From 86aa2341a7f76e2df10ecfab346e9c96f81ade2d Mon Sep 17 00:00:00 2001 From: Arianna Laudazzi Date: Tue, 21 Jan 2025 15:15:01 +0100 Subject: [PATCH 01/10] Draft overview page --- docs/source/reference-overview/.DS_Store | Bin 0 -> 6148 bytes .../security/security-overview.md | 25 ++++++++++++++++++ 2 files changed, 25 insertions(+) create mode 100644 docs/source/reference-overview/.DS_Store create mode 100644 docs/source/reference-overview/security/security-overview.md diff --git a/docs/source/reference-overview/.DS_Store b/docs/source/reference-overview/.DS_Store new file mode 100644 index 0000000000000000000000000000000000000000..5008ddfcf53c02e82d7eee2e57c38e5672ef89f6 GIT binary patch literal 6148 zcmeH~Jr2S!425mzP>H1@V-^m;4Wg<&0T*E43hX&L&p$$qDprKhvt+--jT7}7np#A3 zem<@ulZcFPQ@L2!n>{z**++&mCkOWA81W14cNZlEfg7;MkzE(HCqgga^y>{tEnwC%0;vJ&^%eQ zLs35+`xjp>T0 Date: Tue, 21 Jan 2025 18:56:32 -0800 Subject: [PATCH 02/10] Add security reference to docset.yml --- docs/source/docset.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/source/docset.yml b/docs/source/docset.yml index 7ff9426..50d6cc7 100644 --- a/docs/source/docset.yml +++ b/docs/source/docset.yml @@ -46,3 +46,6 @@ toc: - folder: content - file: index.md - folder: versioning + - folder: reference-overview + children: + - folder: security \ No newline at end of file From 206b864d5a49e424103ebb1a6a8846a4b0b4ab07 Mon Sep 17 00:00:00 2001 From: Arianna Laudazzi <46651782+alaudazzi@users.noreply.github.com> Date: Wed, 22 Jan 2025 11:38:11 +0100 Subject: [PATCH 03/10] Update docs/source/reference-overview/security/security-overview.md Co-authored-by: Lisa Cawley --- docs/source/reference-overview/security/security-overview.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/source/reference-overview/security/security-overview.md b/docs/source/reference-overview/security/security-overview.md index fefabe9..21049e7 100644 --- a/docs/source/reference-overview/security/security-overview.md +++ b/docs/source/reference-overview/security/security-overview.md @@ -14,7 +14,7 @@ This section of the documentation contains reference information for Elastic Sec You can use these APIs to interface with Elastic Security features: -* Detections API: Manage detection rules and alerts +* [Detections API](https://www.elastic.co/docs/api/doc/kibana/v8/group/endpoint-security-detections-api): Manage detection rules and alerts * Exceptions API: Create and manage rule exceptions * Lists API: Create source event value lists for use with rule exceptions * Timeline API: Import and export timelines From 9bbc9102d297028293600f861d287c494c9cb246 Mon Sep 17 00:00:00 2001 From: Arianna Laudazzi <46651782+alaudazzi@users.noreply.github.com> Date: Wed, 22 Jan 2025 11:38:20 +0100 Subject: [PATCH 04/10] Update docs/source/reference-overview/security/security-overview.md Co-authored-by: Lisa Cawley --- docs/source/reference-overview/security/security-overview.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/source/reference-overview/security/security-overview.md b/docs/source/reference-overview/security/security-overview.md index 21049e7..ddb3ece 100644 --- a/docs/source/reference-overview/security/security-overview.md +++ b/docs/source/reference-overview/security/security-overview.md @@ -16,7 +16,7 @@ You can use these APIs to interface with Elastic Security features: * [Detections API](https://www.elastic.co/docs/api/doc/kibana/v8/group/endpoint-security-detections-api): Manage detection rules and alerts * Exceptions API: Create and manage rule exceptions -* Lists API: Create source event value lists for use with rule exceptions +* [Lists API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-lists-api): Create source event value lists for use with rule exceptions * Timeline API: Import and export timelines * Cases API: Open and manage cases * Elastic AI Assistant API: Interact with and manage Elastic AI Assistant From 396fe2fcf0cc373fbf9fccd65514cd4c65d68c10 Mon Sep 17 00:00:00 2001 From: Arianna Laudazzi <46651782+alaudazzi@users.noreply.github.com> Date: Wed, 22 Jan 2025 11:38:29 +0100 Subject: [PATCH 05/10] Update docs/source/reference-overview/security/security-overview.md Co-authored-by: Lisa Cawley --- docs/source/reference-overview/security/security-overview.