Find anonymization fields

edit

Retrieve a list of anonymization fields that can be included in the LLM context.

Request URL

edit

GET <kibana host>:<port>/api/security_ai_assistant/anonymization_fields/_find

URL query parameters

edit
Name Type Description Required

page

Number

The page number to return. Defaults to 1.

No

per_page

Number

The number of items to return per page. Defaults to 10.

No

filter

String

The filter query to apply on the request.

No

sort_field

String

The field to sort the results by. Valid values are:

  • anonymized
  • allowed
  • updated_at
  • created_at

No

sort_order

String

The order to sort the results in. Valid values are:

  • asc
  • desc

No

fields

String

Defines the fields of the document to return in the response. For example, if set to name and allowed, the rest of the fields are omitted from the response.

No

Example requests

edit

Example 1

Get a list of all anonymization fields.

GET api/security_ai_assistant/anonymization_fields/_find?page=1&per_page=100

Response code

edit

200 Indicates a successful call.

Response payload

edit

A JSON anonymization field object with a unique id.

Example 1

Anonymization fields response payload:

{
  "perPage": 100,
  "page": 1,
  "total": 100,
  "data": [
    {
      "timestamp": "2024-08-13T01:59:55.141Z",
      "createdAt": "2024-08-13T01:59:55.141Z",
      "field": "_id",
      "allowed": true,
      "anonymized": false,
      "namespace": "default",
      "id": "lR12SZEBYaDeA-NhmkwG"
    },
    {
      "timestamp": "2024-08-13T01:59:55.141Z",
      "createdAt": "2024-08-13T01:59:55.141Z",
      "field": "@timestamp",
      "allowed": true,
      "anonymized": false,
      "namespace": "default",
      "id": "lh12SZEBYaDeA-NhmkwG"
    },
    {
      "timestamp": "2024-08-13T01:59:55.141Z",
      "createdAt": "2024-08-13T01:59:55.141Z",
      "field": "cloud.availability_zone",
      "allowed": true,
      "anonymized": false,
      "namespace": "default",
      "id": "lx12SZEBYaDeA-NhmkwG"
    },
    {
      "timestamp": "2024-08-13T01:59:55.141Z",
      "createdAt": "2024-08-13T01:59:55.141Z",
      "field": "cloud.provider",
      "allowed": true,
      "anonymized": false,
      "namespace": "default",
      "id": "mB12SZEBYaDeA-NhmkwG"
    },
    {
      "timestamp": "2024-08-13T01:59:55.141Z",
      "createdAt": "2024-08-13T01:59:55.141Z",
      "field": "cloud.region",
      "allowed": true,
      "anonymized": false,
      "namespace": "default",
      "id": "mR12SZEBYaDeA-NhmkwG"
    },
    {
      "timestamp": "2024-08-13T01:59:55.141Z",
      "createdAt": "2024-08-13T01:59:55.141Z",
      "field": "destination.ip",
      "allowed": true,
      "anonymized": false,
      "namespace": "default",
      "id": "mh12SZEBYaDeA-NhmkwG"
    },
    {
      "timestamp": "2024-08-13T01:59:55.141Z",
      "createdAt": "2024-08-13T01:59:55.141Z",
      "field": "dns.question.name",
      "allowed": true,
      "anonymized": false,
      "namespace": "default",
      "id": "mx12SZEBYaDeA-NhmkwG"
    },
    {
      "timestamp": "2024-08-13T01:59:55.141Z",
      "createdAt": "2024-08-13T01:59:55.141Z",
      "field": "dns.question.type",
      "allowed": true,
      "anonymized": false,
      "namespace": "default",
      "id": "nB12SZEBYaDeA-NhmkwG"
    },
    {
      "timestamp": "2024-08-13T01:59:55.141Z",
      "createdAt": "2024-08-13T01:59:55.141Z",
