Description
Was the documentation helpful?
Yes
What documentation page is affected
Link to page: https://www.elastic.co/docs/api/doc/kibana/v8/operation/operation-endpointisolateaction
Description
Link to source code: https://github.com/elastic/kibana/blob/main/x-pack/solutions/security/plugins/security_solution/common/api/endpoint/actions/response_actions/isolate/isolate.schema.yaml
The example request for the Endpoint Isolate Action seems correct, but the listed example response shows that it's for the suspend process command and doesn't match the output I get when testing.
Expected output would be for something in this general format
{ "body": { "action": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", "data": { "id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", "agentType": "endpoint", "agents": [ "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" ], "hosts": { "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx": { "name": "test system" } }, "command": "isolate", "startedAt": "2025-03-17T18:15:47.166Z", "isCompleted": false, "wasSuccessful": false, "isExpired": false, "status": "pending", "outputs": {}, "agentState": { "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx": { "isCompleted": false, "wasSuccessful": false } }, "createdBy": "XXXXXXXXX", "comment": "test" } } }