i want to export rules and connector from elastic using API
i created this request :
curl -X POST -u elastic:pass https://myHOST:9243/api/detection_engine/rules/_export?exclude_export_details=true -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d'
' -o exported-rules.ndjson
but i'm getting error:
and for connectors i didn't find in the documentation how to export them.
could you please help with this case?
Hey there @waelboss
So looks like you've got the export request correct, but there's an issue exporting that specific
ruleId. There's a few things to check out and some other options as well.
Things to verify:
- Is this the correct space? There is no space in the URL, so this request will only try to export rules from the
- Is this a
custom rule or
prebuilt Elastic rule? Only
custom rules are exportable at the moment, so you would need to duplicate the
prebuilt rule for it to be exportable
- Double-check you're using the correct
rule_id of the rule and not
- Can you try this same request without the
objects payload and see if all rules are exported?
- What stack version are you on?
Depending on your version, as of I believe
8.2 there's a bulk export API you could try that might a bit more ergonomic. You can see this being called when exporting via the UI:
As for Connectors, as mentioned in the docs (second callout) they can be exported via the UI following this documentation, or via the API using the Export Objects API.
Let me know if any of the above helps!