Body Required
-
description string | null
-
ecs_mapping object | null
-
id string | null
-
interval string
-
platform string | null
-
query string
-
removed boolean | null
-
snapshot boolean | null
-
version string | null
POST
/api/osquery/saved_queries
curl \
--request POST https://localhost:5601/api/osquery/saved_queries \
--header "Content-Type: application/json" \
--data '{"description":"string","ecs_mapping":{"additionalProperty1":{"field":"string","value":"string"},"additionalProperty2":{"field":"string","value":"string"}},"id":"string","interval":"string","platform":"string","query":"string","removed":true,"snapshot":true,"version":"string"}'
Request examples
{
"description": "string",
"ecs_mapping": {
"additionalProperty1": {
"field": "string",
"value": "string"
},
"additionalProperty2": {
"field": "string",
"value": "string"
}
},
"id": "string",
"interval": "string",
"platform": "string",
"query": "string",
"removed": true,
"snapshot": true,
"version": "string"
}
Response examples (200)
{}