Find exception items
editFind exception items
editRetrieves a paginated subset of exception items in the specified container. By default, the first page is returned with 20 results per page.
Console supports only Elasticsearch APIs. Console doesn’t allow interactions with Kibana APIs. You must use curl
or another HTTP tool instead. For more information, refer to Run Elasticsearch API requests.
Request URL
editGET <kibana host>:<port>/api/exception_lists/items/_find
URL query parameters
editName | Type | Description | Required |
---|---|---|---|
|
String |
ID of the exception container. |
Yes |
|
Integer |
The page number to return. |
No |
|
Integer |
The number of items to return per page. |
No |
|
String |
Determines which field is used to sort the results. |
No |
|
String |
Determines the sort order, which can be |
No |
|
String |
Returns the items that come after the last item
returned in the previous call (use the |
No |
Example request
editRetrieves exception items in the allowed-processes
container:
GET api/exception_lists/items/_find?list_id=allowed-processes
Response code
edit-
200
- Indicates a successful call.
Response payload
edit{ "data": [ { "_tags": [], "comments": [ { "comment": "Allowed on all hosts.", "created_at": "2020-07-14T13:40:39.804Z", "created_by": "LiverpoolFC" } ], "created_at": "2020-07-14T13:40:39.804Z", "created_by": "LiverpoolFC", "description": "Global process allowlist", "entries": [ { "field": "process.name", "operator": "included", "type": "match", "value": "housekeeping" } ], "id": "9b25aec0-c5d7-11ea-a3d8-a5b753aeeb9e", "item_id": "global-allow-processes", "list_id": "allowed-processes", "name": "Host-process global exclusion", "namespace_type": "single", "tags": [ "global", "hosts", "processes" ], "tie_breaker_id": "28c6b069-8e39-4f9a-b93c-95e5a15b46c5", "type": "simple", "updated_at": "2020-07-14T13:40:39.980Z", "updated_by": "LiverpoolFC" }, { "_tags": [], "comments": [ { "comment": "Allows maintenance process to run on the specified machines", "created_at": "2020-07-14T13:41:24.005Z", "created_by": "LiverpoolFC" } ], "created_at": "2020-07-14T13:41:24.005Z", "created_by": "LiverpoolFC", "description": "Process allowlist", "entries": [ { "field": "process.name", "operator": "included", "type": "match", "value": "maintenance" }, { "field": "host.name", "operator": "included", "type": "match_any", "value": [ "liv-win-anf", "livw-win-mel", "linux-anfield" ] } ], "id": "b57e5f60-c5d7-11ea-a3d8-a5b753aeeb9e", "item_id": "allow-process-on-machines", "list_id": "allowed-processes", "name": "Host-process exclusions", "namespace_type": "single", "tags": [ "hosts", "processes" ], "tie_breaker_id": "a1bacb3d-7ce1-4f03-80f4-d49235b6bbde", "type": "simple", "updated_at": "2020-07-14T13:41:24.182Z", "updated_by": "LiverpoolFC" } ], "page": 1, "per_page": 20, "total": 2 }