Create a connector with a random ID
The connector identifier is randomly generated.
Body object Required
The properties vary depending on the connector type.
The Amazon Bedrock connector uses axios to send a POST request to Amazon Bedrock.
-
Defines properties for connectors when type is
.bedrock
.Hide config attributes Show config attributes object
-
The Amazon Bedrock request URL.
-
defaultModel string
The generative artificial intelligence model for Amazon Bedrock to use. Current support is for the Anthropic Claude models.
Default value is
anthropic.claude-3-5-sonnet-20240620-v1:0
.
-
-
The type of connector.
Value is
.bedrock
. -
The display name for the connector.
-
Defines secrets for connectors when type is
.bedrock
.
The Google Gemini connector uses axios to send a POST request to Google Gemini.
-
Defines properties for connectors when type is
.gemini
.Hide config attributes Show config attributes object
-
The Google Gemini request URL.
-
defaultModel string
The generative artificial intelligence model for Google Gemini to use.
Default value is
gemini-1.5-pro-001
. -
The Google ProjectID that has Vertex AI endpoint enabled.
-
The GCP region where the Vertex AI endpoint enabled.
-
-
The type of connector.
Value is
.gemini
. -
The display name for the connector.
-
Defines secrets for connectors when type is
.gemini
.Hide secrets attribute Show secrets attribute object
-
The service account credentials JSON file. The service account should have Vertex AI user IAM role assigned to it.
-
The Webhook - Case Management connector uses axios to send POST, PUT, and GET requests to a case management RESTful API web service.
-
Defines properties for connectors when type is
.cases-webhook
.Hide config attributes Show config attributes object
-
authType string | null
The type of authentication to use: basic, SSL, or none.
Values are
webhook-authentication-basic
orwebhook-authentication-ssl
. -
ca string
A base64 encoded version of the certificate authority file that the connector can trust to sign and validate certificates. This option is available for all authentication types.
-
certType string
If the
authType
iswebhook-authentication-ssl
, specifies whether the certificate authentication data is in a CRT and key file format or a PFX file format.Values are
ssl-crt-key
orssl-pfx
. -
createCommentJson string
A JSON payload sent to the create comment URL to create a case comment. You can use variables to add Kibana Cases data to the payload. The required variable is
case.comment
. Due to Mustache template variables (the text enclosed in triple braces, for example,{{{case.title}}}
), the JSON is not validated when you create the connector. The JSON is validated once the Mustache variables have been placed when the REST method runs. Manually ensure that the JSON is valid, disregarding the Mustache variables, so the later validation will pass. -
createCommentMethod string
The REST API HTTP request method to create a case comment in the third-party system. Valid values are
patch
,post
, andput
.Values are
patch
,post
, orput
. Default value isput
. -
createCommentUrl string
The REST API URL to create a case comment by ID in the third-party system. You can use a variable to add the external system ID to the URL. If you are using the
xpack.actions.allowedHosts setting
, add the hostname to the allowed hosts. -
A JSON payload sent to the create case URL to create a case. You can use variables to add case data to the payload. Required variables are
case.title
andcase.description
. Due to Mustache template variables (which is the text enclosed in triple braces, for example,{{{case.title}}}
), the JSON is not validated when you create the connector. The JSON is validated after the Mustache variables have been placed when REST method runs. Manually ensure that the JSON is valid to avoid future validation errors; disregard Mustache variables during your review. -
createIncidentMethod string
The REST API HTTP request method to create a case in the third-party system. Valid values are
patch
,post
, andput
.Values are
patch
,post
, orput
. Default value ispost
. -
The JSON key in the create external case response that contains the case ID.
-
The REST API URL to create a case in the third-party system. If you are using the
xpack.actions.allowedHosts
setting, add the hostname to the allowed hosts. -
The JSON key in get external case response that contains the case title.
-
The REST API URL to get the case by ID from the third-party system. If you are using the
xpack.actions.allowedHosts
setting, add the hostname to the allowed hosts. You can use a variable to add the external system ID to the URL. Due to Mustache template variables (the text enclosed in triple braces, for example,{{{case.title}}}
), the JSON is not validated when you create the connector. The JSON is validated after the Mustache variables have been placed when REST method runs. Manually ensure that the JSON is valid, disregarding the Mustache variables, so the later validation will pass. -
hasAuth boolean
If true, a username and password for login type authentication must be provided.
Default value is
true
. -
headers string
A set of key-value pairs sent as headers with the request URLs for the create case, update case, get case, and create comment methods.
-
The JSON payload sent to the update case URL to update the case. You can use variables to add Kibana Cases data to the payload. Required variables are
case.title
andcase.description
. Due to Mustache template variables (which is the text enclosed in triple braces, for example,{{{case.title}}}
), the JSON is not validated when you create the connector. The JSON is validated after the Mustache variables have been placed when REST method runs. Manually ensure that the JSON is valid to avoid future validation errors; disregard Mustache variables during your review. -
updateIncidentMethod string
The REST API HTTP request method to update the case in the third-party system. Valid values are
patch
,post
, andput
.Values are
patch
,post
, orput
. Default value isput
. -
The REST API URL to update the case by ID in the third-party system. You can use a variable to add the external system ID to the URL. If you are using the
xpack.actions.allowedHosts
setting, add the hostname to the allowed hosts. -
verificationMode string
Controls the verification of certificates. Use
full
to validate that the certificate has an issue date within thenot_before
andnot_after
dates, chains to a trusted certificate authority (CA), and has a hostname or IP address that matches the names within the certificate. Usecertificate
to validate the certificate and verify that it is signed by a trusted authority; this option does not check the certificate hostname. Usenone
to skip certificate validation.Values are
certificate
,full
, ornone
. Default value isfull
. -
The URL to view the case in the external system. You can use variables to add the external system ID or external system title to the URL.