      "field": "event.category",
      "allowed": true,
      "anonymized": false,
      "namespace": "default",
      "id": "nR12SZEBYaDeA-NhmkwG"
    },
    {
      "timestamp": "2024-08-13T01:59:55.141Z",
      "createdAt": "2024-08-13T01:59:55.141Z",
      "field": "event.dataset",
      "allowed": true,
      "anonymized": false,
      "namespace": "default",
      "id": "nh12SZEBYaDeA-NhmkwG"
    },
    {
      "timestamp": "2024-08-13T01:59:55.141Z",
      "createdAt": "2024-08-13T01:59:55.141Z",
      "field": "process.executable",
      "allowed": true,
      "anonymized": false,
      "namespace": "default",
      "id": "xx12SZEBYaDeA-NhmkwG"
    },
    {
      "timestamp": "2024-08-13T01:59:55.141Z",
      "createdAt": "2024-08-13T01:59:55.141Z",
      "field": "process.exit_code",
      "allowed": true,
      "anonymized": false,
      "namespace": "default",
      "id": "yB12SZEBYaDeA-NhmkwG"
    },
    {
      "timestamp": "2024-08-13T01:59:55.141Z",
      "createdAt": "2024-08-13T01:59:55.141Z",
      "field": "process.Ext.memory_region.bytes_compressed_present",
      "allowed": true,
      "anonymized": false,
      "namespace": "default",
      "id": "yR12SZEBYaDeA-NhmkwG"
    },
    {
      "timestamp": "2024-08-13T01:59:55.141Z",
      "createdAt": "2024-08-13T01:59:55.141Z",
      "field": "process.Ext.memory_region.malware_signature.all_names",
      "allowed": true,
      "anonymized": false,
      "namespace": "default",
      "id": "yh12SZEBYaDeA-NhmkwG"
    },
    {
      "timestamp": "2024-08-13T01:59:55.141Z",
      "createdAt": "2024-08-13T01:59:55.141Z",
      "field": "process.Ext.memory_region.malware_signature.primary.matches",
      "allowed": true,
      "anonymized": false,
      "namespace": "default",
      "id": "yx12SZEBYaDeA-NhmkwG"
    },
    {
      "timestamp": "2024-08-13T01:59:55.141Z",
      "createdAt": "2024-08-13T01:59:55.141Z",
      "field": "process.Ext.memory_region.malware_signature.primary.signature.name",
      "allowed": true,
      "anonymized": false,
      "namespace": "default",
      "id": "zB12SZEBYaDeA-NhmkwG"
    },
    {
      "timestamp": "2024-08-13T01:59:55.141Z",
      "createdAt": "2024-08-13T01:59:55.141Z",
      "field": "process.Ext.token.integrity_level_name",
      "allowed": true,
      "anonymized": false,
      "namespace": "default",
      "id": "zR12SZEBYaDeA-NhmkwG"
    },
    {
      "timestamp": "2024-08-13T01:59:55.141Z",
      "createdAt": "2024-08-13T01:59:55.141Z",
      "field": "process.hash.md5",
      "allowed": true,
      "anonymized": false,
      "namespace": "default",
      "id": "zh12SZEBYaDeA-NhmkwG"
    },
    {
      "timestamp": "2024-08-13T01:59:55.141Z",
      "createdAt": "2024-08-13T01:59:55.141Z",
      "field": "process.hash.sha1",
      "allowed": true,
      "anonymized": false,
      "namespace": "default",
      "id": "zx12SZEBYaDeA-NhmkwG"
    },
    {
      "timestamp": "2024-08-13T01:59:55.141Z",
      "createdAt": "2024-08-13T01:59:55.141Z",
      "field": "process.hash.sha256",
      "allowed": true,
      "anonymized": false,
      "namespace": "default",
      "id": "0B12SZEBYaDeA-NhmkwG"
    },
    {
      "timestamp": "2024-08-13T01:59:55.141Z",
      "createdAt": "2024-08-13T01:59:55.141Z",
      "field": "user.risk.calculated_score_norm",
      "allowed": true,
      "anonymized": false,
      "namespace": "default",
      "id": "-B12SZEBYaDeA-NhmkwG"
    }
  ]
}