More docs changes
This commit is contained in:
Josh Mock
210
docs/reference/eql.asciidoc
Normal file
210
docs/reference/eql.asciidoc
Normal file
@ -0,0 +1,210 @@
|
||||
[[reference-eql]]
|
||||
== client.eql
|
||||
|
||||
////////
|
||||
===========================================================================================================================
|
||||
|| ||
|
||||
|| ||
|
||||
|| ||
|
||||
|| ██████╗ ███████╗ █████╗ ██████╗ ███╗ ███╗███████╗ ||
|
||||
|| ██╔══██╗██╔════╝██╔══██╗██╔══██╗████╗ ████║██╔════╝ ||
|
||||
|| ██████╔╝█████╗ ███████║██║ ██║██╔████╔██║█████╗ ||
|
||||
|| ██╔══██╗██╔══╝ ██╔══██║██║ ██║██║╚██╔╝██║██╔══╝ ||
|
||||
|| ██║ ██║███████╗██║ ██║██████╔╝██║ ╚═╝ ██║███████╗ ||
|
||||
|| ╚═╝ ╚═╝╚══════╝╚═╝ ╚═╝╚═════╝ ╚═╝ ╚═╝╚══════╝ ||
|
||||
|| ||
|
||||
|| ||
|
||||
|| This file is autogenerated, DO NOT send pull requests that changes this file directly. ||
|
||||
|| You should update the script that does the generation, which can be found in: ||
|
||||
|| https://github.com/elastic/elastic-client-generator-js ||
|
||||
|| ||
|
||||
|| You can run the script with the following command: ||
|
||||
|| npm run elasticsearch -- --version <version> ||
|
||||
|| ||
|
||||
|| ||
|
||||
|| ||
|
||||
===========================================================================================================================
|
||||
////////
|
||||
++++
|
||||
<style>
|
||||
.lang-ts a.xref {
|
||||
text-decoration: underline !important;
|
||||
}
|
||||
</style>
|
||||
++++
|
||||
|
||||
|
||||
[discrete]
|
||||
[[client.eql.delete]]
|
||||
== `client.eql.delete()`
|
||||
|
||||
Deletes an async EQL search or a stored synchronous EQL search. The API also deletes results for the search.
|
||||
|
||||
{ref}/eql-search-api.html[{es} documentation]
|
||||
[discrete]
|
||||
=== Function signature
|
||||
|
||||
[source,ts]
|
||||
----
|
||||
(request: EqlDeleteRequest, options?: TransportRequestOptions) => Promise<EqlDeleteResponse>
|
||||
----
|
||||
|
||||
[discrete]
|
||||
=== Request
|
||||
|
||||
[source,ts,subs=+macros]
|
||||
----
|
||||
interface EqlDeleteRequest extends <<RequestBase>> {
|
||||
id: <<Id>>
|
||||
}
|
||||
|
||||
----
|
||||
|
||||
|
||||
[discrete]
|
||||
=== Response
|
||||
|
||||
[source,ts,subs=+macros]
|
||||
----
|
||||
type EqlDeleteResponse = <<AcknowledgedResponseBase>>
|
||||
|
||||
----
|
||||
|
||||
|
||||
[discrete]
|
||||
[[client.eql.get]]
|
||||
== `client.eql.get()`
|
||||
|
||||
Returns the current status and available results for an async EQL search or a stored synchronous EQL search.
|
||||
|
||||
{ref}/get-async-eql-search-api.html[{es} documentation]
|
||||
[discrete]
|
||||
=== Function signature
|
||||
|
||||
[source,ts]
|
||||
----
|
||||
(request: EqlGetRequest, options?: TransportRequestOptions) => Promise<EqlGetResponse>
|
||||
----
|
||||
|
||||
[discrete]
|
||||
=== Request
|
||||
|
||||
[source,ts,subs=+macros]
|
||||
----
|
||||
interface EqlGetRequest extends <<RequestBase>> {
|
||||
id: <<Id>>
|
||||
keep_alive?: <<Duration>>
|
||||
wait_for_completion_timeout?: <<Duration>>
|
||||
}
|
||||
|
||||
----
|
||||
|
||||
|
||||
[discrete]
|
||||
=== Response
|
||||
|
||||
[source,ts,subs=+macros]
|
||||
----
|
||||
type EqlGetResponse<TEvent = unknown> = <<EqlEqlSearchResponseBase>><TEvent>
|
||||
|
||||
----
|
||||
|
||||
|
||||
[discrete]
|
||||
[[client.eql.getStatus]]
|
||||
== `client.eql.getStatus()`
|
||||
|
||||
Returns the current status for an async EQL search or a stored synchronous EQL search without returning results.
