Module: Elasticsearch::API::Fleet::Actions

Defined in:
lib/elasticsearch/api/actions/fleet/search.rb,
lib/elasticsearch/api/actions/fleet/msearch.rb,
lib/elasticsearch/api/actions/fleet/global_checkpoints.rb

Instance Method Summary collapse

Instance Method Details

#global_checkpoints(arguments = {}) ⇒ Object

Get global checkpoints. Get the current global checkpoints for an index. This API is designed for internal use by the Fleet server project.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :index (String)

    A single index or index alias that resolves to a single index. (Required)

  • :wait_for_advance (Boolean)

    A boolean value which controls whether to wait (until the timeout) for the global checkpoints to advance past the provided ‘checkpoints`.

  • :wait_for_index (Boolean)

    A boolean value which controls whether to wait (until the timeout) for the target index to exist and all primary shards be active. Can only be true when ‘wait_for_advance` is true.

  • :checkpoints (Array<Integer>)

    A comma separated list of previous global checkpoints. When used in combination with ‘wait_for_advance`, the API will only return once the global checkpoints advances past the checkpoints. Providing an empty list will cause Elasticsearch to immediately return the current global checkpoints. Server default: [].

  • :timeout (Time)

    Period to wait for a global checkpoints to advance past ‘checkpoints`. Server default: 30s.

  • :error_trace (Boolean)

    When set to ‘true` Elasticsearch will include the full stack trace of errors when they occur.

  • :filter_path (String, Array<String>)

    Comma-separated list of filters in dot notation which reduce the response returned by Elasticsearch.

  • :human (Boolean)

    When set to ‘true` will return statistics in a format suitable for humans. For example `“exists_time”: “1h”` for humans and `“exists_time_in_millis”: 3600000` for computers. When disabled the human readable values will be omitted. This makes sense for responses being consumed only by machines.

  • :pretty (Boolean)

    If set to ‘true` the returned JSON will be “pretty-formatted”. Only use this option for debugging only.

  • :headers (Hash)

    Custom HTTP headers

Raises:

  • (ArgumentError)

See Also:



53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
 
# File 'lib/elasticsearch/api/actions/fleet/global_checkpoints.rb', line 53

def global_checkpoints(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'fleet.global_checkpoints' }

  defined_params = [:index].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'index' missing" unless arguments[:index]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _index = arguments.delete(:index)

  method = Elasticsearch::API::HTTP_GET
  path   = "#{Utils.listify(_index)}/_fleet/global_checkpoints"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#msearch(arguments = {}) ⇒ Object

Run multiple Fleet searches. Run several Fleet searches with a single API request. The API follows the same structure as the multi search API. However, similar to the Fleet search API, it supports the ‘wait_for_checkpoints` parameter. This functionality is in technical preview and may be changed or removed in a future release. Elastic will apply best effort to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :index (String)

    A single target to search. If the target is an index alias, it must resolve to a single index.

  • :allow_no_indices (Boolean)

    A setting that does two separate checks on the index expression. If ‘false`, the request returns an error (1) if any wildcard expression (including `_all` and `*`) resolves to zero matching indices or (2) if the complete set of resolved indices, aliases or data streams is empty after all expressions are evaluated. If `true`, index expressions that resolve to no indices are allowed and the request returns an empty result.

  • :ccs_minimize_roundtrips (Boolean)

    If true, network roundtrips between the coordinating node and remote clusters are minimized for cross-cluster search requests. Server default: true.

  • :expand_wildcards (String, Array<String>)

    Type of index that wildcard expressions can match. If the request can target data streams, this argument determines whether wildcard expressions match hidden data streams.

  • :ignore_throttled (Boolean)

    If true, concrete, expanded or aliased indices are ignored when frozen.

  • :ignore_unavailable (Boolean)

    If ‘false`, the request returns an error if it targets a concrete (non-wildcarded) index, alias, or data stream that is missing, closed, or otherwise unavailable. If `true`, unavailable concrete targets are silently ignored.

  • :max_concurrent_searches (Integer)

    Maximum number of concurrent searches the multi search API can execute.

  • :max_concurrent_shard_requests (Integer)

    Maximum number of concurrent shard requests that each sub-search request executes per node. Server default: 5.

  • :pre_filter_shard_size (Integer)

    Defines a threshold that enforces a pre-filter roundtrip to prefilter search shards based on query rewriting if the number of shards the search request expands to exceeds the threshold. This filter roundtrip can limit the number of shards significantly if for instance a shard can not match any documents based on its rewrite method i.e., if date filters are mandatory to match but the shard bounds and the query are disjoint.

  • :search_type (String)

    Indicates whether global term and document frequencies should be used when scoring returned documents.

  • :rest_total_hits_as_int (Boolean)

    If true, hits.total are returned as an integer in the response. Defaults to false, which returns an object.

  • :typed_keys (Boolean)

    Specifies whether aggregation and suggester names should be prefixed by their respective types in the response.

  • :wait_for_checkpoints (Array<Integer>)

    A comma separated list of checkpoints. When configured, the search API will only be executed on a shard after the relevant checkpoint has become visible for search. Defaults to an empty list which will cause Elasticsearch to immediately execute the search. Server default: [].

