module Elasticsearch::XPack::API::Eql::Actions

Public Instance Methods

delete(arguments = {}) click to toggle source

Deletes an async EQL search by ID. If the search is still running, the search request will be cancelled. Otherwise, the saved search results are deleted.

@option arguments [String] :id The async search ID @option arguments [Hash] :headers Custom HTTP headers

@see www.elastic.co/guide/en/elasticsearch/reference/7.14/eql-search-api.html

# File lib/elasticsearch/xpack/api/actions/eql/delete.rb, line 30
def delete(arguments = {})
  raise ArgumentError, "Required argument 'id' missing" unless arguments[:id]

  headers = arguments.delete(:headers) || {}

  arguments = arguments.clone

  _id = arguments.delete(:id)

  method = Elasticsearch::API::HTTP_DELETE
  path   = "_eql/search/#{Elasticsearch::API::Utils.__listify(_id)}"
  params = {}

  body = nil
  perform_request(method, path, params, body, headers).body
end
get(arguments = {}) click to toggle source

Returns async results from previously executed Event Query Language (EQL) search

@option arguments [String] :id The async search ID @option arguments [Time] :wait_for_completion_timeout Specify the time that the request should block waiting for the final response @option arguments [Time] :keep_alive Update the time interval in which the results (partial or final) for this search will be available @option arguments [Hash] :headers Custom HTTP headers

@see www.elastic.co/guide/en/elasticsearch/reference/7.14/eql-search-api.html

# File lib/elasticsearch/xpack/api/actions/eql/get.rb, line 32
def get(arguments = {})
  raise ArgumentError, "Required argument 'id' missing" unless arguments[:id]

  headers = arguments.delete(:headers) || {}

  arguments = arguments.clone

  _id = arguments.delete(:id)

  method = Elasticsearch::API::HTTP_GET
  path   = "_eql/search/#{Elasticsearch::API::Utils.__listify(_id)}"
  params = Elasticsearch::API::Utils.__validate_and_extract_params arguments, ParamsRegistry.get(__method__)

  body = nil
  perform_request(method, path, params, body, headers).body
end
get_status(arguments = {}) click to toggle source

Returns the status of a previously submitted async or stored Event Query Language (EQL) search

@option arguments [String] :id The async search ID @option arguments [Hash] :headers Custom HTTP headers

@see www.elastic.co/guide/en/elasticsearch/reference/7.14/eql-search-api.html

# File lib/elasticsearch/xpack/api/actions/eql/get_status.rb, line 30
def get_status(arguments = {})
  raise ArgumentError, "Required argument 'id' missing" unless arguments[:id]

  headers = arguments.delete(:headers) || {}

  arguments = arguments.clone

  _id = arguments.delete(:id)

  method = Elasticsearch::API::HTTP_GET
  path   = "_eql/search/status/#{Elasticsearch::API::Utils.__listify(_id)}"
  params = {}

  body = nil
  perform_request(method, path, params, body, headers).body
end