- Kibana Guide: other versions:
- What is Kibana?
- What’s new in 8.13
- Kibana concepts
- Quick start
- Set up
- Install Kibana
- Configure Kibana
- Alerting and action settings
- APM settings
- Banners settings
- Cases settings
- Enterprise Search settings
- Fleet settings
- i18n settings
- Logging settings
- Logs settings
- Metrics settings
- Monitoring settings
- Reporting settings
- Search sessions settings
- Secure settings
- Security settings
- Spaces settings
- Task Manager settings
- Telemetry settings
- URL drilldown settings
- Start and stop Kibana
- Access Kibana
- Securing access to Kibana
- Add data
- Upgrade Kibana
- Configure security
- Configure reporting
- Configure logging
- Configure monitoring
- Command line tools
- Production considerations
- Discover
- Dashboard and visualizations
- Canvas
- Maps
- Build a map to compare metrics by country or region
- Track, visualize, and alert on assets in real time
- Map custom regions with reverse geocoding
- Heat map layer
- Tile layer
- Vector layer
- Plot big data
- Search geographic data
- Configure map settings
- Connect to Elastic Maps Service
- Import geospatial data
- Troubleshoot
- Reporting and sharing
- Machine learning
- Graph
- Alerting
- Observability
- APM
- Set up
- Get started
- How-to guides
- Configure APM agents with central config
- Control access to APM data
- Create an alert
- Create custom links
- Filter data
- Find transaction latency and failure correlations
- Identify deployment details for APM agents
- Integrate with machine learning
- Exploring mobile sessions with Discover
- Viewing sessions with Discover
- Observe Lambda functions
- Query your data
- Storage Explorer
- Track deployments with annotations
- Users and privileges
- Settings
- REST API
- Troubleshooting
- Security
- Dev Tools
- Fleet
- Osquery
- Stack Monitoring
- Stack Management
- REST API
- Get features API
- Kibana spaces APIs
- Kibana role management APIs
- User session management APIs
- Saved objects APIs
- Data views API
- Get all data views
- Get data view
- Create data view
- Update data view
- Delete data view
- Swap references preview
- Swap references
- Get default data view
- Set default data view
- Update data view fields metadata
- Get runtime field
- Create runtime field
- Upsert runtime field
- Update runtime field
- Delete runtime field
- Index patterns APIs
- Alerting APIs
- Action and connector APIs
- Cases APIs
- Add comment
- Create case
- Delete cases
- Delete comments
- Find case activity
- Find cases
- Find connectors
- Get alerts
- Get case activity
- Get case
- Get case status
- Get cases by alert
- Get comments
- Get configuration
- Get reporters
- Get tags
- Push case
- Set configuration
- Update cases
- Update comment
- Update configuration
- Import and export dashboard APIs
- Logstash configuration management APIs
- Machine learning APIs
- Osquery manager API
- Short URLs APIs
- Get Task Manager health
- Upgrade assistant APIs
- Synthetics APIs
- Uptime APIs
- Kibana plugins
- Troubleshooting
- Accessibility
- Release notes
- Kibana 8.13.4
- Kibana 8.13.3
- Kibana 8.13.2
- Kibana 8.13.1
- Kibana 8.13.0
- Kibana 8.12.2
- Kibana 8.12.1
- Kibana 8.12.0
- Kibana 8.11.4
- Kibana 8.11.3
- Kibana 8.11.2
- Kibana 8.11.1
- Kibana 8.11.0
- Kibana 8.10.4
- Kibana 8.10.3
- Kibana 8.10.2
- Kibana 8.10.1
- Kibana 8.10.0
- Kibana 8.9.2
- Kibana 8.9.1
- Kibana 8.9.0
- Kibana 8.8.2
- Kibana 8.8.1
- Kibana 8.8.0
- Kibana 8.7.1
- Kibana 8.7.0
- Kibana 8.6.1
- Kibana 8.6.0
- Kibana 8.5.2
- Kibana 8.5.1
- Kibana 8.5.0
- Kibana 8.4.3
- Kibana 8.4.2
- Kibana 8.4.1
- Kibana 8.4.0
- Kibana 8.3.3
- Kibana 8.3.2
- Kibana 8.3.1
- Kibana 8.3.0
- Kibana 8.2.3
- Kibana 8.2.2
- Kibana 8.2.1
- Kibana 8.2.0
- Kibana 8.1.3
- Kibana 8.1.2
- Kibana 8.1.1
- Kibana 8.1.0
- Kibana 8.0.0
- Kibana 8.0.0-rc2
- Kibana 8.0.0-rc1
- Kibana 8.0.0-beta1
- Kibana 8.0.0-alpha2
- Kibana 8.0.0-alpha1
- Developer guide
Update connector API
editUpdate connector API
editUpdates the attributes for a connector.