-
-
The type of connector.
Value is
.cases-webhook
. -
The display name for the connector.
-
secrets object
Hide secrets attributes Show secrets attributes object
-
crt string
If
authType
iswebhook-authentication-ssl
andcertType
isssl-crt-key
, it is a base64 encoded version of the CRT or CERT file. -
key string
If
authType
iswebhook-authentication-ssl
andcertType
isssl-crt-key
, it is a base64 encoded version of the KEY file. -
password string
The password for HTTP basic authentication. If
hasAuth
is set totrue
and andauthType
iswebhook-authentication-basic
, this property is required. -
pfx string
If
authType
iswebhook-authentication-ssl
andcertType
isssl-pfx
, it is a base64 encoded version of the PFX or P12 file. -
user string
The username for HTTP basic authentication. If
hasAuth
is set totrue
andauthType
iswebhook-authentication-basic
, this property is required.
-
The connector uses axios to send a POST request to a D3 Security endpoint.
-
Defines properties for connectors when type is
.d3security
.Hide config attribute Show config attribute object
-
The D3 Security API request URL. If you are using the
xpack.actions.allowedHosts
setting, add the hostname to the allowed hosts.
-
-
The type of connector.
Value is
.d3security
. -
The display name for the connector.
-
Defines secrets for connectors when type is
.d3security
.Hide secrets attribute Show secrets attribute object
-
The D3 Security token.
-
The email connector uses the SMTP protocol to send mail messages, using an integration of Nodemailer. An exception is Microsoft Exchange, which uses HTTP protocol for sending emails, Send mail. Email message text is sent as both plain text and html text.
-
Defines properties for connectors when type is
.email
.Hide config attributes Show config attributes object
-
clientId string | null
The client identifier, which is a part of OAuth 2.0 client credentials authentication, in GUID format. If
service
isexchange_server
, this property is required. -
The from address for all emails sent by the connector. It must be specified in
user@host-name
format. -
hasAuth boolean
Specifies whether a user and password are required inside the secrets configuration.
Default value is
true
. -
host string
The host name of the service provider. If the
service
iselastic_cloud
(for Elastic Cloud notifications) or one of Nodemailer's well-known email service providers, this property is ignored. Ifservice
isother
, this property must be defined. -
oauthTokenUrl string | null
-
port integer
The port to connect to on the service provider. If the
service
iselastic_cloud
(for Elastic Cloud notifications) or one of Nodemailer's well-known email service providers, this property is ignored. Ifservice
isother
, this property must be defined. -
secure boolean
Specifies whether the connection to the service provider will use TLS. If the
service
iselastic_cloud
(for Elastic Cloud notifications) or one of Nodemailer's well-known email service providers, this property is ignored. -
service string
The name of the email service.
Values are
elastic_cloud
,exchange_server
,gmail
,other
,outlook365
, orses
. -
tenantId string | null
The tenant identifier, which is part of OAuth 2.0 client credentials authentication, in GUID format. If
service
isexchange_server
, this property is required.
-
-
The type of connector.
Value is
.email
. -
The display name for the connector.
-
Defines secrets for connectors when type is
.email
.Hide secrets attributes Show secrets attributes object
-
clientSecret string
The Microsoft Exchange Client secret for OAuth 2.0 client credentials authentication. It must be URL-encoded. If
service
isexchange_server
, this property is required. -
password string
The password for HTTP basic authentication. If
hasAuth
is set totrue
, this property is required. -
user string
The username for HTTP basic authentication. If
hasAuth
is set totrue
, this property is required.
-
The OpenAI connector uses axios to send a POST request to either OpenAI or Azure OpenAPI.
config object Required
Defines properties for connectors when type is
.gen-ai
.One of: Defines properties for connectors when type is
.gen-ai
and the API provider is `Azure OpenAI'.Hide attributes Show attributes
-
The OpenAI API provider.
Value is
Azure OpenAI
. -
The OpenAI API endpoint.
Defines properties for connectors when type is
.gen-ai
and the API provider is `OpenAI'.Hide attributes Show attributes
-
The OpenAI API provider.
Value is
OpenAI
. -
The OpenAI API endpoint.
-
defaultModel string
The default model to use for requests.
-
-
The type of connector.
Value is
.gen-ai
. -
The display name for the connector.
-
Defines secrets for connectors when type is
.gen-ai
.Hide secrets attribute Show secrets attribute object
-
apiKey string
The OpenAI API key.
-
The index connector indexes a document into Elasticsearch.
-
Defines properties for connectors when type is
.index
.Hide config attributes Show config attributes object
-
executionTimeField string | null
A field that indicates when the document was indexed.
-
The Elasticsearch index to be written to.
-
refresh boolean
The refresh policy for the write request, which affects when changes are made visible to search. Refer to the refresh setting for Elasticsearch document APIs.
Default value is
false
.
-
-
The type of connector.
Value is
.index
. -
The display name for the connector.
The Jira connector uses the REST API v2 to create Jira issues.
-
Defines properties for connectors when type is
.jira
.Hide config attributes Show config attributes object
-
The Jira instance URL.
-
The Jira project key.
-
-
The type of connector.
Value is
.jira
. -
The display name for the connector.
-
Defines secrets for connectors when type is
.jira
.
The Opsgenie connector uses the Opsgenie alert API.
-
Defines properties for connectors when type is
.opsgenie
.Hide config attribute Show config attribute object
-
The Opsgenie URL. For example,
https://api.opsgenie.com
orhttps://api.eu.opsgenie.com
. If you are using thexpack.actions.allowedHosts
setting, add the hostname to the allowed hosts.
-
-
The type of connector.
Value is
.opsgenie
. -
The display name for the connector.
-
Defines secrets for connectors when type is
.opsgenie
.Hide secrets attribute Show secrets attribute object
-
The Opsgenie API authentication key for HTTP Basic authentication.
