Bulk unenroll agents

POST /api/fleet/agents/bulk_unenroll

Headers

elastic-api-version string

The version of the API to use

Value is 2023-10-31. Default value is 2023-10-31.
kbn-xsrf string Required

A required header to protect against CSRF attacks

application/json; Elastic-Api-Version=2023-10-31

Body

agents array[string] | string Required

Any of:
array-1 array[string] string-2 string

KQL query string, leave empty to action all agents

list of agent IDs
batchSize number
force boolean

Unenrolls hosted agents too
includeInactive boolean

When passing agents by KQL query, unenrolls inactive agents too
revoke boolean

Revokes API keys of agents

Responses

200 application/json; Elastic-Api-Version=2023-10-31
Hide response attribute Show response attribute object
- actionId string Required
400 application/json; Elastic-Api-Version=2023-10-31
Hide response attributes Show response attributes object
- error string
- message string Required
- statusCode number

POST /api/fleet/agents/bulk_unenroll

curl \
 -X POST https://localhost:5601/api/fleet/agents/bulk_unenroll \
 -H "Content-Type: application/json; Elastic-Api-Version=2023-10-31" \
 -H "elastic-api-version: 2023-10-31" \
 -H "kbn-xsrf: true"

Request examples

# Headers
elastic-api-version: 2023-10-31
kbn-xsrf: true

# Payload
{
  "agents": [
    "string"
  ],
  "batchSize": 42.0,
  "force": true,
  "includeInactive": true,
  "revoke": true
}

Response examples (200)

{
  "actionId": "string"
}

Response examples (400)

{
  "error": "string",
  "message": "string",
  "statusCode": 42.0
}

Bulk unenroll agents

Headers

Body

agents array[string] | string Required

Responses