|
||||
|
||||
{ref}/get-async-eql-status-api.html[{es} documentation]
|
||||
[discrete]
|
||||
=== Function signature
|
||||
|
||||
[source,ts]
|
||||
----
|
||||
(request: EqlGetStatusRequest, options?: TransportRequestOptions) => Promise<EqlGetStatusResponse>
|
||||
----
|
||||
|
||||
[discrete]
|
||||
=== Request
|
||||
|
||||
[source,ts,subs=+macros]
|
||||
----
|
||||
interface EqlGetStatusRequest extends <<RequestBase>> {
|
||||
id: <<Id>>
|
||||
}
|
||||
|
||||
----
|
||||
|
||||
|
||||
[discrete]
|
||||
=== Response
|
||||
|
||||
[source,ts,subs=+macros]
|
||||
----
|
||||
interface EqlGetStatusResponse {
|
||||
id: <<Id>>
|
||||
is_partial: boolean
|
||||
is_running: boolean
|
||||
start_time_in_millis?: <<EpochTime>><<<UnitMillis>>>
|
||||
expiration_time_in_millis?: <<EpochTime>><<<UnitMillis>>>
|
||||
completion_status?: <<integer>>
|
||||
}
|
||||
|
||||
----
|
||||
|
||||
|
||||
[discrete]
|
||||
[[client.eql.search]]
|
||||
== `client.eql.search()`
|
||||
|
||||
Returns results matching a query expressed in Event Query Language (EQL)
|
||||
|
||||
{ref}/eql-search-api.html[{es} documentation]
|
||||
[discrete]
|
||||
=== Function signature
|
||||
|
||||
[source,ts]
|
||||
----
|
||||
(request: EqlSearchRequest, options?: TransportRequestOptions) => Promise<EqlSearchResponse>
|
||||
----
|
||||
|
||||
[discrete]
|
||||
=== Request
|
||||
|
||||
[source,ts,subs=+macros]
|
||||
----
|
||||
interface EqlSearchRequest extends <<RequestBase>> {
|
||||
index: <<Indices>>
|
||||
allow_no_indices?: boolean
|
||||
expand_wildcards?: <<ExpandWildcards>>
|
||||
ignore_unavailable?: boolean
|
||||
query: string
|
||||
case_sensitive?: boolean
|
||||
event_category_field?: <<Field>>
|
||||
tiebreaker_field?: <<Field>>
|
||||
timestamp_field?: <<Field>>
|
||||
fetch_size?: <<uint>>
|
||||
filter?: <<QueryDslQueryContainer>> | <<QueryDslQueryContainer>>[]
|
||||
keep_alive?: <<Duration>>
|
||||
keep_on_completion?: boolean
|
||||
wait_for_completion_timeout?: <<Duration>>
|
||||
size?: <<uint>>
|
||||
fields?: <<QueryDslFieldAndFormat>> | <<Field>> | (<<QueryDslFieldAndFormat>> | <<Field>>)[]
|
||||
result_position?: EqlSearchResultPosition
|
||||
runtime_mappings?: <<MappingRuntimeFields>>
|
||||
}
|
||||
|
||||
----
|
||||
|
||||
|
||||
[discrete]
|
||||
=== Response
|
||||
|
||||
[source,ts,subs=+macros]
|
||||
----
|
||||
type EqlSearchResponse<TEvent = unknown> = <<EqlEqlSearchResponseBase>><TEvent>
|
||||
|
||||
----
|
||||
|
||||
|
||||
Reference in New Issue
Block a user