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/source/reference-overview/security/security-overview.md b/docs/source/reference-overview/security/security-overview.md index ddb3ece..c43ef81 100644 --- a/docs/source/reference-overview/security/security-overview.md +++ b/docs/source/reference-overview/security/security-overview.md @@ -17,7 +17,7 @@ You can use these APIs to interface with Elastic Security features: * [Detections API](https://www.elastic.co/docs/api/doc/kibana/v8/group/endpoint-security-detections-api): Manage detection rules and alerts * Exceptions API: Create and manage rule exceptions * [Lists API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-lists-api): Create source event value lists for use with rule exceptions -* Timeline API: Import and export timelines +* [Timeline API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-timeline-api): Import and export timelines * Cases API: Open and manage cases * Elastic AI Assistant API: Interact with and manage Elastic AI Assistant * Asset criticality API: Create and manage asset criticality records From 72fdb0021b4afa0dff66ec2308d40672152b183b Mon Sep 17 00:00:00 2001 From: Arianna Laudazzi <46651782+alaudazzi@users.noreply.github.com> Date: Wed, 22 Jan 2025 11:38:38 +0100 Subject: [PATCH 06/10] Update docs/source/reference-overview/security/security-overview.md Co-authored-by: Lisa Cawley --- docs/source/reference-overview/security/security-overview.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/source/reference-overview/security/security-overview.md b/docs/source/reference-overview/security/security-overview.md index c43ef81..69d43a0 100644 --- a/docs/source/reference-overview/security/security-overview.md +++ b/docs/source/reference-overview/security/security-overview.md @@ -15,7 +15,7 @@ This section of the documentation contains reference information for Elastic Sec You can use these APIs to interface with Elastic Security features: * [Detections API](https://www.elastic.co/docs/api/doc/kibana/v8/group/endpoint-security-detections-api): Manage detection rules and alerts -* Exceptions API: Create and manage rule exceptions +* [Exceptions API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-exceptions-api): Create and manage rule exceptions * [Lists API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-lists-api): Create source event value lists for use with rule exceptions * [Timeline API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-timeline-api): Import and export timelines * Cases API: Open and manage cases From 126a99ce3fadcd19782a31c854e57420c24fb95e Mon Sep 17 00:00:00 2001 From: Arianna Laudazzi <46651782+alaudazzi@users.noreply.github.com> Date: Wed, 22 Jan 2025 11:38:57 +0100 Subject: [PATCH 07/10] Update docs/source/reference-overview/security/security-overview.md Co-authored-by: Lisa Cawley --- docs/source/reference-overview/security/security-overview.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/source/reference-overview/security/security-overview.md b/docs/source/reference-overview/security/security-overview.md index 69d43a0..1befd94 100644 --- a/docs/source/reference-overview/security/security-overview.md +++ b/docs/source/reference-overview/security/security-overview.md @@ -20,6 +20,6 @@ You can use these APIs to interface with Elastic Security features: * [Timeline API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-timeline-api): Import and export timelines * Cases API: Open and manage cases * Elastic AI Assistant API: Interact with and manage Elastic AI Assistant -* Asset criticality API: Create and manage asset criticality records +* [Asset criticality API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-entity-analytics-api): Create and manage asset criticality records Additionally, the Kibana Actions API is partially documented to enable opening and updating cases in external ticketing systems. For more information on Kibana Actions, see Alerting and Actions and action plugins. From c915c4decd753aa10bc17190286e00fdcaf39f5a Mon Sep 17 00:00:00 2001 From: Arianna Laudazzi <46651782+alaudazzi@users.noreply.github.com> Date: Wed, 22 Jan 2025 11:39:07 +0100 Subject: [PATCH 08/10] Update docs/source/reference-overview/security/security-overview.md Co-authored-by: Lisa Cawley --- docs/source/reference-overview/security/security-overview.