For the most up-to-date API details, refer to the open API specification.
Request
editPUT <kibana host>:<port>/api/actions/connector/<id>
PUT <kibana host>:<port>/s/<space_id>/api/actions/connector/<id>
Prerequisites
editYou must have all
privileges for the Actions and Connectors feature in the
Management section of the
Kibana feature privileges.
Path parameters
edit-
id
- (Required, string) The ID of the connector.
-
space_id
-
(Optional, string) An identifier for the space. If
space_id
is not provided in the URL, the default space is used.
Request body
edit-
config
-
(Required, object) The new connector configuration. Configuration properties vary depending on the connector type. For example:
Config properties
IBM Resilient connectors
-
apiUrl
- (Required, string) The IBM Resilient instance URL.
-
orgId
- (Required, string) The IBM Resilient organization ID.
For more information, refer to IBM Resilient.
Index connectors
-
executionTimeField
-
(Optional, string) Specifies a field that will contain the time the alert
condition was detected. The default value is
null
. -
index
- (Required, string) The Elasticsearch index to be written to.
-
refresh
-
(Optional, boolean) The refresh policy for the write
request. The default value is
false
.
For more information, refer to Index.
Jira connectors
-
apiUrl
- (Required, string) The Jira instance URL.
-
projectKey
- (Required, string) The Jira project key.
For more information, refer to Jira.
Opsgenie connectors
-
apiUrl
-
(Required, string) The Opsgenie URL. For example,
https://api.opsgenie.com
orhttps://api.eu.opsgenie.com
. If you are using thexpack.actions.allowedHosts
setting, make sure the hostname is added to the allowed hosts.
For more information, refer to Opsgenie.
ServiceNow ITOM, ServiceNow ITSM, and ServiceNow SecOps connectors
-
apiUrl
- (Required, string) The ServiceNow instance URL.
-
clientId
-
(Required*, string) The client ID assigned to your OAuth application. This
property is required when
isOAuth
istrue
. -
isOAuth
-
(Optional, string) The type of authentication to use. The default value is
false
, which means basic authentication is used instead of open authorization (OAuth). -
jwtKeyId
-
(Required*, string) The key identifier assigned to the JWT verifier map of
your OAuth application. This property is required when
isOAuth
istrue
. -
userIdentifierValue
-
(Required*, string) The identifier to use for OAuth authentication. This
identifier should be the user field you selected when you created an OAuth
JWT API endpoint for external clients in your ServiceNow instance. For example, if
the selected user field is
Email
, the user identifier should be the user’s email address. This property is required whenisOAuth
istrue
. -
usesTableApi
-
(Optional, boolean) Determines whether the connector uses the Table API or the Import Set API. This property is supported only for ServiceNow ITSM and ServiceNow SecOps connectors. The default value is
true
.If this property is set to false, the Elastic application should be installed in ServiceNow.
Swimlane connectors
-
apiUrl
- (Required, string) The Swimlane instance URL.
-
appId
- (Required, string) The Swimlane application ID.
-
connectorType
-
(Required, String) The type of the connector. Valid values are:
all
,alerts
,cases
. -
mappings
-
(Optional, object) The field mapping.
Mappings properties
-
alertIdConfig
-
(Optional, object) Mapping for the alert ID.
-
fieldType
- (Required, string) The type of the field in Swimlane.
-
id
- (Required, string) The id of the field in Swimlane.
-
key
- (Required, string) The key of the field in Swimlane.
-
name
- (Required, string) The name of the field in Swimlane.
-
-
caseIdConfig
-
(Optional, object) Mapping for the case ID.
-
fieldType
- (Required, string) The type of the field in Swimlane.
-
id
- (Required, string) The id of the field in Swimlane.
-
key
- (Required, string) The key of the field in Swimlane.
-
name
- (Required, string) The name of the field in Swimlane.
