Bulk upsert (create or update) asset criticality records

Create or update asset criticality records for multiple entities.

If asset criticality records already exist for the entities specified in the request, this API overwrites those records with the specified values.

If asset criticality records don’t exist for the specified entities, new records are created.

Request URL

edit

POST <kibana host>:<port>/api/asset_criticality/bulk

Request body

edit

A JSON object defining the asset criticality records.

Name	Type	Description	Required
`records`	Array	Array of asset criticality records to be created or updated. The maximum number of records is 1000.	Yes
`records.id_field`	String	The field that contains the entity ID. This must be either `user.name` or `host.name`.	Yes
`records.id_value`	String	The ID (host name or user name) of the entity specified in the `records.id_field` field.	Yes
`records.criticality_level`	String	The asset criticality level to assign, which must be one of the following: `low_impact` `medium_impact` `high_impact` `extreme_impact` For example, you can assign `extreme_impact` to business-critical entities, or `low_impact` to entities that pose minimal risk to your security posture.	Yes

Example requests

edit

POST /api/asset_criticality/bulk
{
  "records": [
    {
      "id_field": "host.name",
      "id_value": "my_host",
      "criticality_level": "medium_impact"
    },
    {
      "id_field": "host.name",
      "id_value": "my_other_host",
      "criticality_level": "low_impact"
    }
  ]
}

Response code

edit

200: Indicates a successful call.

Example response

edit

Successful response

{
  "errors": [],
  "stats": {
    "successful": 2,
    "failed": 0,
    "total": 2
  }
}

« Upsert (create or update) asset criticality record Get asset criticality record »