Create a value list item
Create a value list item and associate it with the specified value list.
All value list items in the same list must be the same type. For example, each list item in an ip
list must define a specific IP address.
Before creating a list item, you must create a list.
Body Required
Value list item's properties
-
id string(nonempty)
Value list item's identifier.
Minimum length is
1
. -
Value list's identifier.
Minimum length is
1
. -
meta object
Placeholder for metadata about the value list item.
Additional properties are allowed.
-
refresh string
Determines when changes made by the request are made visible to search.
Values are
true
,false
, orwait_for
. -
The value used to evaluate exceptions.
Minimum length is
1
.
Responses
-
200 application/json
Successful response
-
400 application/json
Invalid input data response
-
401 application/json
Unsuccessful authentication response
-
403 application/json
Not enough privileges response
-
404 application/json
Not enough privileges response
-
409 application/json
List item already exists response
-
500 application/json
Internal server error response
curl \
--request POST https://localhost:5601/api/lists/items \
--header "Content-Type: application/json" \
--data '{"value":"127.0.0.1","list_id":"ip_list"}'
{
"value": "127.0.0.1",
"list_id": "ip_list"
}
{
"value": "192.168.0.0/16",
"list_id": "ip_range_list"
}
{
"value": "zeek",
"list_id": "keyword_list"
}
{
"id": "21b01cfb-058d-44b9-838c-282be16c91cc",
"type": "ip",
"value": "127.0.0.1",
"list_id": "ip_list",
"_version": "WzAsMV0=",
"@timestamp": "2025-01-08T04:59:06.154Z",
"created_at": "2025-01-08T04:59:06.154Z",
"created_by": "elastic",
"updated_at": "2025-01-08T04:59:06.154Z",
"updated_by": "elastic",
"tie_breaker_id": "b57c762c-3036-465c-9bfb-7bfb5e6e515a"
}
{
"id": "ip_range_item",
"type": "ip_range",
"value": "192.168.0.0/16",
"list_id": "ip_range_list",
"_version": "WzEsMV0=",
"@timestamp": "2025-01-09T18:33:08.202Z",
"created_at": "2025-01-09T18:33:08.202Z",
"created_by": "elastic",
"updated_at": "2025-01-09T18:33:08.202Z",
"updated_by": "elastic",
"tie_breaker_id": "ea1b4189-efda-4637-b8f9-74655a5ebb61"
}
{
"id": "7f24737d-1da8-4626-a568-33070591bb4e",
"type": "keyword",
"value": "zeek",
"list_id": "keyword_list",
"_version": "WzIsMV0=",
"@timestamp": "2025-01-09T18:34:29.422Z",
"created_at": "2025-01-09T18:34:29.422Z",
"created_by": "elastic",
"updated_at": "2025-01-09T18:34:29.422Z",
"updated_by": "elastic",
"tie_breaker_id": "2108ced2-5e5d-401e-a88e-4dd69fc5fa27"
}
{
"error": "Bad Request",
"message": "uri [/api/lists/items] with method [post] exists but is not available with the current configuration",
"statusCode": 400
}
{
"error": "Unauthorized",
"message": "[security_exception\\n\\tRoot causes:\\n\\t\\tsecurity_exception: unable to authenticate user [elastic] for REST request [/_security/_authenticate]]: unable to authenticate user [elastic] for REST request [/_security/_authenticate]",
"statusCode": 401
}
{
"error": "Forbidden",
"message": "API [POST /api/lists/items] is unauthorized for user, this action is granted by the Kibana privileges [lists-all]",
"statusCode": 403
}
{
"message": "list id: \\\"ip_list\\\" does not exist",
"status_code": 404
}
{
"message": "list item id: \\\"ip_item\\\" already exists",
"status_code": 409
}
{
"message": "Internal Server Error",
"status_code": 500
}