module Elasticsearch::API::Eql::Actions

Public Instance Methods

delete(arguments = {}) click to toggle source

Deletes an async EQL search by ID. If the search is still running, the search request will be cancelled. Otherwise, the saved search results are deleted.

@option arguments [String] :id The async search ID @option arguments [Hash] :headers Custom HTTP headers

@see www.elastic.co/guide/en/elasticsearch/reference/8.16/eql-search-api.html

# File lib/elasticsearch/api/actions/eql/delete.rb, line 32
def delete(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'eql.delete' }

  defined_params = [:id].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'id' missing" unless arguments[:id]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _id = arguments.delete(:id)

  method = Elasticsearch::API::HTTP_DELETE
  path   = "_eql/search/#{Utils.__listify(_id)}"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end
get(arguments = {}) click to toggle source

Returns async results from previously executed Event Query Language (EQL) search

@option arguments [String] :id The async search ID @option arguments [Time] :wait_for_completion_timeout Specify the time that the request should block waiting for the final response @option arguments [Time] :keep_alive Update the time interval in which the results (partial or final) for this search will be available @option arguments [Hash] :headers Custom HTTP headers

@see www.elastic.co/guide/en/elasticsearch/reference/8.16/eql-search-api.html

# File lib/elasticsearch/api/actions/eql/get.rb, line 34
def get(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'eql.get' }

  defined_params = [:id].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'id' missing" unless arguments[:id]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _id = arguments.delete(:id)

  method = Elasticsearch::API::HTTP_GET
  path   = "_eql/search/#{Utils.__listify(_id)}"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end
get_status(arguments = {}) click to toggle source

Returns the status of a previously submitted async or stored Event Query Language (EQL) search

@option arguments [String] :id The async search ID @option arguments [Hash] :headers Custom HTTP headers

@see www.elastic.co/guide/en/elasticsearch/reference/8.16/eql-search-api.html

# File lib/elasticsearch/api/actions/eql/get_status.rb, line 32
def get_status(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'eql.get_status' }

  defined_params = [:id].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'id' missing" unless arguments[:id]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _id = arguments.delete(:id)

  method = Elasticsearch::API::HTTP_GET
  path   = "_eql/search/status/#{Utils.__listify(_id)}"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end