A newer version is available. For the latest information, see the
current release documentation.
Get exception container
editGet exception container
editRetrieves an exception container using its id
or list_id
field.
Console supports only Elasticsearch APIs. Console doesn’t allow interactions with Kibana APIs. You must use curl
or another HTTP tool instead. For more information, refer to Run Elasticsearch API requests.
Request URL
editGET <kibana host>:<port>/api/exception_lists
URL query parameters
editThe URL query must include the container’s id
or list_id
:
-
id
-GET /api/exception_lists?id=<id>
-
list_id
-GET /api/exception_lists?list_id=<list_id>
Example request
editRetrieves the list container with a list_id
of allowed-processes
:
GET api/exception_lists?list_id=internal-ip-excludes
Response code
edit-
200
- Indicates a successful call.
Response payload
edit{ "_tags": [], "created_at": "2020-07-14T08:24:22.884Z", "created_by": "LiverpoolFC", "description": "Excludes trusted processes", "id": "6c03f6a0-c5ab-11ea-a3d8-a5b753aeeb9e", "list_id": "allowed-processes", "name": "Process exceptions", "namespace_type": "single", "tags": [ "hosts", "processes" ], "tie_breaker_id": "65e16c8a-0d45-4e38-8a8f-094658a5df90", "type": "detection", "updated_at": "2020-07-14T08:24:23.050Z", "updated_by": "LiverpoolFC" }