Version: 7.x-36.0.0

This is a technical preview. Technical preview features are not fully supported, may not be functionally complete, and are not suitable for deployment in production. We encourage you to try them out and provide your feedback, good and bad, on the Search Guard forum. This will help us improve and add any features you might be missing.

Put Account API

Endpoint

PUT /_signals/account/{account_id}

Stores or updates an account identified by the {account_id} path parameter.

Path Parameters

{account_id} The id of the account to be created or updated. Required.

Request Body

The account needs to be specified as JSON document in the request body.

See TODO for details on the structure of accounts.

Responses

200 OK

An account identified by the given id existed before. The account was successfully updated.

201 Created

An account identified by the given id did not exist before. The account was successfully created.

400 Bad Request

The request was malformed.

If the account specified in the request body was malformed, a JSON document containing detailed validation errors will be returned in the response body. See TODO for details.

403 Forbidden

The user does not have the permission to create destinations for the currently selected tenant.

415 Unsupported Media Type

The destination was not encoded as JSON document. Destinations need to be sent using the media type application/json.

Permissions

For being able to access the endpoint, the user needs to have the privilege cluster:admin:searchguard:signals:destination/put.

This permission is included in the following built-in action groups:

  • SGS_SIGNALS_ACCOUNT_MANAGE

Examples

E-Mail

PUT /_signals/account/default_email
{
    "type": "email",
    "host": "mail.mycompany.example",
    "port": 587,
    "enable_tls": true,
    "default_from": "signals@mycompany.example.com",
    "default_bcc": "signals@mycompany.example.com"
}

Response

201 Created

Slack

PUT /_signals/account/default_slack
{
    "type": "slack",
    "url": "https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX"
}

Response

201 Created

Invalid data

PUT /_signals/account/my_email
{
    "type": "email",
    "port": 587,
    "enable_tls": true,
    "default_from": "signals@mycompany.example.com",
    "default_bcc": "@"
}

Response

400 Bad Request
{
    "status": 400,
    "error": "2 errors; see detail.",
    "detail": {
        "host": [
            {
                "error": "Required attribute is missing"
            }
        ],
        "default_bcc": [
            {
                "error": "Invalid value",
                "value": "@",
                "expected": "E-mail address"
            }
        ]
    }
}

Not what you were looking for? Try the search.