Get exception list items

GET /api/exception_lists/items/_find

Get a list of all exception list items in the specified list.

Query parameters

  • list_id array[string] Required

    List's id

    Minimum length of each is 1. Format of each should match the following pattern: ^(?! *$).+$.

  • filter array[string]

    Filters the returned results according to the value of the specified field, using the <field name>:<field value> syntax.

    Minimum length of each is 1. Format of each should match the following pattern: ^(?! *$).+$. Default value is [] (empty).

  • namespace_type array[string]

    Determines whether the returned containers are Kibana associated with a Kibana space or available in all spaces (agnostic or single)

    Values are agnostic or single. Default value is ["single"].

  • page integer

    The page number to return

    Minimum value is 0.

  • per_page integer

    The number of exception list items to return per page

    Minimum value is 0.

  • Determines which field is used to sort the results

    Minimum length is 1. Format should match the following pattern: ^(?! *$).+$.

  • Determines the sort order, which can be desc or asc

    Values are desc or asc.

Responses

  • 200 application/json; Elastic-Api-Version=2023-10-31

    Successful response

    Hide response attributes Show response attributes object
    • data array[object] Required
      Hide data attributes Show data attributes object
      • _version string
      • comments array[object] Required
        Hide comments attributes Show comments attributes object
        • comment string Required

          A string that is not empty and does not contain only whitespace

          Minimum length is 1. Format should match the following pattern: ^(?! *$).+$.

        • created_at string(date-time) Required
        • created_by string Required

          A string that is not empty and does not contain only whitespace

          Minimum length is 1. Format should match the following pattern: ^(?! *$).+$.

        • id string Required

          A string that is not empty and does not contain only whitespace

          Minimum length is 1. Format should match the following pattern: ^(?! *$).+$.

        • updated_at string(date-time)
        • A string that is not empty and does not contain only whitespace

          Minimum length is 1. Format should match the following pattern: ^(?! *$).+$.

      • created_at string(date-time) Required
      • created_by string Required
      • description string Required
      • entries array[object] Required
        Any of:
      • expire_time string(date-time)
      • id string Required

        A string that is not empty and does not contain only whitespace

        Minimum length is 1. Format should match the following pattern: ^(?! *$).+$.

      • item_id string Required

        A string that is not empty and does not contain only whitespace

        Minimum length is 1. Format should match the following pattern: ^(?! *$).+$.

      • list_id string Required

        A string that is not empty and does not contain only whitespace

        Minimum length is 1. Format should match the following pattern: ^(?! *$).+$.

      • meta object

        Additional properties are allowed.

      • name string Required

        A string that is not empty and does not contain only whitespace

        Minimum length is 1. Format should match the following pattern: ^(?! *$).+$.

      • namespace_type string Required

        Determines whether the exception container is available in all Kibana spaces or just the space in which it is created, where:

        • single: Only available in the Kibana space in which it is created.
        • agnostic: Available in all Kibana spaces.

        Values are agnostic or single. Default value is single.

      • os_types array[string]

        Values are linux, macos, or windows. Default value is [] (empty).

      • tags array[string]

        A string that is not empty and does not contain only whitespace

        Minimum length of each is 1. Format of each should match the following pattern: ^(?! *$).+$. Default value is [] (empty).

      • tie_breaker_id string Required
      • type string Required

        Value is simple.

      • updated_at string(date-time) Required
      • updated_by string Required
    • page integer Required

      Minimum value is 1.

    • per_page integer Required

      Minimum value is 1.

    • pit string
    • total integer Required

      Minimum value is 0.

  • 400 application/json; Elastic-Api-Version=2023-10-31

    Invalid input data response

    One of:
  • 401 application/json; Elastic-Api-Version=2023-10-31

    Unsuccessful authentication response

    Hide response attributes Show response attributes object
  • 403 application/json; Elastic-Api-Version=2023-10-31

    Not enough privileges response

    Hide response attributes Show response attributes object
  • 404 application/json; Elastic-Api-Version=2023-10-31

    Exception list not found response

    Hide response attributes Show response attributes object
  • 500 application/json; Elastic-Api-Version=2023-10-31

    Internal server error response

    Hide response attributes Show response attributes object
GET /api/exception_lists/items/_find
curl \
 -X GET https://localhost:5601/api/exception_lists/items/_find?list_id=string
Response examples (200)
{
  "data": [
    {
      "_version": "string",
      "comments": [
        {
          "comment": "string",
          "created_at": "2024-05-04T09:42:00+00:00",
          "created_by": "string",
          "id": "string",
          "updated_at": "2024-05-04T09:42:00+00:00",
          "updated_by": "string"
        }
      ],
      "created_at": "2024-05-04T09:42:00+00:00",
      "created_by": "string",
      "description": "string",
      "entries": [
        {
          "field": "string",
          "operator": "excluded",
          "type": "match",
          "value": "string"
        }
      ],
      "expire_time": "2024-05-04T09:42:00+00:00",
      "id": "string",
      "item_id": "string",
      "list_id": "string",
      "meta": {},
      "name": "string",
      "namespace_type": "single",
      "os_types": [],
      "tags": [],
      "tie_breaker_id": "string",
      "type": "simple",
      "updated_at": "2024-05-04T09:42:00+00:00",
      "updated_by": "string"
    }
  ],
  "page": 42,
  "per_page": 42,
  "pit": "string",
  "total": 42
}
Response examples (400)
{
  "error": "string",
  "message": "string",
  "statusCode": 42
}
{
  "message": "string",
  "status_code": 42
}
Response examples (401)
{
  "error": "string",
  "message": "string",
  "statusCode": 42
}
Response examples (403)
{
  "error": "string",
  "message": "string",
  "statusCode": 42
}
Response examples (404)
{
  "message": "string",
  "status_code": 42
}
Response examples (500)
{
  "message": "string",
  "status_code": 42
}