Add and remove detection alert tags Beta

POST /api/detection_engine/signals/tags

And tags to detection alerts, and remove them from alerts.

You cannot add and remove the same alert tag in the same request.

application/json; Elastic-Api-Version=2023-10-31

Body Required

An object containing tags to add or remove and alert ids the changes will be applied

  • ids array[string(nonempty)] Required

    A string that does not contain only whitespace characters

    At least 1 element. Minimum length of each is 1.

  • tags object Required

    Additional properties are allowed.

    Hide tags attributes Show tags attributes object
    • tags_to_add array[string(nonempty)] Required

      A string that does not contain only whitespace characters

      Minimum length of each is 1.

    • tags_to_remove array[string(nonempty)] Required

      A string that does not contain only whitespace characters

      Minimum length of each is 1.

Responses

POST /api/detection_engine/signals/tags 
curl \
 -X POST https://<KIBANA_URL>/api/detection_engine/signals/tags \
 -H "Content-Type: application/json; Elastic-Api-Version=2023-10-31"
Request examples 
{
  "ids": [
    "string"
  ],
  "tags": {
    "tags_to_add": [
      "string"
    ],
    "tags_to_remove": [
      "string"
    ]
  }
}
Response examples (200) 
{}
Response examples (400) 
{
  "error": "string",
  "message": "string",
  "statusCode": 42
}
{
  "message": "string",
  "status_code": 42
}
Response examples (401) 
{
  "error": "string",
  "message": "string",
  "statusCode": 42
}
Response examples (500) 
{
  "message": "string",
  "status_code": 42
}