module Elasticsearch::XPack::API::Eql::Actions
Public Instance Methods
Deletes an async EQL search by ID. If the search is still running, the search request will be cancelled. Otherwise, the saved search results are deleted.
@option arguments [String] :id The async search ID @option arguments [Hash] :headers Custom HTTP headers
@see www.elastic.co/guide/en/elasticsearch/reference/7.14/eql-search-api.html
# File lib/elasticsearch/xpack/api/actions/eql/delete.rb, line 30 def delete(arguments = {}) raise ArgumentError, "Required argument 'id' missing" unless arguments[:id] headers = arguments.delete(:headers) || {} arguments = arguments.clone _id = arguments.delete(:id) method = Elasticsearch::API::HTTP_DELETE path = "_eql/search/#{Elasticsearch::API::Utils.__listify(_id)}" params = {} body = nil perform_request(method, path, params, body, headers).body end
Returns async results from previously executed Event Query Language (EQL) search
@option arguments [String] :id The async search ID @option arguments [Time] :wait_for_completion_timeout Specify the time that the request should block waiting for the final response @option arguments [Time] :keep_alive Update the time interval in which the results (partial or final) for this search will be available @option arguments [Hash] :headers Custom HTTP headers
@see www.elastic.co/guide/en/elasticsearch/reference/7.14/eql-search-api.html
# File lib/elasticsearch/xpack/api/actions/eql/get.rb, line 32 def get(arguments = {}) raise ArgumentError, "Required argument 'id' missing" unless arguments[:id] headers = arguments.delete(:headers) || {} arguments = arguments.clone _id = arguments.delete(:id) method = Elasticsearch::API::HTTP_GET path = "_eql/search/#{Elasticsearch::API::Utils.__listify(_id)}" params = Elasticsearch::API::Utils.__validate_and_extract_params arguments, ParamsRegistry.get(__method__) body = nil perform_request(method, path, params, body, headers).body end
Returns the status of a previously submitted async or stored Event Query Language (EQL) search
@option arguments [String] :id The async search ID @option arguments [Hash] :headers Custom HTTP headers
@see www.elastic.co/guide/en/elasticsearch/reference/7.14/eql-search-api.html
# File lib/elasticsearch/xpack/api/actions/eql/get_status.rb, line 30 def get_status(arguments = {}) raise ArgumentError, "Required argument 'id' missing" unless arguments[:id] headers = arguments.delete(:headers) || {} arguments = arguments.clone _id = arguments.delete(:id) method = Elasticsearch::API::HTTP_GET path = "_eql/search/status/#{Elasticsearch::API::Utils.__listify(_id)}" params = {} body = nil perform_request(method, path, params, body, headers).body end
Returns results matching a query expressed in Event Query Language (EQL)
@option arguments [String] :index The name of the index to scope the operation @option arguments [Time] :wait_for_completion_timeout Specify the time that the request should block waiting for the final response @option arguments [Boolean] :keep_on_completion Control whether the response should be stored in the cluster if it completed within the provided [wait_for_completion] time (default: false) @option arguments [Time] :keep_alive Update the time interval in which the results (partial or final) for this search will be available @option arguments [Hash] :headers Custom HTTP headers @option arguments [Hash] :body Eql
request body. Use the `query` to limit the query scope. (Required)
@see www.elastic.co/guide/en/elasticsearch/reference/7.14/eql-search-api.html
# File lib/elasticsearch/xpack/api/actions/eql/search.rb, line 34 def search(arguments = {}) raise ArgumentError, "Required argument 'body' missing" unless arguments[:body] raise ArgumentError, "Required argument 'index' missing" unless arguments[:index] headers = arguments.delete(:headers) || {} arguments = arguments.clone arguments[:index] = UNDERSCORE_ALL if !arguments[:index] && arguments[:type] _index = arguments.delete(:index) method = Elasticsearch::API::HTTP_POST path = "#{Elasticsearch::API::Utils.__listify(_index)}/_eql/search" params = Elasticsearch::API::Utils.__validate_and_extract_params arguments, ParamsRegistry.get(__method__) body = arguments[:body] perform_request(method, path, params, body, headers).body end