habsi/elasticsearch-js
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2a2e2f00168df611c602b563bb20f0bd56db1176
elasticsearch-js/docs/reference-shared-types-eql-types.asciidoc
Josh Mock 2a2e2f0016 Fix duplicate includes
2024-12-05 14:46:52 -06:00

123 lines
5.8 KiB
Plaintext
Raw Blame History

[[reference-shared-types-eql]]
////////
===========================================================================================================================
|| ||
|| ||
|| ||
|| ██████╗ ███████╗ █████╗ ██████╗ ███╗ ███╗███████╗ ||
|| ██╔══██╗██╔════╝██╔══██╗██╔══██╗████╗ ████║██╔════╝ ||
|| ██████╔╝█████╗ ███████║██║ ██║██╔████╔██║█████╗ ||
|| ██╔══██╗██╔══╝ ██╔══██║██║ ██║██║╚██╔╝██║██╔══╝ ||
|| ██║ ██║███████╗██║ ██║██████╔╝██║ ╚═╝ ██║███████╗ ||
|| ╚═╝ ╚═╝╚══════╝╚═╝ ╚═╝╚═════╝ ╚═╝ ╚═╝╚══════╝ ||
|| ||
|| ||
|| This file is autogenerated, DO NOT send pull requests that changes this file directly. ||
|| You should update the script that does the generation, which can be found in: ||
|| https://github.com/elastic/elastic-client-generator-js ||
|| ||
|| You can run the script with the following command: ||
|| npm run elasticsearch -- --version <version> ||
|| ||
|| ||
|| ||
===========================================================================================================================
////////
== Shared Eql types
[discrete]
[[EqlEqlHits]]
=== EqlEqlHits
[pass]
++++
<pre>
++++
interface EqlEqlHits<TEvent = unknown> {
pass:[/**] @property total <<Metadata>> about the number of matching events or sequences. */
total?: <<SearchTotalHits>>
pass:[/**] @property events Contains events matching the query. Each object represents a matching event. */
events?: <<EqlHitsEvent>><TEvent>[]
pass:[/**] @property sequences Contains event sequences matching the query. Each object represents a matching sequence. This parameter is only returned for EQL queries containing a sequence. */
sequences?: <<EqlHitsSequence>><TEvent>[]
}
[pass]
++++
</pre>
++++
[discrete]
[[EqlEqlSearchResponseBase]]
=== EqlEqlSearchResponseBase
[pass]
++++
<pre>
++++
interface EqlEqlSearchResponseBase<TEvent = unknown> {
pass:[/**] @property id Identifier for the search. */
id?: <<Id>>
pass:[/**] @property is_partial If true, the response does not contain complete search results. */
is_partial?: boolean
pass:[/**] @property is_running If true, the search request is still executing. */
is_running?: boolean
pass:[/**] @property took Milliseconds it took Elasticsearch to execute the request. */
took?: <<DurationValue>><<<UnitMillis>>>
pass:[/**] @property timed_out If true, the request timed out before completion. */
timed_out?: boolean
pass:[/**] @property hits Contains matching events and sequences. Also contains related metadata. */
hits: <<EqlEqlHits>><TEvent>
}
[pass]
++++
</pre>
++++
[discrete]
[[EqlHitsEvent]]
=== EqlHitsEvent
[pass]
++++
<pre>
++++
interface EqlHitsEvent<TEvent = unknown> {
pass:[/**] @property _index <<Name>> of the index containing the event. */
_index: <<IndexName>>
pass:[/**] @property _id Unique identifier for the event. This ID is only unique within the index. */
_id: <<Id>>
pass:[/**] @property _source Original JSON body passed for the event at index time. */
_source: TEvent
pass:[/**] @property missing Set to `true` for events in a timespan-constrained sequence that do not meet a given condition. */
missing?: boolean
fields?: Record<<<Field>>, any[]>
}
[pass]
++++
</pre>
++++
[discrete]
[[EqlHitsSequence]]
=== EqlHitsSequence
[pass]
++++
<pre>
++++
interface EqlHitsSequence<TEvent = unknown> {
pass:[/**] @property events Contains events matching the query. Each object represents a matching event. */
events: <<EqlHitsEvent>><TEvent>[]
pass:[/**] @property join_keys Shared field values used to constrain matches in the sequence. These are defined using the by keyword in the EQL query syntax. */
join_keys?: any[]
}
[pass]
++++
</pre>
++++
Reference in New Issue View Git Blame Copy Permalink