stack kb security-detections-api import-rules cli command
Auth required
elastic stack kb security-detections-api import-rules [options]
Import detection rules
Behaviour flags:
--dry-run — validate all inputs and exit without performing any action
--[no-]overwrite- Determines whether existing rules with the same
rule_idare overwritten. --[no-]overwrite-exceptions- Determines whether existing exception lists with the same
list_idare overwritten. Both the exception list container and its items are overwritten. --[no-]overwrite-action-connectors- Determines whether existing actions with the same
kibana.alert.rule.actions.idare overwritten. --[no-]as-new-list- Generates a new list ID for each imported exception list.
--input-filestring- path to a JSON file to use as command input
--[no-]dry-run- validate all inputs and exit without performing any action (preview changes without applying them)
--[no-]json-
output as JSON