IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.
« Index endpoint Import rules »
Elastic Docs Elastic Security Solution [7.16] Elastic Security APIs Detections API

Tags endpoint

edit

Tags endpoint

edit

Aggregates and returns all rule tags.

Console supports only Elasticsearch APIs. Console doesn’t allow interactions with Kibana APIs. You must use curl or another HTTP tool instead. For more information, refer to Run Elasticsearch API requests.

Get tags

edit

Aggregates and returns all unique tags from all rules.

Request URL

edit

GET <kibana host>:<port>/api/detection_engine/tags

Example request
edit

Gets tags for all rules in the Kibana default space:

GET api/detection_engine/tags

Response code

edit
200
Indicates a successful call.
Example response
edit
[
  "zeek",
  "suricata",
  "windows",
  "linux",
  "network",
  "initial access",
  "remote access",
  "phishing"
]
« Index endpoint Import rules »