Skip to content

[Security Solution][Endpoint] Scripts library List API #244960

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 39 commits into
base: main
Choose a base branch
from
Open

[Security Solution][Endpoint] Scripts library List API #244960

wants to merge 39 commits into from
+38,115 −30,087

Conversation

@paul-tavares
Copy link
Contributor

@paul-tavares paul-tavares commented Dec 2, 2025
edited
Loading

Summary

  • Add the list api to the scripts library: GET /api/endpoint/scripts_library
    • Currently behind feature flag responseActionsScriptLibraryManagement
    • supports the following query parameters (all optional):
      • page
      • pageSize
      • sortField
      • sortDirection
      • kuery
  • includes OpenAPI docs - but note that they are currently included in the final docs output due to it being behind a feature flag
  • Makes some improvements to the SO definition that stores script records

Usage example:

GET /api/endpoint/scripts_library?sortField=createdAt&sortDirection=desc&pageSize=2

Response:

{
  "data": [
    {
      "id": "0afa2e1a-4ffd-44a8-b291-2621bdc18f1a",
      "name": "aaaaa my script",
      "platform": [
        "windows"
      ],
      "downloadUri": "/api/endpoint/scripts_library/0afa2e1a-4ffd-44a8-b291-2621bdc18f1a/download",
      "requiresInput": false,
      "createdBy": "platformEngineer",
      "updatedBy": "platformEngineer",
      "createdAt": "2025-12-02T15:59:11.850Z",
      "updatedAt": "2025-12-02T15:59:11.850Z",
      "version": "WzE2LDFd"
    },
    {
      "id": "430eedb5-2eaf-49db-9f5e-6c944ea96eae",
      "name": "aaaaa my script",
      "platform": [
        "windows"
      ],
      "downloadUri": "/api/endpoint/scripts_library/430eedb5-2eaf-49db-9f5e-6c944ea96eae/download",
      "requiresInput": false,
      "createdBy": "hunter",
      "updatedBy": "hunter",
      "createdAt": "2025-12-02T15:58:41.712Z",
      "updatedAt": "2025-12-02T15:58:41.712Z",
      "version": "WzE1LDFd"
    },
  ],
  "page": 1,
  "pageSize": 10,
  "sortDirection": "desc",
  "sortField": "createdAt",
  "total": 8
}

Checklist

@paul-tavares paul-tavares self-assigned this Dec 2, 2025
@paul-tavares paul-tavares added release_note:skip Skip the PR/issue when compiling release notes Team:Defend Workflows “EDR Workflows” sub-team of Security Solution backport:version Backport to applied version labels v9.4.0 labels Dec 2, 2025
@paul-tavares
Copy link
Contributor Author

paul-tavares commented Dec 2, 2025

/ci

2 similar comments
@paul-tavares
Copy link
Contributor Author

paul-tavares commented Dec 2, 2025

/ci

@paul-tavares
Copy link
Contributor Author

paul-tavares commented Dec 2, 2025

/ci

@paul-tavares
Copy link
Contributor Author

paul-tavares commented Dec 2, 2025

/ci

@paul-tavares
Copy link
Contributor Author

paul-tavares commented Dec 2, 2025

/ci

@paul-tavares
Copy link
Contributor Author

paul-tavares commented Dec 2, 2025

/ci

@paul-tavares
Copy link
Contributor Author

paul-tavares commented Dec 3, 2025

/ci

@paul-tavares paul-tavares marked this pull request as ready for review December 3, 2025 16:08
@paul-tavares paul-tavares requested review from a team as code owners December 3, 2025 16:08
@elasticmachine
Copy link
Contributor

elasticmachine commented Dec 3, 2025

Pinging @elastic/security-defend-workflows (Team:Defend Workflows)

@paul-tavares paul-tavares requested review from ashokaditya and tomsonpl and removed request for pzl and szwarckonrad December 3, 2025 16:08
@paul-tavares paul-tavares requested a review from a team as a code owner December 3, 2025 22:02
@elasticmachine
Copy link
Contributor

elasticmachine commented Dec 3, 2025
edited
Loading

💔 Build Failed

Failed CI Steps

History

cc @paul-tavares

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ashokaditya ashokaditya Awaiting requested review from ashokaditya

@tomsonpl tomsonpl Awaiting requested review from tomsonpl

At least 1 approving review is required to merge this pull request.

Assignees

@paul-tavares paul-tavares

Labels

backport:version Backport to applied version labels release_note:skip Skip the PR/issue when compiling release notes Team:Defend Workflows “EDR Workflows” sub-team of Security Solution v9.4.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@paul-tavares @elasticmachine @kibanamachine