Update exception container
editUpdate exception container
editUpdates an existing exception container.
Console supports only Elasticsearch APIs. Console doesn’t allow interactions with Kibana APIs. You must use curl
or another HTTP tool instead. For more information, refer to Run Elasticsearch API requests.
Request URL
editPUT <kibana host>:<port>/api/exception_lists
Request body
editName | Type | Description | Required |
---|---|---|---|
|
String |
Describes the exception container. |
Yes |
|
String |
The container’s unique identifier. |
Yes, when the container’s |
|
String |
The |
Yes, when
the container’s |
|
Object |
Placeholder for metadata about the list container. |
No |
|
String |
The exception container’s name. |
Yes |
|
String |
Determines whether the exception container is available in all Kibana spaces or just the space in which it is created, where:
|
No, defaults to |
|
String[] |
String array containing words and phrases to help categorize exception containers. |
No |
|
String |
The type of exception, which must be one of these:
|
Yes |
Example request
editUpdates the name
and description
fields:
PUT api/exception_lists { "description": "Trusted processes", "name": "Trusted in-house processes EU", "list_id": "allowed-processes", "type": "detection", "namespace_type": "single", "tags": [ "processes", "hosts" ] }
Response code
edit-
200
- Indicates a successful call.
Response payload
editThe updated object, including the time it was updated.
Example response:
{ "_tags": [], "created_at": "2020-07-15T06:10:37.228Z", "created_by": "LiverpoolFC", "description": "EU trusted processes", "id": "e6c44050-c661-11ea-bab5-9d6ae015701b", "list_id": "allowed-processes", "name": "Trusted in-house processes- EU", "namespace_type": "single", "tags": [ "processes", "hosts" ], "tie_breaker_id": "f022101f-edc9-449b-992c-2c6108190423", "type": "detection", "updated_at": "2020-07-15T06:12:38.098Z", "updated_by": "LiverpoolFC" }