IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.
« Get tags API Set case configuration API »
Elastic Docs Kibana Guide [8.2] REST API Cases APIs

Push case API

edit

Push case API

edit

Pushes a case to an external service.

Request

edit

POST <kibana host>:<port>/api/cases/<case_id>/connector/<connector_id>/_push

POST <kibana host>:<port>/s/<space_id>/api/cases/<case_id>/connector/<connector_id>/_push

Prerequisites

edit

You must have all privileges for the Actions and Connectors feature in the Management section of the Kibana feature privileges. You must also have all privileges for the Cases feature in the Management, Observability, or Security section of the Kibana feature privileges, depending on the owner of the case you’re pushing.

Path parameters

edit
<case_id>
(Required, string) The identifier for the case. To retrieve case IDs, use Find cases.
<connector_id>
(Required, string) The identifier for the connector. To retrieve connector IDs, use Find connectors.
<space_id>
(Optional, string) An identifier for the space. If it is not specified, the default space is used.

Response codes

edit
200
Indicates a successful call.

Examples

edit

Push the case to an external service:

POST api/cases/7349772f-421a-4de3-b8bb-2d9b22ccee30/connector/abed3a70-71bd-11ea-a0b2-c51ea50a58e2/_push
{}

The API returns a JSON object representing the pushed case. For example:

{
  "id": "a18b38a0-71b0-11ea-a0b2-c51ea50a58e2",
  "version": "Wzk4LDFd",
  "comments": [],
  "totalComment": 0,
  "totalAlerts": 0,
  "title": "This case will self-destruct in 5 seconds",
  "tags": [ "phishing", "social engineering", "bubblegum" ],
  "description": "James Bond clicked on a highly suspicious email banner advertising cheap holidays for underpaid civil servants. Operation bubblegum is active. Repeat - operation bubblegum is now active!",
  "settings": {
    "syncAlerts": true
  },
  "owner": "securitySolution",
  "closed_at": null,
  "closed_by": null,
  "created_at": "2022-03-29T11:30:02.658Z",
  "created_by": {
    "email": "[email protected]",
    "full_name": "Alan Hunley",
    "username": "ahunley"
  },
  "status": "open",
  "updated_at": "2022-03-29T12:01:50.244Z",
  "updated_by": {
    "full_name": "Classified",
    "email": "[email protected]",
    "username": "M"
  },
  "connector": {
    "id": "08046500-bb7b-11ec-89c3-ef74ed34b2e9",
    "name": "My connector",
    "type": ".jira",
    "fields": {
      "issueType": "10006",
      "priority": "High",
      "parent": null
    }
  },
  "external_service": {
    "pushed_at":"2022-07-26T18:19:43.688Z",
    "pushed_by":{
        "username":"[email protected]",
        "full_name":null,
        "email":null
    },
    "connector_name":"My connector",
    "external_id":"10110",
    "external_title":"TPN-103",
    "external_url":"https://cases.jira.com",
    "connector_id":"08046500-bb7b-11ec-89c3-ef74ed34b2e9",
  }
}
« Get tags API Set case configuration API »