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/source/reference-overview/security/security-overview.md b/docs/source/reference-overview/security/security-overview.md index 1befd94..7373384 100644 --- a/docs/source/reference-overview/security/security-overview.md +++ b/docs/source/reference-overview/security/security-overview.md @@ -19,7 +19,7 @@ You can use these APIs to interface with Elastic Security features: * [Lists API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-lists-api): Create source event value lists for use with rule exceptions * [Timeline API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-timeline-api): Import and export timelines * Cases API: Open and manage cases -* Elastic AI Assistant API: Interact with and manage Elastic AI Assistant +* [Elastic AI Assistant API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-ai-assistant-api): Interact with and manage Elastic AI Assistant * [Asset criticality API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-entity-analytics-api): Create and manage asset criticality records Additionally, the Kibana Actions API is partially documented to enable opening and updating cases in external ticketing systems. For more information on Kibana Actions, see Alerting and Actions and action plugins. From 74d864f427934a23e4e84eecacda39ba9f43619e Mon Sep 17 00:00:00 2001 From: Arianna Laudazzi <46651782+alaudazzi@users.noreply.github.com> Date: Wed, 22 Jan 2025 11:39:19 +0100 Subject: [PATCH 09/10] Update docs/source/reference-overview/security/security-overview.md Co-authored-by: Lisa Cawley --- docs/source/reference-overview/security/security-overview.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/source/reference-overview/security/security-overview.md b/docs/source/reference-overview/security/security-overview.md index 7373384..e96b7d7 100644 --- a/docs/source/reference-overview/security/security-overview.md +++ b/docs/source/reference-overview/security/security-overview.md @@ -18,7 +18,7 @@ You can use these APIs to interface with Elastic Security features: * [Exceptions API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-exceptions-api): Create and manage rule exceptions * [Lists API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-lists-api): Create source event value lists for use with rule exceptions * [Timeline API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-timeline-api): Import and export timelines -* Cases API: Open and manage cases +* [Cases API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-cases): Open and manage cases * [Elastic AI Assistant API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-ai-assistant-api): Interact with and manage Elastic AI Assistant * [Asset criticality API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-entity-analytics-api): Create and manage asset criticality records From 725357e3bc754db21cf0a9bc083bfcecca5d8f91 Mon Sep 17 00:00:00 2001 From: Arianna Laudazzi <46651782+alaudazzi@users.noreply.github.com> Date: Wed, 22 Jan 2025 11:40:25 +0100 Subject: [PATCH 10/10] Integrate Lisa's feedback --- docs/source/reference-overview/security/security-overview.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/docs/source/reference-overview/security/security-overview.md b/docs/source/reference-overview/security/security-overview.md index e96b7d7..59e58eb 100644 --- a/docs/source/reference-overview/security/security-overview.md +++ b/docs/source/reference-overview/security/security-overview.md @@ -21,5 +21,3 @@ You can use these APIs to interface with Elastic Security features: * [Cases API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-cases): Open and manage cases * [Elastic AI Assistant API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-ai-assistant-api): Interact with and manage Elastic AI Assistant * [Asset criticality API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-entity-analytics-api): Create and manage asset criticality records - -Additionally, the Kibana Actions API is partially documented to enable opening and updating cases in external ticketing systems. For more information on Kibana Actions, see Alerting and Actions and action plugins.