-
The PagerDuty connector uses the v2 Events API to trigger, acknowledge, and resolve PagerDuty alerts.
-
Defines properties for connectors when type is
.pagerduty
.Hide config attribute Show config attribute object
-
apiUrl string | null
The PagerDuty event URL.
-
-
The type of connector.
Value is
.pagerduty
. -
The display name for the connector.
-
Defines secrets for connectors when type is
.pagerduty
.Hide secrets attribute Show secrets attribute object
-
A 32 character PagerDuty Integration Key for an integration on a service.
-
The IBM Resilient connector uses the RESILIENT REST v2 to create IBM Resilient incidents.
-
Defines properties for connectors when type is
.resilient
. -
The type of connector.
Value is
.resilient
. -
The display name for the connector.
-
Defines secrets for connectors when type is
.resilient
.Hide secrets attributes Show secrets attributes object
-
The authentication key ID for HTTP Basic authentication.
-
The authentication key secret for HTTP Basic authentication.
-
The SentinelOne connector communicates with SentinelOne Management Console via REST API. This functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.
-
Defines properties for connectors when type is
.sentinelone
.Hide config attribute Show config attribute object
-
The SentinelOne tenant URL. If you are using the
xpack.actions.allowedHosts
setting, add the hostname to the allowed hosts.
-
-
The type of connector.
Value is
.sentinelone
. -
The display name for the connector.
-
Defines secrets for connectors when type is
.sentinelone
.Hide secrets attribute Show secrets attribute object
-
The A SentinelOne API token.
-
This connector writes an entry to the Kibana server log.
-
The type of connector.
Value is
.server-log
. -
The display name for the connector.
The ServiceNow ITSM connector uses the import set API to create ServiceNow incidents. You can use the connector for rule actions and cases.
-
Defines properties for connectors when type is
.servicenow
.Hide config attributes Show config attributes object
-
The ServiceNow instance URL.
-
clientId string
The client ID assigned to your OAuth application. This property is required when
isOAuth
istrue
. -
isOAuth boolean
The type of authentication to use. The default value is false, which means basic authentication is used instead of open authorization (OAuth).
Default value is
false
. -
jwtKeyId string
The key identifier assigned to the JWT verifier map of your OAuth application. This property is required when
isOAuth
istrue
. -
userIdentifierValue string
The identifier to use for OAuth authentication. This identifier should be the user field you selected when you created an OAuth JWT API endpoint for external clients in your ServiceNow instance. For example, if the selected user field is
Email
, the user identifier should be the user's email address. This property is required whenisOAuth
istrue
. -
usesTableApi boolean
Determines whether the connector uses the Table API or the Import Set API. This property is supported only for ServiceNow ITSM and ServiceNow SecOps connectors. NOTE: If this property is set to
false
, the Elastic application should be installed in ServiceNow.Default value is
true
.
-
-
The type of connector.
Value is
.servicenow
. -
The display name for the connector.
-
Defines secrets for connectors when type is
.servicenow
,.servicenow-sir
, or.servicenow-itom
.Hide secrets attributes Show secrets attributes object
-
clientSecret string
The client secret assigned to your OAuth application. This property is required when
isOAuth
istrue
. -
password string
The password for HTTP basic authentication. This property is required when
isOAuth
isfalse
. -
privateKey string
The RSA private key that you created for use in ServiceNow. This property is required when
isOAuth
istrue
. -
privateKeyPassword string
The password for the RSA private key. This property is required when
isOAuth
istrue
and you set a password on your private key. -
username string
The username for HTTP basic authentication. This property is required when
isOAuth
isfalse
.
-
The ServiceNow ITOM connector uses the event API to create ServiceNow events. You can use the connector for rule actions.
-
Defines properties for connectors when type is
.servicenow
.Hide config attributes Show config attributes object
-
The ServiceNow instance URL.
-
clientId string
The client ID assigned to your OAuth application. This property is required when
isOAuth
istrue
. -
isOAuth boolean
The type of authentication to use. The default value is false, which means basic authentication is used instead of open authorization (OAuth).
Default value is
false
. -
jwtKeyId string
The key identifier assigned to the JWT verifier map of your OAuth application. This property is required when
isOAuth
istrue
. -
userIdentifierValue string
The identifier to use for OAuth authentication. This identifier should be the user field you selected when you created an OAuth JWT API endpoint for external clients in your ServiceNow instance. For example, if the selected user field is
Email
, the user identifier should be the user's email address. This property is required whenisOAuth
istrue
.
-
-
The type of connector.
Value is
.servicenow-itom
. -
The display name for the connector.
-
Defines secrets for connectors when type is
.servicenow
,.servicenow-sir
, or.servicenow-itom
.Hide secrets attributes Show secrets attributes object
-
clientSecret string
The client secret assigned to your OAuth application. This property is required when
isOAuth
istrue
. -
password string
The password for HTTP basic authentication. This property is required when
isOAuth
isfalse
. -
privateKey string
The RSA private key that you created for use in ServiceNow. This property is required when
isOAuth
istrue
. -
privateKeyPassword string
The password for the RSA private key. This property is required when
isOAuth
istrue
and you set a password on your private key. -
username string
The username for HTTP basic authentication. This property is required when
isOAuth
isfalse
.
-
The ServiceNow SecOps connector uses the import set API to create ServiceNow security incidents. You can use the connector for rule actions and cases.
-
Defines properties for connectors when type is
.servicenow
.Hide config attributes Show config attributes object
-
The ServiceNow instance URL.
-
clientId string
The client ID assigned to your OAuth application. This property is required when
isOAuth
istrue
. -
isOAuth boolean
The type of authentication to use. The default value is false, which means basic authentication is used instead of open authorization (OAuth).
