« Index endpoint Import rules »
Elastic Docs Elastic Security Solution [8.15] Elastic Security APIs Detections API

Tags endpoint

edit

Tags endpoint

edit

Aggregates and returns all rule tags.

Get tags

edit

Aggregates and returns all unique tags from all rules.

Request URL

edit

GET <kibana host>:<port>/api/detection_engine/tags

Example request
edit

Gets tags for all rules in the Kibana default space:

GET api/detection_engine/tags

Response code

edit
200
Indicates a successful call.
Example response
edit
[
  "zeek",
  "suricata",
  "windows",
  "linux",
  "network",
  "initial access",
  "remote access",
  "phishing"
]
« Index endpoint Import rules »