Delete an endpoint exception list item Beta

DELETE /api/endpoint_list/items

Delete an endpoint exception list item using the id or item_id field.

Query parameters

  • id string

    Either id or item_id must be specified

    Minimum length is 1. Format should match the following pattern: ^(?! *$).+$.

  • item_id string

    Either id or item_id must be specified

    Minimum length is 1. Format should match the following pattern: ^(?! *$).+$.

Responses

  • 200 application/json; Elastic-Api-Version=2023-10-31

    Successful response

    Hide response attributes Show response attributes object
    • _version string
    • comments array[object] Required
      Hide comments attributes Show comments attributes object
      • comment string Required

        A string that is not empty and does not contain only whitespace

        Minimum length is 1. Format should match the following pattern: ^(?! *$).+$.

      • created_at string(date-time) Required
      • created_by string Required

        A string that is not empty and does not contain only whitespace

        Minimum length is 1. Format should match the following pattern: ^(?! *$).+$.

      • id string Required

        A string that is not empty and does not contain only whitespace

        Minimum length is 1. Format should match the following pattern: ^(?! *$).+$.

      • updated_at string(date-time)
      • updated_by string

        A string that is not empty and does not contain only whitespace

        Minimum length is 1. Format should match the following pattern: ^(?! *$).+$.

    • created_at string(date-time) Required
    • created_by string Required
    • description string Required
    • entries array[object] Required
      Any of:
      Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatch object Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny object Security_Endpoint_Exceptions_API_ExceptionListItemEntryList object Security_Endpoint_Exceptions_API_ExceptionListItemEntryExists object Security_Endpoint_Exceptions_API_ExceptionListItemEntryNested object Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatchWildcard object
    • expire_time string(date-time)
    • id string Required

      A string that is not empty and does not contain only whitespace

      Minimum length is 1. Format should match the following pattern: ^(?! *$).+$.

    • item_id string Required

      A string that is not empty and does not contain only whitespace

      Minimum length is 1. Format should match the following pattern: ^(?! *$).+$.

    • list_id string Required

      A string that is not empty and does not contain only whitespace

      Minimum length is 1. Format should match the following pattern: ^(?! *$).+$.

    • meta object

      Additional properties are allowed.

    • name string Required

      A string that is not empty and does not contain only whitespace

      Minimum length is 1. Format should match the following pattern: ^(?! *$).+$.

    • namespace_type string Required

      Determines whether the exception container is available in all Kibana spaces or just the space in which it is created, where:

      • single: Only available in the Kibana space in which it is created.
      • agnostic: Available in all Kibana spaces.

      Values are agnostic or single.

    • os_types array[string]

      Values are linux, macos, or windows.

    • tags array[string]

      A string that is not empty and does not contain only whitespace

      Minimum length of each is 1. Format of each should match the following pattern: ^(?! *$).+$.

    • tie_breaker_id string Required
    • type string Required

      Value is simple.

    • updated_at string(date-time) Required
    • updated_by string Required
  • 400 application/json; Elastic-Api-Version=2023-10-31

    Invalid input data

    One of:
    Security_Endpoint_Exceptions_API_PlatformErrorResponse object Security_Endpoint_Exceptions_API_SiemErrorResponse object
  • 401 application/json; Elastic-Api-Version=2023-10-31

    Unsuccessful authentication

    Hide response attributes Show response attributes object
  • 403 application/json; Elastic-Api-Version=2023-10-31

    Insufficient privileges

    Hide response attributes Show response attributes object
  • 404 application/json; Elastic-Api-Version=2023-10-31

    Endpoint list item not found

    Hide response attributes Show response attributes object
  • 500 application/json; Elastic-Api-Version=2023-10-31

    Internal server error

    Hide response attributes Show response attributes object
DELETE /api/endpoint_list/items 
curl \
 -X DELETE https://localhost:5601/api/endpoint_list/items
Response examples (200) 
{
  "_version": "string",
  "comments": [
    {
      "comment": "string",
      "created_at": "2024-05-04T09:42:00+00:00",
      "created_by": "string",
      "id": "string",
      "updated_at": "2024-05-04T09:42:00+00:00",
      "updated_by": "string"
    }
  ],
  "created_at": "2024-05-04T09:42:00+00:00",
  "created_by": "string",
  "description": "string",
  "entries": [
    {
      "field": "string",
      "operator": "excluded",
      "type": "match",
      "value": "string"
    }
  ],
  "expire_time": "2024-05-04T09:42:00+00:00",
  "id": "string",
  "item_id": "string",
  "list_id": "string",
  "meta": {},
  "name": "string",
  "namespace_type": "agnostic",
  "os_types": [
    "linux"
  ],
  "tags": [
    "string"
  ],
  "tie_breaker_id": "string",
  "type": "simple",
  "updated_at": "2024-05-04T09:42:00+00:00",
  "updated_by": "string"
}
Response examples (400) 
{
  "error": "string",
  "message": "string",
  "statusCode": 42
}
{
  "message": "string",
  "status_code": 42
}
Response examples (401) 
{
  "error": "string",
  "message": "string",
  "statusCode": 42
}
Response examples (403) 
{
  "error": "string",
  "message": "string",
  "statusCode": 42
}
Response examples (404) 
{
  "message": "string",
  "status_code": 42
}
Response examples (500) 
{
  "message": "string",
  "status_code": 42
}