-
-
caseNameConfig
-
(Optional, object) Mapping for the case name.
-
fieldType
- (Required, string) The type of the field in Swimlane.
-
id
- (Required, string) The id of the field in Swimlane.
-
key
- (Required, string) The key of the field in Swimlane.
-
name
- (Required, string) The name of the field in Swimlane.
-
-
commentsConfig
-
(Optional, object) Mapping for the case comments.
-
fieldType
- (Required, string) The type of the field in Swimlane.
-
id
- (Required, string) The id of the field in Swimlane.
-
key
- (Required, string) The key of the field in Swimlane.
-
name
- (Required, string) The name of the field in Swimlane.
-
-
descriptionConfig
-
(Optional, object) Mapping for the case description.
-
fieldType
- (Required, string) The type of the field in Swimlane.
-
id
- (Required, string) The id of the field in Swimlane.
-
key
- (Required, string) The key of the field in Swimlane.
-
name
- (Required, string) The name of the field in Swimlane.
-
-
ruleNameConfig
-
(Optional, object) Mapping for the name of the alert’s rule.
-
fieldType
- (Required, string) The type of the field in Swimlane.
-
id
- (Required, string) The id of the field in Swimlane.
-
key
- (Required, string) The key of the field in Swimlane.
-
name
- (Required, string) The name of the field in Swimlane.
-
-
severityConfig
-
(Optional, object) Mapping for the severity.
-
fieldType
- (Required, string) The type of the field in Swimlane.
-
id
- (Required, string) The id of the field in Swimlane.
-
key
- (Required, string) The key of the field in Swimlane.
-
name
- (Required, string) The name of the field in Swimlane.
-
For more information, refer to Swimlane.
-
Webhook - Case Management connectors
-
createCommentJson
-
(Optional, string) A JSON payload sent to the create comment URL to create a case comment. You can use variables to add Kibana Cases data to the payload. The required variable is
case.comment
. For example:{ "body": {{{case.comment}}} }
Due to Mustache template variables (the text enclosed in triple braces, for example,
{{{case.title}}}
), the JSON is not validated when you create the connector. The JSON is validated once the Mustache variables have been placed when the REST method runs. Manually ensure that the JSON is valid, disregarding the Mustache variables, so the later validation will pass. -
createCommentMethod
-
(Optional, string) The REST API HTTP request method to create a case comment in
the third-party system. Valid values are either
patch
,post
, andput
. The default value isput
. -
createCommentUrl
-
(Optional, string) The REST API URL to create a case comment by ID in the third-party system. You can use a variable to add the external system ID to the URL. If you are using the
xpack.actions.allowedHosts
setting, make sure the hostname is added to the allowed hosts. For example:https://testing-jira.atlassian.net/rest/api/2/issue/{{{external.system.id}}}/comment
-
createIncidentJson
-
(Required, string) A JSON payload sent to the create case URL to create a case. You can use variables to add case data to the payload. Required variables are
case.title
andcase.description
. For example:{ "fields": { "summary": {{{case.title}}}, "description": {{{case.description}}}, "labels": {{{case.tags}}} } }
Due to Mustache template variables (which is the text enclosed in triple braces, for example,
{{{case.title}}}
), the JSON is not validated when you create the connector. The JSON is validated after the Mustache variables have been placed when REST method runs. Manually ensure that the JSON is valid to avoid future validation errors; disregard Mustache variables during your review. -
createIncidentMethod
-
(Optional, string) The REST API HTTP request method to create a case in the
third-party system. Valid values are
patch
,post
, andput
. The default value ispost
. -
createIncidentResponseKey
- (Required, string) The JSON key in the create case response that contains the external case ID.
-
createIncidentUrl
-
(Required, string) The REST API URL to create a case in the third-party system.
If you are using the
xpack.actions.allowedHosts
setting, make sure the hostname is added to the allowed hosts. -
getIncidentResponseExternalTitleKey
- (Required, string) The JSON key in get case response that contains the external case title.