Default value is
false
. -
jwtKeyId string
The key identifier assigned to the JWT verifier map of your OAuth application. This property is required when
isOAuth
istrue
. -
userIdentifierValue string
The identifier to use for OAuth authentication. This identifier should be the user field you selected when you created an OAuth JWT API endpoint for external clients in your ServiceNow instance. For example, if the selected user field is
Email
, the user identifier should be the user's email address. This property is required whenisOAuth
istrue
. -
usesTableApi boolean
Determines whether the connector uses the Table API or the Import Set API. This property is supported only for ServiceNow ITSM and ServiceNow SecOps connectors. NOTE: If this property is set to
false
, the Elastic application should be installed in ServiceNow.Default value is
true
.
-
-
The type of connector.
Value is
.servicenow-sir
. -
The display name for the connector.
-
Defines secrets for connectors when type is
.servicenow
,.servicenow-sir
, or.servicenow-itom
.Hide secrets attributes Show secrets attributes object
-
clientSecret string
The client secret assigned to your OAuth application. This property is required when
isOAuth
istrue
. -
password string
The password for HTTP basic authentication. This property is required when
isOAuth
isfalse
. -
privateKey string
The RSA private key that you created for use in ServiceNow. This property is required when
isOAuth
istrue
. -
privateKeyPassword string
The password for the RSA private key. This property is required when
isOAuth
istrue
and you set a password on your private key. -
username string
The username for HTTP basic authentication. This property is required when
isOAuth
isfalse
.
-
The Slack connector uses an API method to send Slack messages.
-
config object
Defines properties for connectors when type is
.slack_api
.Hide config attribute Show config attribute object
-
allowedChannels array[object]
A list of valid Slack channels.
-
-
The type of connector.
Value is
.slack_api
. -
The display name for the connector.
-
Defines secrets for connectors when type is
.slack
.Hide secrets attribute Show secrets attribute object
-
Slack bot user OAuth token.
-
The Slack connector uses Slack Incoming Webhooks.
-
The type of connector.
Value is
.slack
. -
The display name for the connector.
-
Defines secrets for connectors when type is
.slack
.Hide secrets attribute Show secrets attribute object
-
Slack webhook url.
-
The Swimlane connector uses the Swimlane REST API to create Swimlane records.
-
Defines properties for connectors when type is
.swimlane
.Hide config attributes Show config attributes object
-
The Swimlane instance URL.
-
The Swimlane application ID.
-
The type of connector. Valid values are
all
,alerts
, andcases
.Values are
all
,alerts
, orcases
. -
mappings object
The field mapping.
Hide mappings attributes Show mappings attributes object
-
alertIdConfig object
Mapping for the alert ID.
-
caseIdConfig object
Mapping for the case ID.
-
caseNameConfig object
Mapping for the case name.
-
commentsConfig object
Mapping for the case comments.
-
descriptionConfig object
Mapping for the case description.
Hide descriptionConfig attributes Show descriptionConfig attributes object
-
ruleNameConfig object
Mapping for the name of the alert's rule.
-
severityConfig object
Mapping for the severity.
-
-
-
The type of connector.
Value is
.swimlane
. -
The display name for the connector.
-
Defines secrets for connectors when type is
.swimlane
.Hide secrets attribute Show secrets attribute object
-
apiToken string
Swimlane API authentication token.
-
The Microsoft Teams connector uses Incoming Webhooks.
-
The type of connector.
Value is
.teams
. -
The display name for the connector.
-
Defines secrets for connectors when type is
.teams
.Hide secrets attribute Show secrets attribute object
-
The URL of the incoming webhook. If you are using the
xpack.actions.allowedHosts
setting, add the hostname to the allowed hosts.
-
The Tines connector uses Tines Webhook actions to send events via POST request.
-
Defines properties for connectors when type is
.tines
.Hide config attribute Show config attribute object
-
The Tines tenant URL. If you are using the
xpack.actions.allowedHosts
setting, make sure this hostname is added to the allowed hosts.
-
-
The type of connector.
Value is
.tines
. -
The display name for the connector.
-
Defines secrets for connectors when type is
.tines
.
The Torq connector uses a Torq webhook to trigger workflows with Kibana actions.
-
Defines properties for connectors when type is
.torq
.Hide config attribute Show config attribute object
-
The endpoint URL of the Elastic Security integration in Torq.
-
-
The type of connector.
Value is
.torq
. -
The display name for the connector.
-
Defines secrets for connectors when type is
.torq
.Hide secrets attribute Show secrets attribute object
-
The secret of the webhook authentication header.
-
The Webhook connector uses axios to send a POST or PUT request to a web service.
-
Defines properties for connectors when type is
.webhook
.Hide config attributes Show config attributes object
-
authType string | null
The type of authentication to use: basic, SSL, or none.
Values are
webhook-authentication-basic
orwebhook-authentication-ssl
. -
ca string
A base64 encoded version of the certificate authority file that the connector can trust to sign and validate certificates. This option is available for all authentication types.
-
certType string
If the
authType
iswebhook-authentication-ssl
, specifies whether the certificate authentication data is in a CRT and key file format or a PFX file format.Values are
ssl-crt-key
orssl-pfx
. -
hasAuth boolean
If true, a username and password for login type authentication must be provided.
Default value is
true
. -
headers object | null
A set of key-value pairs sent as headers with the request.
-
method string
The HTTP request method, either
post
orput
.Values are
post
orput
. Default value ispost
. -
url string
The request URL. If you are using the
xpack.actions.allowedHosts
setting, add the hostname to the allowed hosts. -
verificationMode string
Controls the verification of certificates. Use
full
to validate that the certificate has an issue date within thenot_before
andnot_after
dates, chains to a trusted certificate authority (CA), and has a hostname or IP address that matches the names within the certificate. Usecertificate
to validate the certificate and verify that it is signed by a trusted authority; this option does not check the certificate hostname. Usenone
to skip certificate validation.Values are
certificate
,full
, ornone
. Default value isfull
.
