Assign and unassign users from detection alerts Beta

POST /api/detection_engine/signals/assignees

Assign users to detection alerts, and unassign them from alerts.

You cannot add and remove the same assignee in the same request.

application/json; Elastic-Api-Version=2023-10-31

Body Required

  • assignees object Required

    Details about the assignees to assign and unassign.

    Additional properties are allowed.

    Hide assignees attributes Show assignees attributes object
    • add array[string(nonempty)] Required

      A string that does not contain only whitespace characters

      Minimum length of each is 1.

    • remove array[string(nonempty)] Required

      A string that does not contain only whitespace characters

      Minimum length of each is 1.

  • ids array[string(nonempty)] Required

    A string that does not contain only whitespace characters

    At least 1 element. Minimum length of each is 1.

Responses

  • 200

    Indicates a successful call.

  • 400

    Invalid request.

POST /api/detection_engine/signals/assignees 
curl \
 -X POST https://<KIBANA_URL>/api/detection_engine/signals/assignees \
 -H "Content-Type: application/json; Elastic-Api-Version=2023-10-31"
Request examples 
{
  "assignees": {
    "add": [
      "string"
    ],
    "remove": [
      "string"
    ]
  },
  "ids": [
    "string"
  ]
}