Body
Required
-
agent_type
string List of agent types to retrieve. Defaults to
endpoint.Values are
endpoint,sentinel_one, orcrowdstrike. -
alert_ids
array[string(nonempty)] A list of alerts
ids.At least
1element. Minimum length of each is1. -
case_ids
array[string] Case IDs to be updated (cannot contain empty strings)
At least
1element. Minimum length of each is1. -
comment
string Optional comment
-
endpoint_ids
array[string] Required List of endpoint IDs (cannot contain empty strings)
At least
1element. Minimum length of each is1. -
parameters
object Required Optional parameters object
Additional properties are allowed.
POST
/api/endpoint/action/execute
curl \
--request POST https://localhost:5601/api/endpoint/action/execute \
--header "Authorization: $API_KEY" \
--header "Content-Type: application/json; Elastic-Api-Version=2023-10-31"
Request example
{
"comment": "Get list of all files",
"parameters": {
"command": "ls -al",
"timeout": 600
},
"endpoint_ids": [
"b3d6de74-36b0-4fa8-be46-c375bf1771bf"
]
}
Response examples (200)
{
"data": {
"id": "9f934028-2300-4927-b531-b26376793dc4",
"hosts": {
"ed518850-681a-4d60-bb98-e22640cae2a8": {
"name": "gke-endpoint-gke-clu-endpoint-node-po-e1a3ab89-4c4r"
}
},
"agents": [
"ed518850-681a-4d60-bb98-e22640cae2a8"
],
"status": "pending",
"command": "execute",
"comment": "Get list of all files",
"outputs": {},
"agentType": "endpoint",
"createdBy": "myuser",
"isExpired": false,
"startedAt": "2023-07-28T18:43:27.362Z",
"agentState": {
"ed518850-681a-4d60-bb98-e22640cae2a8": {
"isCompleted": false,
"wasSuccessful": false
}
},
"parameters": {
"command": "ls -al",
"timeout": 600
},
"isCompleted": false,
"wasSuccessful": false
}
}