-
-
The type of connector.
Value is
.webhook
. -
The display name for the connector.
-
Defines secrets for connectors when type is
.webhook
.Hide secrets attributes Show secrets attributes object
-
crt string
If
authType
iswebhook-authentication-ssl
andcertType
isssl-crt-key
, it is a base64 encoded version of the CRT or CERT file. -
key string
If
authType
iswebhook-authentication-ssl
andcertType
isssl-crt-key
, it is a base64 encoded version of the KEY file. -
password string
The password for HTTP basic authentication or the passphrase for the SSL certificate files. If
hasAuth
is set totrue
andauthType
iswebhook-authentication-basic
, this property is required. -
pfx string
If
authType
iswebhook-authentication-ssl
andcertType
isssl-pfx
, it is a base64 encoded version of the PFX or P12 file. -
user string
The username for HTTP basic authentication. If
hasAuth
is set totrue
andauthType
iswebhook-authentication-basic
, this property is required.
-
The xMatters connector uses the xMatters Workflow for Elastic to send actionable alerts to on-call xMatters resources.
-
Defines properties for connectors when type is
.xmatters
.Hide config attributes Show config attributes object
-
The type of connector.
Value is
.xmatters
. -
The display name for the connector.
-
Defines secrets for connectors when type is
.xmatters
.Hide secrets attributes Show secrets attributes object
-
password string
A user name for HTTP basic authentication. It is applicable only when
usesBasic
istrue
. -
secretsUrl string
The request URL for the Elastic Alerts trigger in xMatters with the API key included in the URL. It is applicable only when
usesBasic
isfalse
. -
user string
A password for HTTP basic authentication. It is applicable only when
usesBasic
istrue
.
-
Responses
-
200 application/json; Elastic-Api-Version=2023-10-31
Indicates a successful call.
The properties vary depending on the connector type.
One of: Connectors_connector_response_properties_bedrock object Connectors_connector_response_properties_gemini object Connectors_connector_response_properties_cases_webhook object Connectors_connector_response_properties_d3security object Connectors_connector_response_properties_email object Connectors_connector_response_properties_genai object Connectors_connector_response_properties_index object Connectors_connector_response_properties_jira object Connectors_connector_response_properties_opsgenie object Connectors_connector_response_properties_pagerduty object Connectors_connector_response_properties_resilient object Connectors_connector_response_properties_sentinelone object Connectors_connector_response_properties_serverlog object Connectors_connector_response_properties_servicenow object Connectors_connector_response_properties_servicenow_itom object Connectors_connector_response_properties_servicenow_sir object Connectors_connector_response_properties_slack_api object Connectors_connector_response_properties_slack_webhook object Connectors_connector_response_properties_swimlane object Connectors_connector_response_properties_teams object Connectors_connector_response_properties_tines object Connectors_connector_response_properties_torq object Connectors_connector_response_properties_webhook object Connectors_connector_response_properties_xmatters objectHide attributes Show attributes
-
Defines properties for connectors when type is
.bedrock
.Hide config attributes Show config attributes object
-
The Amazon Bedrock request URL.
-
defaultModel string
The generative artificial intelligence model for Amazon Bedrock to use. Current support is for the Anthropic Claude models.
Default value is
anthropic.claude-3-5-sonnet-20240620-v1:0
.
-
-
The type of connector.
Value is
.bedrock
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
Hide attributes Show attributes
-
config object
Defines properties for connectors when type is
.gemini
.Hide config attributes Show config attributes object
-
The Google Gemini request URL.
-
defaultModel string
The generative artificial intelligence model for Google Gemini to use.
Default value is
gemini-1.5-pro-001
. -
The Google ProjectID that has Vertex AI endpoint enabled.
-
The GCP region where the Vertex AI endpoint enabled.
-
-
The type of connector.
Value is
.gemini
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
Hide attributes Show attributes
-
config object
Defines properties for connectors when type is
.cases-webhook
.Hide config attributes Show config attributes object
-
authType string | null
The type of authentication to use: basic, SSL, or none.
Values are
webhook-authentication-basic
orwebhook-authentication-ssl
. -
ca string
A base64 encoded version of the certificate authority file that the connector can trust to sign and validate certificates. This option is available for all authentication types.
-
certType string
If the
authType
iswebhook-authentication-ssl
, specifies whether the certificate authentication data is in a CRT and key file format or a PFX file format.Values are
ssl-crt-key
orssl-pfx
. -
createCommentJson string
A JSON payload sent to the create comment URL to create a case comment. You can use variables to add Kibana Cases data to the payload. The required variable is
case.comment
. Due to Mustache template variables (the text enclosed in triple braces, for example,{{{case.title}}}
), the JSON is not validated when you create the connector. The JSON is validated once the Mustache variables have been placed when the REST method runs. Manually ensure that the JSON is valid, disregarding the Mustache variables, so the later validation will pass. -
createCommentMethod string
The REST API HTTP request method to create a case comment in the third-party system. Valid values are
patch
,post
, andput
.Values are
patch
,post
, orput
. Default value isput
. -
createCommentUrl string
The REST API URL to create a case comment by ID in the third-party system. You can use a variable to add the external system ID to the URL. If you are using the
xpack.actions.allowedHosts setting
, add the hostname to the allowed hosts. -
A JSON payload sent to the create case URL to create a case. You can use variables to add case data to the payload. Required variables are
case.title
andcase.description
. Due to Mustache template variables (which is the text enclosed in triple braces, for example,{{{case.title}}}
), the JSON is not validated when you create the connector. The JSON is validated after the Mustache variables have been placed when REST method runs. Manually ensure that the JSON is valid to avoid future validation errors; disregard Mustache variables during your review. -
createIncidentMethod string
The REST API HTTP request method to create a case in the third-party system. Valid values are
patch
,post
, andput
.Values are
patch
,post
, orput
. Default value ispost
. -
The JSON key in the create external case response that contains the case ID.
