is received before the timeout expires, the request fails and returns an error.
fielddata_fieldsstringComma-separated list or wildcard expressions of fields to include in fielddata statistics.
completion_fieldsstringComma-separated list or wildcard expressions of fields to include in completion suggester statistics.
include_unloaded_segmentsbooleanIf true, the response includes information from segments that are not loaded into memory.
include_segment_file_sizesbooleanIf true, the call reports the aggregated disk usage of each one of the Lucene index files (only applies if segment stats are requested).
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Reporting JobsKIBANA_GET_REPORTING_JOBSAcciónTool to retrieve a list of reporting jobs in kibana. use when you need to see pending or completed reports. this uses an internal api endpoint, which might be subject to change without notice.
KIBANA_GET_REPORTING_JOBSAcciónTool to retrieve a list of reporting jobs in kibana. use when you need to see pending or completed reports. this uses an internal api endpoint, which might be subject to change without notice.
Parámetros de entrada
Sin parámetros.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Saved ObjectsKIBANA_GET_SAVED_OBJECTSAcciónTool to retrieve a list of saved objects in kibana based on specified criteria. use when you need to find dashboards, visualizations, index patterns, or other saved entities.
KIBANA_GET_SAVED_OBJECTSAcciónTool to retrieve a list of saved objects in kibana based on specified criteria. use when you need to find dashboards, visualizations, index patterns, or other saved entities.
Parámetros de entrada
pageintegerThe page number to return.
typestringObligatorioThe type or types of saved objects to find. For example, 'dashboard', 'visualization', or ['index-pattern', 'search'].
fieldsstring[]The fields to return in the response for each saved object. Can be a single field or a list of fields.
filterstringA Kibana Query Language (KQL) filter string to apply. For example, 'type:dashboard and attributes.title:"My Dashboard"'.
searchstringA search string to filter objects by. Searches the title and description fields by default.
per_pageintegerThe number of objects to return per page.
sort_fieldstringThe field to sort the results by. By default, sorts by relevance if 'search' is provided, otherwise by type and then ID.
sort_orderstringenumThe order to sort the results by, if 'sort_field' is provided. Defaults to 'desc' if 'sort_field' is 'update_at', otherwise 'asc'.
ascdeschas_referenceobjectFilters objects based on the presence of a reference. Expects an object with 'type' and 'id' keys. For example, {'type': 'index-pattern', 'id': 'my-index-pattern'}.
search_fieldsstring[]The fields to search when the 'search' parameter is provided. Can be a single field or a list of fields.
root_search_fieldsstring[]A list of fields to search at the root level of the saved object, in addition to 'search_fields' which target attributes. Useful for fields like 'id' or 'type'.
default_search_operatorstringenumThe default operator to use for the 'search' query. Defaults to 'OR'.
ORAND
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Get Kibana StatusKIBANA_GET_STATUSAcciónTool to get the current status of kibana. use when you need to check if kibana is healthy, monitor its state, or get information about the kibana instance including version, uuid, and metrics.
KIBANA_GET_STATUSAcciónTool to get the current status of kibana. use when you need to check if kibana is healthy, monitor its state, or get information about the kibana instance including version, uuid, and metrics.
Parámetros de entrada
Sin parámetros.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Create Alerting RuleKIBANA_POST_ALERTING_RULESAcciónTool to create a new alerting rule in kibana. use when you need to define a new condition that, when met, triggers an alert and potentially executes predefined actions.
KIBANA_POST_ALERTING_RULESAcciónTool to create a new alerting rule in kibana. use when you need to define a new condition that, when met, triggers an alert and potentially executes predefined actions.
Parámetros de entrada
namestringObligatorioThe name of the rule. While not required to be unique, a distinctive name can help identify a rule.
tagsstring[]The tags for the rule. Default is an empty array.
paramsobjectObligatorioThe parameters for the rule.
actionsobject[]An array of action objects. Default is an empty array.
enabledbooleanIndicates whether to run the rule on an interval basis after it is created. Default is true.
rule_idstringThe identifier for the rule. If omitted, an ID is randomly generated.
consumerstringObligatorioThe name of the application or feature that owns the rule. Examples include `alerts`, `apm`, `discover`, `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, `securitySolution`, `siem`, `stackAlerts`, or `uptime`.
scheduleobjectObligatorioThe check interval, specifying how frequently the rule conditions are checked.
throttlestringDefines how often an alert generates repeated actions. Applicable only if notify_when is set to onThrottleInterval. Examples: '''10s''', '''5m''', '''1h'''.
notify_whenstringObligatorioIndicates how often alerts generate actions. Valid values include `onActionGroupChange`, `onActiveAlert`, or `onThrottleInterval`.
rule_type_idstringObligatorioThe rule type identifier.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Create CaseKIBANA_POST_CASESAcciónTool to create a new case in kibana. use when you need to open and track issues, incidents, or investigations. you can assign users, set severity levels, add tags, and configure external connectors for integration with itsm systems.
