Cases API

edit

You can create, manage, configure, and send cases to external systems with these APIs:

The Kibana Console supports only Elasticsearch APIs. You cannot interact with the Kibana APIs with the Console and must use curl or another HTTP tool instead. For more information, refer to Console.

  • Cases API: Used to open and manage security action items.
  • Actions API: Used to send cases to external systems. Create connector stores the data required to interface with third-party systems, and Create or update an external incident sends Elastic Security cases to external systems.