-
The REST API URL to create a case in the third-party system. If you are using the
xpack.actions.allowedHosts
setting, add the hostname to the allowed hosts. -
The JSON key in get external case response that contains the case title.
-
The REST API URL to get the case by ID from the third-party system. If you are using the
xpack.actions.allowedHosts
setting, add the hostname to the allowed hosts. You can use a variable to add the external system ID to the URL. Due to Mustache template variables (the text enclosed in triple braces, for example,{{{case.title}}}
), the JSON is not validated when you create the connector. The JSON is validated after the Mustache variables have been placed when REST method runs. Manually ensure that the JSON is valid, disregarding the Mustache variables, so the later validation will pass. -
hasAuth boolean
If true, a username and password for login type authentication must be provided.
Default value is
true
. -
headers string
A set of key-value pairs sent as headers with the request URLs for the create case, update case, get case, and create comment methods.
-
The JSON payload sent to the update case URL to update the case. You can use variables to add Kibana Cases data to the payload. Required variables are
case.title
andcase.description
. Due to Mustache template variables (which is the text enclosed in triple braces, for example,{{{case.title}}}
), the JSON is not validated when you create the connector. The JSON is validated after the Mustache variables have been placed when REST method runs. Manually ensure that the JSON is valid to avoid future validation errors; disregard Mustache variables during your review. -
updateIncidentMethod string
The REST API HTTP request method to update the case in the third-party system. Valid values are
patch
,post
, andput
.Values are
patch
,post
, orput
. Default value isput
. -
The REST API URL to update the case by ID in the third-party system. You can use a variable to add the external system ID to the URL. If you are using the
xpack.actions.allowedHosts
setting, add the hostname to the allowed hosts. -
verificationMode string
Controls the verification of certificates. Use
full
to validate that the certificate has an issue date within thenot_before
andnot_after
dates, chains to a trusted certificate authority (CA), and has a hostname or IP address that matches the names within the certificate. Usecertificate
to validate the certificate and verify that it is signed by a trusted authority; this option does not check the certificate hostname. Usenone
to skip certificate validation.Values are
certificate
,full
, ornone
. Default value isfull
. -
The URL to view the case in the external system. You can use variables to add the external system ID or external system title to the URL.
-
-
The type of connector.
Value is
.cases-webhook
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
Hide attributes Show attributes
-
config object
Defines properties for connectors when type is
.d3security
.Hide config attribute Show config attribute object
-
The D3 Security API request URL. If you are using the
xpack.actions.allowedHosts
setting, add the hostname to the allowed hosts.
-
-
The type of connector.
Value is
.d3security
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
Hide attributes Show attributes
-
config object
Defines properties for connectors when type is
.email
.Hide config attributes Show config attributes object
-
clientId string | null
The client identifier, which is a part of OAuth 2.0 client credentials authentication, in GUID format. If
service
isexchange_server
, this property is required. -
The from address for all emails sent by the connector. It must be specified in
user@host-name
format. -
hasAuth boolean
Specifies whether a user and password are required inside the secrets configuration.
Default value is
true
. -
host string
The host name of the service provider. If the
service
iselastic_cloud
(for Elastic Cloud notifications) or one of Nodemailer's well-known email service providers, this property is ignored. Ifservice
isother
, this property must be defined. -
oauthTokenUrl string | null
-
port integer
The port to connect to on the service provider. If the
service
iselastic_cloud
(for Elastic Cloud notifications) or one of Nodemailer's well-known email service providers, this property is ignored. Ifservice
isother
, this property must be defined. -
secure boolean
Specifies whether the connection to the service provider will use TLS. If the
service
iselastic_cloud
(for Elastic Cloud notifications) or one of Nodemailer's well-known email service providers, this property is ignored. -
service string
The name of the email service.
Values are
elastic_cloud
,exchange_server
,gmail
,other
,outlook365
, orses
. -
tenantId string | null
The tenant identifier, which is part of OAuth 2.0 client credentials authentication, in GUID format. If
service
isexchange_server
, this property is required.
-
-
The type of connector.
Value is
.email
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
Hide attributes Show attributes
config object
Defines properties for connectors when type is
.gen-ai
.One of: Defines properties for connectors when type is
.gen-ai
and the API provider is `Azure OpenAI'.Hide attributes Show attributes
-
The OpenAI API provider.
Value is
Azure OpenAI
. -
The OpenAI API endpoint.
Defines properties for connectors when type is
.gen-ai
and the API provider is `OpenAI'.Hide attributes Show attributes
-
The OpenAI API provider.
Value is
OpenAI
. -
The OpenAI API endpoint.
-
defaultModel string
The default model to use for requests.
-
-
The type of connector.
Value is
.gen-ai
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
Hide attributes Show attributes
-
config object
Defines properties for connectors when type is
.index
.Hide config attributes Show config attributes object
-
executionTimeField string | null
A field that indicates when the document was indexed.
-
The Elasticsearch index to be written to.
-
refresh boolean
The refresh policy for the write request, which affects when changes are made visible to search. Refer to the refresh setting for Elasticsearch document APIs.
Default value is
false
.
-
-
The type of connector.
Value is
.index
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
Hide attributes Show attributes
-
config object
Defines properties for connectors when type is
.jira
.Hide config attributes Show config attributes object
-
The Jira instance URL.
-
The Jira project key.
-
-
The type of connector.