-
getIncidentUrl
-
(Required, string) The REST API URL to get the case by ID from the third-party system. If you are using the
xpack.actions.allowedHosts
setting, make sure the hostname is added to the allowed hosts. You can use a variable to add the external system ID to the URL. For example:https://testing-jira.atlassian.net/rest/api/2/issue/{{{external.system.id}}}
Due to Mustache template variables (the text enclosed in triple braces, for example,
{{{case.title}}}
), the JSON is not validated when you create the connector. The JSON is validated after the Mustache variables have been placed when REST method runs. Manually ensure that the JSON is valid, disregarding the Mustache variables, so the later validation will pass. -
hasAuth
-
(Optional, boolean) If true, a username and password for login type authentication
must be provided. The default value is
true
. -
headers
- (Optional, string) A set of key-value pairs sent as headers with the request URLs for the create case, update case, get case, and create comment methods.
-
updateIncidentJson
-
(Required, string) The JSON payload sent to the update case URL to update the case. You can use variables to add Kibana Cases data to the payload. Required variables are
case.title
andcase.description
. For example:{ "fields": { "summary": {{{case.title}}}, "description": {{{case.description}}}, "labels": {{{case.tags}}} } }
Due to Mustache template variables (which is the text enclosed in triple braces, for example,
{{{case.title}}}
), the JSON is not validated when you create the connector. The JSON is validated after the Mustache variables have been placed when REST method runs. Manually ensure that the JSON is valid to avoid future validation errors; disregard Mustache variables during your review. -
updateIncidentMethod
-
(Optional, string) The REST API HTTP request method to update the case in the
third-party system. Valid values are
patch
,post
, andput
. The default value isput
. -
updateIncidentUrl
-
(Required, string) The REST API URL to update the case by ID in the third-party system. You can use a variable to add the external system ID to the URL. If you are using the
xpack.actions.allowedHosts
setting, make sure the hostname is added to the allowed hosts. For example:https://testing-jira.atlassian.net/rest/api/2/issue/{{{external.system.ID}}}
-
viewIncidentUrl
-
(Required, string) The URL to view the case in the external system. You can use variables to add the external system ID or external system title to the URL.For example:
https://testing-jira.atlassian.net/browse/{{{external.system.title}}}
For more information, refer to Webhook - Case Management.
This object is not required for server log connectors.
For more configuration properties, refer to Connectors.
-
-
name
- (Required, string) The new name of the connector.
-
secrets
-
(Required*, object) The updated secrets configuration for the connector. Secrets properties vary depending on the connector type. For information about the secrets configuration properties, refer to Action and connector types.
Secrets properties
IBM Resilient connectors
-
apiKeyId
- (Required, string) The authentication key ID for HTTP Basic authentication.
-
apiKeySecret
- (Required, string) The authentication key secret for HTTP Basic authentication.
Jira connectors
-
apiToken
- (Required, string) The Jira API authentication token for HTTP basic authentication.
-
email
- (Required, string) The account email for HTTP Basic authentication.
Opsgenie connectors
-
apiKey
- (Required, string) The Opsgenie API authentication key for HTTP Basic authentication.
ServiceNow ITOM, ServiceNow ITSM, and ServiceNow SecOps connectors
-
clientSecret
-
(Required*, string) The client secret assigned to your OAuth application. This
property is required when
isOAuth
istrue
. -
password
-
(Required*, string) The password for HTTP basic authentication. This property
is required when
isOAuth
isfalse
. -
privateKey
-
(Required*, string) The RSA private key that you created for use in ServiceNow. This
property is required when
isOAuth
istrue
. - privateKeyPassword
-
(Required*, string) The password for the RSA private key. This property is
required when
isOAuth
istrue
and you set a password on your private key. -
username
-
(Required*, string) The username for HTTP basic authentication. This property
is required when
isOAuth
isfalse
.
Swimlane connectors
-
apiToken
- (string) Swimlane API authentication token.
Webhook - Case Management connectors
-
password
- (Optional, string) The password for HTTP basic authentication.
-
user
- (Optional, string) The username for HTTP basic authentication.
This object is not required for index or server log connectors.
-
Response codes
edit-
200
- Indicates a successful call.
Examples
editPUT api/actions/connector/c55b6eb0-6bad-11eb-9f3b-611eebc6c3ad { "name": "updated-connector", "config": { "index": "updated-index" } }
The API returns the following:
{ "id": "c55b6eb0-6bad-11eb-9f3b-611eebc6c3ad", "connector_type_id": ".index", "name": "updated-connector", "config": { "index": "updated-index", "refresh": false, "executionTimeField": null }, "is_preconfigured": false, "is_deprecated": false, "is_missing_secrets": false }