A newer version is available. For the latest information, see the
current release documentation.
Cases API
editCases API
editYou can create, manage, configure, and send cases to external systems with these APIs:
Console supports only Elasticsearch APIs. Console doesn’t allow interactions with Kibana APIs. You must use curl
or another HTTP tool instead. For more information, refer to Run Elasticsearch API requests.
- Cases API: Used to open and manage security action items.
- Actions API: Used to send cases to external systems. Create connector stores the data required to interface with third-party systems, and Create or update an external incident sends Elastic Security cases to external systems.