Value is
.jira
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
Hide attributes Show attributes
-
config object
Defines properties for connectors when type is
.opsgenie
.Hide config attribute Show config attribute object
-
The Opsgenie URL. For example,
https://api.opsgenie.com
orhttps://api.eu.opsgenie.com
. If you are using thexpack.actions.allowedHosts
setting, add the hostname to the allowed hosts.
-
-
The type of connector.
Value is
.opsgenie
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
Hide attributes Show attributes
-
config object
Defines properties for connectors when type is
.pagerduty
.Hide config attribute Show config attribute object
-
apiUrl string | null
The PagerDuty event URL.
-
-
The type of connector.
Value is
.pagerduty
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
Hide attributes Show attributes
-
config object
Defines properties for connectors when type is
.resilient
. -
The type of connector.
Value is
.resilient
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
Hide attributes Show attributes
-
config object
Defines properties for connectors when type is
.sentinelone
.Hide config attribute Show config attribute object
-
The SentinelOne tenant URL. If you are using the
xpack.actions.allowedHosts
setting, add the hostname to the allowed hosts.
-
-
The type of connector.
Value is
.sentinelone
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
Hide attributes Show attributes
-
config object | null
-
The type of connector.
Value is
.server-log
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
Hide attributes Show attributes
-
config object
Defines properties for connectors when type is
.servicenow
.Hide config attributes Show config attributes object
-
The ServiceNow instance URL.
-
clientId string
The client ID assigned to your OAuth application. This property is required when
isOAuth
istrue
. -
isOAuth boolean
The type of authentication to use. The default value is false, which means basic authentication is used instead of open authorization (OAuth).
Default value is
false
. -
jwtKeyId string
The key identifier assigned to the JWT verifier map of your OAuth application. This property is required when
isOAuth
istrue
. -
userIdentifierValue string
The identifier to use for OAuth authentication. This identifier should be the user field you selected when you created an OAuth JWT API endpoint for external clients in your ServiceNow instance. For example, if the selected user field is
Email
, the user identifier should be the user's email address. This property is required whenisOAuth
istrue
. -
usesTableApi boolean
Determines whether the connector uses the Table API or the Import Set API. This property is supported only for ServiceNow ITSM and ServiceNow SecOps connectors. NOTE: If this property is set to
false
, the Elastic application should be installed in ServiceNow.Default value is
true
.
-
-
The type of connector.
Value is
.servicenow
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
Hide attributes Show attributes
-
config object
Defines properties for connectors when type is
.servicenow
.Hide config attributes Show config attributes object
-
The ServiceNow instance URL.
-
clientId string
The client ID assigned to your OAuth application. This property is required when
isOAuth
istrue
. -
isOAuth boolean
The type of authentication to use. The default value is false, which means basic authentication is used instead of open authorization (OAuth).
Default value is
false
. -
jwtKeyId string
The key identifier assigned to the JWT verifier map of your OAuth application. This property is required when
isOAuth
istrue
. -
userIdentifierValue string
The identifier to use for OAuth authentication. This identifier should be the user field you selected when you created an OAuth JWT API endpoint for external clients in your ServiceNow instance. For example, if the selected user field is
Email
, the user identifier should be the user's email address. This property is required whenisOAuth
istrue
.
-
-
The type of connector.
Value is
.servicenow-itom
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
Hide attributes Show attributes
-
config object
Defines properties for connectors when type is
.servicenow
.Hide config attributes Show config attributes object
-
The ServiceNow instance URL.
-
clientId string
The client ID assigned to your OAuth application. This property is required when
isOAuth
istrue
. -
isOAuth boolean
The type of authentication to use. The default value is false, which means basic authentication is used instead of open authorization (OAuth).
Default value is
false
. -
jwtKeyId string
The key identifier assigned to the JWT verifier map of your OAuth application. This property is required when
isOAuth
istrue
. -
userIdentifierValue string
The identifier to use for OAuth authentication. This identifier should be the user field you selected when you created an OAuth JWT API endpoint for external clients in your ServiceNow instance. For example, if the selected user field is
Email
, the user identifier should be the user's email address. This property is required whenisOAuth
istrue
. -
usesTableApi boolean
Determines whether the connector uses the Table API or the Import Set API. This property is supported only for ServiceNow ITSM and ServiceNow SecOps connectors. NOTE: If this property is set to
false
, the Elastic application should be installed in ServiceNow.Default value is
true
.
-
-
The type of connector.
Value is
.servicenow-sir
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
Hide attributes Show attributes
-
config object
Defines properties for connectors when type is
.slack_api
.Hide config attribute Show config attribute object
-
allowedChannels array[object]
A list of valid Slack channels.
-
-
The type of connector.
Value is
.slack_api
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
Hide attributes Show attributes
-
The type of connector.
Value is
.slack
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
Hide attributes Show attributes
-
config object
Defines properties for connectors when type is
.swimlane
.Hide config attributes Show config attributes object
-
The Swimlane instance URL.
-
The Swimlane application ID.
-
The type of connector. Valid values are
all
,alerts
, andcases
.Values are
all
,alerts
, orcases
. -
mappings object
The field mapping.
Hide mappings attributes Show mappings attributes object
-
alertIdConfig object
Mapping for the alert ID.
-
caseIdConfig object
Mapping for the case ID.
-
caseNameConfig object
Mapping for the case name.
-
commentsConfig object
Mapping for the case comments.
-
descriptionConfig object
Mapping for the case description.
Hide descriptionConfig attributes Show descriptionConfig attributes object
-
ruleNameConfig object
Mapping for the name of the alert's rule.
-
severityConfig object
Mapping for the severity.
-
-
-
The type of connector.
Value is
.swimlane
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
Hide attributes Show attributes
-
config object
-
The type of connector.
Value is
.teams
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
Hide attributes Show attributes
-
config object
Defines properties for connectors when type is
.tines
.Hide config attribute Show config attribute object
-
The Tines tenant URL. If you are using the
xpack.actions.allowedHosts
setting, make sure this hostname is added to the allowed hosts.
