APIs

You can use these APIs to interface with Elastic Security features:

• AI Assistant API: Interact with and manage Elastic AI Assistant.
• Cases API: Open and manage cases.
• Detections API: Manage detection rules, rule exceptions for individual rules, and alerts.
• Endpoint exceptions API: Manage detection rule endpoint exceptions.
• Endpoint management API: Interact with and manage endpoints running the Elastic Defend integration.
• Entity Analytics API: Manage Entity Analytics features, such as asset criticality and entity store.
• Exceptions API: Create and manage rule exceptions.
• Lists API: Create source event value lists for use with rule exceptions.
• Osquery API: Manage live queries, packs, and saved queries.
• Timeline API: Manage, import, and export Timelines.