Upsert an asset criticality record
Create or update an asset criticality record for a specific entity.
If a record already exists for the specified entity, that record is overwritten with the specified value. If a record doesn't exist for the specified entity, a new record is created.
Body
Required
-
id_field
string Required Values are
host.name
,user.name
, orservice.name
. -
id_value
string Required The ID value of the asset.
-
criticality_level
string Required The criticality level of the asset.
Values are
low_impact
,medium_impact
,high_impact
, orextreme_impact
. -
refresh
string If 'wait_for' the request will wait for the index refresh.
Value is
wait_for
.
POST
/api/asset_criticality
curl \
--request POST http://localhost:5622/api/asset_criticality \
--header "Authorization: $API_KEY" \
--header "Content-Type: application/json" \
--data '{"id_field":"host.name","id_value":"my_host","criticality_level":"high_impact"}'
Request example
{
"id_field": "host.name",
"id_value": "my_host",
"criticality_level": "high_impact"
}
Response examples (200)
{
"host": {
"name": "my_host",
"asset": {
"criticality": "high_impact"
}
},
"asset": {
"criticality": "high_impact"
},
"id_field": "host.name",
"id_value": "my_host",
"@timestamp": "2024-08-02T11:15:34.290Z",
"criticality_level": "high_impact"
}