KIBANA_POST_CASESAcciónTool to create a new case in kibana. use when you need to open and track issues, incidents, or investigations. you can assign users, set severity levels, add tags, and configure external connectors for integration with itsm systems.
Parámetros de entrada
tagsstring[]Tags for the case
ownerstringObligatorioenumThe application that owns the cases: Stack Management, Observability, or Elastic Security.
casesobservabilitysecuritySolutiontitlestringObligatorioA title for the case.
categorystringA word or phrase that categorizes the case.
settingsobjectObligatorioAn object that contains the case settings.
severitystringenumThe severity of the case.
criticalhighmediumlowassigneesobject[]Assignees of the case
connectorobjectObligatorioDefines properties for connectors. Use .none type to create a case without a connector.
descriptionstringObligatorioThe description for the case.
customFieldsobject[]Custom fields for the case
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Create Kibana ConnectorKIBANA_POST_CONNECTORSAcciónTool to create a new connector in kibana. use when you need to integrate kibana with an external service.
KIBANA_POST_CONNECTORSAcciónTool to create a new connector in kibana. use when you need to integrate kibana with an external service.
Parámetros de entrada
idstringObligatorioAn identifier for the connector.
namestringObligatorioThe display name for the connector.
configobjectThe connector configuration details.
secretsobjectThe connector secrets.
kbn-xsrfstringA header to protect against CSRF attacks. Default is "true".
connector_type_idstringObligatorioThe type of connector.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Create DashboardKIBANA_POST_DASHBOARDSAcciónTool to create a new dashboard in kibana. use when you need to create a dashboard to visualize data. dashboards can contain visualizations, saved searches, and other embeddable objects.
KIBANA_POST_DASHBOARDSAcciónTool to create a new dashboard in kibana. use when you need to create a dashboard to visualize data. dashboards can contain visualizations, saved searches, and other embeddable objects.
Parámetros de entrada
spacesstring[]Spaces where the dashboard is available
attributesobjectObligatorioDashboard attributes
referencesobject[]References to other saved objects
dashboard_idstringOptional dashboard ID. If not provided, one will be generated
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Create Data ViewKIBANA_POST_DATA_VIEWSAcciónTool to create a new data view (index pattern) in kibana. use when you need to define which elasticsearch indices to query and analyze in kibana. data views determine which fields are available in discover, visualize, and other kibana apps.
KIBANA_POST_DATA_VIEWSAcciónTool to create a new data view (index pattern) in kibana. use when you need to define which elasticsearch indices to query and analyze in kibana. data views determine which fields are available in discover, visualize, and other kibana apps.
Parámetros de entrada
overridebooleanOverride an existing data view if it exists
data_viewobjectObligatorioData view specification
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not
Create or Update Saved ObjectKIBANA_POST_SAVED_OBJECTSAcciónTool to create or update a saved object in kibana. use when you need to programmatically manage kibana dashboards, visualizations, index patterns, etc.
KIBANA_POST_SAVED_OBJECTSAcciónTool to create or update a saved object in kibana. use when you need to programmatically manage kibana dashboards, visualizations, index patterns, etc.
Parámetros de entrada
space_idstringThe ID of the space to create or update the object in. If not specified, the default space is used.
object_idstringThe ID of the saved object. If an ID is not provided, a randomly generated ID is assigned.
overwritebooleanWhen true, overwrites the document with the same ID. When false, if a document with the specified ID already exists, the request returns a 409 conflict.
attributesobjectObligatorioThe attributes of the saved object. The content of this object varies depending on the `type`.
referencesobject[]Objects that this object references. Each reference object must contain `name`, `type`, and `id` fields.
object_typestringObligatorioThe type of the saved object. For example, `dashboard`, `visualization`, `index-pattern`, etc.
Parámetros de salida
dataobjectObligatorioData from the action execution
errorstringError if any occurred during the execution of the action
successfulbooleanObligatorioWhether or not the action execution was successful or not