Privileges endpoint
editPrivileges endpoint
editRetrieves whether or not the user is authenticated, and the user’s Kibana space
and index privileges, which determine if the user can create an index
(.siem-signals-*
) for the Elastic Security alerts generated by detection engine rules.
For information about the permissions and privileges required to create
.siem-signals-<Kibana-space>
indices, see Enable and access detections.
Get privileges
editReturns user privileges for the Kibana space.
Request URL
editGET <kibana host>:<port>/api/detection_engine/privileges
Example requests
editGets user privileges for the Kibana default space:
GET api/detection_engine/privileges
Gets user privileges for the Kibana siem
space:
GET s/siem/api/detection_engine/privileges
Response code
edit-
200
- Indicates a successful call.
Example response
edit{ "username": "detection-engine-admin", "has_all_requested": false, "cluster": { "monitor_ml": true, "manage_ccr": false, "manage_index_templates": true, "monitor_watcher": true, "monitor_transform": true, "read_ilm": true, "manage_api_key": false, "manage_security": false, "manage_own_api_key": false, "manage_saml": false, "all": false, "manage_ilm": true, "manage_ingest_pipelines": true, "read_ccr": false, "manage_rollup": true, "monitor": true, "manage_watcher": true, "manage": true, "manage_transform": true, "manage_token": false, "manage_ml": true, "manage_pipeline": true, "monitor_rollup": true, "transport_client": true, "create_snapshot": true }, "index": { ".siem-signals-detection-engine": { "all": false, "manage_ilm": true, "read": false, "create_index": true, "read_cross_cluster": false, "index": false, "monitor": true, "delete": false, "manage": true, "delete_index": true, "create_doc": false, "view_index_metadata": true, "create": false, "manage_follow_index": true, "manage_leader_index": true, "write": false } }, "application": {} "is_authenticated": true "has_encryption_key": true }
Indicates whether the user can log in to the Elasticsearch deployment. |
|
Indicates whether the
|