Find exception items
editFind exception items
editRetrieves a paginated subset of exception items in the specified container. By default, the first page is returned with 20 results per page.
Request URL
editGET <kibana host>:<port>/api/exception_lists/items/_find
URL query parameters
editName | Type | Description | Required |
---|---|---|---|
|
String |
ID of the exception container. |
Yes |
|
Integer |
The page number to return. |
No |
|
Integer |
The number of items to return per page. |
No |
|
String |
Determines which field is used to sort the results. |
No |
|
String |
Determines the sort order, which can be |
No |
|
String |
Returns the items that come after the last item
returned in the previous call (use the |
No |
Example request
editRetrieves exception items in the allowed-processes
container:
GET api/exception_lists/items/_find?list_id=allowed-processes
Response code
edit-
200
- Indicates a successful call.
Response payload
edit{ "data": [ { "_tags": [], "comments": [ { "comment": "Allowed on all hosts.", "created_at": "2020-07-14T13:40:39.804Z", "created_by": "elastic" } ], "created_at": "2020-07-14T13:40:39.804Z", "created_by": "elastic", "description": "Global process allowlist", "entries": [ { "field": "process.name", "operator": "included", "type": "match", "value": "housekeeping" } ], "id": "9b25aec0-c5d7-11ea-a3d8-a5b753aeeb9e", "item_id": "global-allow-processes", "list_id": "allowed-processes", "name": "Host-process global exclusion", "namespace_type": "single", "tags": [ "global", "hosts", "processes" ], "tie_breaker_id": "28c6b069-8e39-4f9a-b93c-95e5a15b46c5", "type": "simple", "updated_at": "2020-07-14T13:40:39.980Z", "updated_by": "elastic" }, { "_tags": [], "comments": [ { "comment": "Allows maintenance process to run on the specified machines", "created_at": "2020-07-14T13:41:24.005Z", "created_by": "elastic" } ], "created_at": "2020-07-14T13:41:24.005Z", "created_by": "elastic", "description": "Process allowlist", "entries": [ { "field": "process.name", "operator": "included", "type": "match", "value": "maintenance" }, { "field": "host.name", "operator": "included", "type": "match_any", "value": [ "liv-win-anf", "livw-win-mel", "linux-anfield" ] } ], "id": "b57e5f60-c5d7-11ea-a3d8-a5b753aeeb9e", "item_id": "allow-process-on-machines", "list_id": "allowed-processes", "name": "Host-process exclusions", "namespace_type": "single", "tags": [ "hosts", "processes" ], "tie_breaker_id": "a1bacb3d-7ce1-4f03-80f4-d49235b6bbde", "type": "simple", "updated_at": "2020-07-14T13:41:24.182Z", "updated_by": "elastic" } ], "page": 1, "per_page": 20, "total": 2 }