-
-
The type of connector.
Value is
.tines
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
Hide attributes Show attributes
-
config object
Defines properties for connectors when type is
.torq
.Hide config attribute Show config attribute object
-
The endpoint URL of the Elastic Security integration in Torq.
-
-
The type of connector.
Value is
.torq
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
Hide attributes Show attributes
-
config object
Defines properties for connectors when type is
.webhook
.Hide config attributes Show config attributes object
-
authType string | null
The type of authentication to use: basic, SSL, or none.
Values are
webhook-authentication-basic
orwebhook-authentication-ssl
. -
ca string
A base64 encoded version of the certificate authority file that the connector can trust to sign and validate certificates. This option is available for all authentication types.
-
certType string
If the
authType
iswebhook-authentication-ssl
, specifies whether the certificate authentication data is in a CRT and key file format or a PFX file format.Values are
ssl-crt-key
orssl-pfx
. -
hasAuth boolean
If true, a username and password for login type authentication must be provided.
Default value is
true
. -
headers object | null
A set of key-value pairs sent as headers with the request.
-
method string
The HTTP request method, either
post
orput
.Values are
post
orput
. Default value ispost
. -
url string
The request URL. If you are using the
xpack.actions.allowedHosts
setting, add the hostname to the allowed hosts. -
verificationMode string
Controls the verification of certificates. Use
full
to validate that the certificate has an issue date within thenot_before
andnot_after
dates, chains to a trusted certificate authority (CA), and has a hostname or IP address that matches the names within the certificate. Usecertificate
to validate the certificate and verify that it is signed by a trusted authority; this option does not check the certificate hostname. Usenone
to skip certificate validation.Values are
certificate
,full
, ornone
. Default value isfull
.
-
-
The type of connector.
Value is
.webhook
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
Hide attributes Show attributes
-
config object
Defines properties for connectors when type is
.xmatters
.Hide config attributes Show config attributes object
-
The type of connector.
Value is
.xmatters
. -
The identifier for the connector.
-
Indicates whether the connector type is deprecated.
-
is_missing_secrets boolean
Indicates whether secrets are missing for the connector. Secrets configuration properties vary depending on the connector type.
-
Indicates whether it is a preconfigured connector. If true, the
config
andis_missing_secrets
properties are omitted from the response. -
is_system_action boolean
Indicates whether the connector is used for system actions.
-
The display name for the connector.
-
referenced_by_count integer
Indicates the number of saved objects that reference the connector. If
is_preconfigured
is true, this value is not calculated. This property is returned only by the get all connectors API.
-
-
401 application/json; Elastic-Api-Version=2023-10-31
Authorization information is missing or invalid.
Hide response attributes Show response attributes object
-
error string
Value is
Unauthorized
. -
message string
-
statusCode integer
Value is
401
.
-
curl \
-X POST https://localhost:5601/api/actions/connector \
-H "Content-Type: application/json; Elastic-Api-Version=2023-10-31" \
-H "kbn-xsrf: string"
{
"name": "email-connector-1",
"config": {
"from": "tester@example.com",
"host": "https://example.com",
"port": 1025,
"secure": false,
"hasAuth": true,
"service": "other"
},
"secrets": {
"user": "username",
"password": "password"
},
"connector_type_id": ".email"
}
{
"name": "my-connector",
"config": {
"index": "test-index"
},
"connector_type_id": ".index"
}
{
"name": "my-webhook-connector",
"config": {
"url": "https://example.com",
"method": "post",
"authType": "webhook-authentication-ssl",
"certType": "ssl-crt-key"
},
"secrets": {
"crt": "QmFnIEF0dH...",
"key": "LS0tLS1CRUdJ...",
"password": "my-passphrase"
},
"connector_type_id": ".webhook"
}
{
"name": "my-xmatters-connector",
"config": {
"usesBasic": false
},
"secrets": {
"secretsUrl": "https://example.com?apiKey=xxxxx"
},
"connector_type_id": ".xmatters"
}
{
"id": "90a82c60-478f-11ee-a343-f98a117c727f",
"name": "email-connector-1",
"config": {
"from": "tester@example.com",
"host": "https://example.com",
"port": 1025,
"secure": false,
"hasAuth": true,
"service": "other",
"clientId": null,
"tenantId": null,
"oauthTokenUrl": null
},
"is_deprecated": false,
"is_preconfigured": false,
"is_system_action": false,
"connector_type_id": ".email",
"is_missing_secrets": false
}
{
"id": "c55b6eb0-6bad-11eb-9f3b-611eebc6c3ad",
"name": "my-connector",
"config": {
"index": "test-index",
"refresh": false,
"executionTimeField": null
},
"is_deprecated": false,
"is_preconfigured": false,
"is_system_action": false,
"connector_type_id": ".index",
"is_missing_secrets": false
}
{
"id": "900eb010-3b9d-11ee-a642-8ffbb94e38bd",
"name": "my-webhook-connector",
"config": {
"url": "https://example.com",
"method": "post",
"hasAuth": true,
"headers": null,
"authType": "webhook-authentication-ssl",
"certType": "ssl-crt-key",
"verificationMode": "full"
},
"is_deprecated": false,
"is_preconfigured": false,
"is_system_action": false,
"connector_type_id": ".webhook",
"is_missing_secrets": false
}
{
"id": "4d2d8da0-4d1f-11ee-9367-577408be4681",
"name": "my-xmatters-connector",
"config": {
"configUrl": null,
"usesBasic": false
},
"is_deprecated": false,
"is_preconfigured": false,
"is_system_action": false,
"connector_type_id": ".xmatters",
"is_missing_secrets": false
}
{
"error": "Unauthorized",
"message": "string",
"statusCode": 401
}