Find and/or aggregate detection alerts
Find and/or aggregate detection alerts that match the given query.
Body Required
Search and/or aggregation query
_source boolean | string | array[string]
-
aggs object
Additional properties are allowed.
-
fields array[string]
-
query object
Additional properties are allowed.
-
runtime_mappings object
Additional properties are allowed.
-
size integer
Minimum value is
0
. -
track_total_hits boolean
Responses
-
200 application/json; Elastic-Api-Version=2023-10-31
Successful response
Elasticsearch search response
Additional properties are allowed.
-
400 application/json; Elastic-Api-Version=2023-10-31
Invalid input data response
-
401 application/json; Elastic-Api-Version=2023-10-31
Unsuccessful authentication response
-
500 application/json; Elastic-Api-Version=2023-10-31
Internal server error response
POST /api/detection_engine/signals/search
curl \
-X POST https://localhost:5601/api/detection_engine/signals/search \
-H "Content-Type: application/json; Elastic-Api-Version=2023-10-31"
Request examples
{
"_source": true,
"aggs": {},
"fields": [
"string"
],
"query": {},
"runtime_mappings": {},
"size": 42,
"sort": "string",
"track_total_hits": true
}
Response examples (200)
{}
Response examples (400)
Security_detections_api_platformerrorresponse (generated)
{
"error": "string",
"message": "string",
"statusCode": 42
}
{
"message": "string",
"status_code": 42
}
Response examples (401)
{
"error": "string",
"message": "string",
"statusCode": 42
}
Response examples (500)
{
"message": "string",
"status_code": 42
}