Upsert an asset criticality record
Create or update an asset criticality record for a specific entity.
If a record already exists for the specified entity, that record is overwritten with the specified value. If a record doesn't exist for the specified entity, a new record is created.
Body Required
-
Values are
host.name
,user.name
,service.name
, orrelated.entity
. -
The ID value of the asset.
-
The criticality level of the asset.
Values are
low_impact
,medium_impact
,high_impact
, orextreme_impact
. -
refresh string
If 'wait_for' the request will wait for the index refresh.
Value is
wait_for
.
POST
/api/asset_criticality
curl \
--request POST https://localhost:5601/api/asset_criticality \
--header "Content-Type: application/json" \
--data '{"id_field":"host.name","id_value":"my_host","criticality_level":"high_impact"}'
Request example
{
"id_field": "host.name",
"id_value": "my_host",
"criticality_level": "high_impact"
}
Response examples (200)
{
"host": {
"name": "my_host",
"asset": {
"criticality": "high_impact"
}
},
"asset": {
"criticality": "high_impact"
},
"id_field": "host.name",
"id_value": "my_host",
"@timestamp": "2024-08-02T11:15:34.290Z",
"criticality_level": "high_impact"
}