Assign and unassign users from detection alerts

POST /api/detection_engine/signals/assignees

Assign users to detection alerts, and unassign them from alerts.

You cannot add and remove the same assignee in the same request.

application/json; Elastic-Api-Version=2023-10-31

Body Required

  • assignees object Required

    Details about the assignees to assign and unassign.

    Additional properties are allowed.

    Hide assignees attributes Show assignees attributes object
    • add array[string] Required

      A string that is not empty and does not contain only whitespace

      Minimum length of each is 1. Format of each should match the following pattern: ^(?! *$).+$.

    • remove array[string] Required

      A string that is not empty and does not contain only whitespace

      Minimum length of each is 1. Format of each should match the following pattern: ^(?! *$).+$.

  • ids array[string] Required

    A string that is not empty and does not contain only whitespace

    At least 1 element. Minimum length of each is 1. Format of each should match the following pattern: ^(?! *$).+$.

Responses

  • Indicates a successful call.

  • Invalid request.

POST /api/detection_engine/signals/assignees
curl \
 -X POST https://localhost:5601/api/detection_engine/signals/assignees \
 -H "Content-Type: application/json; Elastic-Api-Version=2023-10-31"
Request examples
{
  "assignees": {
    "add": [
      "string"
    ],
    "remove": [
      "string"
    ]
  },
  "ids": [
    "string"
  ]
}