  • :allow_partial_search_results (Boolean)

    If true, returns partial results if there are shard request timeouts or shard failures. If false, returns an error with no partial results. Defaults to the configured cluster setting ‘search.default_allow_partial_results`, which is true by default.

  • :error_trace (Boolean)

    When set to ‘true` Elasticsearch will include the full stack trace of errors when they occur.

  • :filter_path (String, Array<String>)

    Comma-separated list of filters in dot notation which reduce the response returned by Elasticsearch.

  • :human (Boolean)

    When set to ‘true` will return statistics in a format suitable for humans. For example `“exists_time”: “1h”` for humans and `“exists_time_in_millis”: 3600000` for computers. When disabled the human readable values will be omitted. This makes sense for responses being consumed only by machines.

  • :pretty (Boolean)

    If set to ‘true` the returned JSON will be “pretty-formatted”. Only use this option for debugging only.

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    searches

Raises:

  • (ArgumentError)

See Also:



74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
 
# File 'lib/elasticsearch/api/actions/fleet/msearch.rb', line 74

def msearch(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'fleet.msearch' }

  defined_params = [:index].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = arguments.delete(:body)

  _index = arguments.delete(:index)

  method = Elasticsearch::API::HTTP_POST
  path   = if _index
             "#{Utils.listify(_index)}/_fleet/_fleet_msearch"
           else
             '_fleet/_fleet_msearch'
           end
  params = Utils.process_params(arguments)

  if body.is_a?(Array) && body.any? { |d| d.key? :search }
    payload = body.each_with_object([]) do |item, sum|
      meta = item
      data = meta.delete(:search)

      sum << meta
      sum << data
    end.map { |item| Elasticsearch::API.serializer.dump(item) }
    payload << '' unless payload.empty?
    payload = payload.join("\n")
  elsif body.is_a?(Array)
    payload = body.map { |d| d.is_a?(String) ? d : Elasticsearch::API.serializer.dump(d) }
    payload << '' unless payload.empty?
    payload = payload.join("\n")
  else
    payload = body
  end

  Utils.update_ndjson_headers!(headers, client.transport.options.dig(:transport_options, :headers))
  Elasticsearch::API::Response.new(
    perform_request(method, path, params, payload, headers, request_opts)
  )
end

#search(arguments = {}) ⇒ Object

Run a Fleet search. The purpose of the Fleet search API is to provide an API where the search will be run only after the provided checkpoint has been processed and is visible for searches inside of Elasticsearch. This functionality is in technical preview and may be changed or removed in a future release. Elastic will apply best effort to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.

Parameters:

  • arguments (Hash) (defaults to: {})

    a customizable set of options

Options Hash (arguments):

  • :index (String)

    A single target to search. If the target is an index alias, it must resolve to a single index. (Required)

  • :allow_no_indices (Boolean)

    A setting that does two separate checks on the index expression. If ‘false`, the request returns an error (1) if any wildcard expression (including `_all` and `*`) resolves to zero matching indices or (2) if the complete set of resolved indices, aliases or data streams is empty after all expressions are evaluated. If `true`, index expressions that resolve to no indices are allowed and the request returns an empty result.

  • :analyzer (String)
    TODO
  • :analyze_wildcard (Boolean)
    TODO
  • :batched_reduce_size (Integer)
    TODO
  • :ccs_minimize_roundtrips (Boolean)
    TODO
  • :default_operator (String)
    TODO
  • :df (String)
    TODO
  • :docvalue_fields (String, Array<String>)
    TODO
  • :expand_wildcards (String, Array<String>)
    TODO
  • :explain (Boolean)
    TODO
  • :ignore_throttled (Boolean)
    TODO
  • :ignore_unavailable (Boolean)

    If ‘false`, the request returns an error if it targets a concrete (non-wildcarded) index, alias, or data stream that is missing, closed, or otherwise unavailable. If `true`, unavailable concrete targets are silently ignored.

  • :lenient (Boolean)
    TODO
  • :max_concurrent_shard_requests (Integer)
    TODO
  • :preference (String)
    TODO
  • :pre_filter_shard_size (Integer)
    TODO
  • :request_cache (Boolean)
    TODO
  • :routing (String, Array<String>)
    TODO
  • :scroll (Time)
    TODO
  • :search_type (String)
    TODO
  • :stats (Array<String>)
    TODO
  • :stored_fields (String, Array<String>)
    TODO
  • :suggest_field (String)

    Specifies which field to use for suggestions.

  • :suggest_mode (String)
    TODO
  • :suggest_size (Integer)
    TODO
  • :suggest_text (String)

    The source text for which the suggestions should be returned.

  • :terminate_after (Integer)
    TODO
  • :timeout (Time)
    TODO
  • :track_total_hits (Boolean, Integer)
    TODO
  • :track_scores (Boolean)
    TODO
  • :typed_keys (Boolean)
    TODO
  • :rest_total_hits_as_int (Boolean)
    TODO
  • :version (Boolean)
    TODO
  • :_source (Boolean, String, Array<String>)
    TODO
  • :_source_excludes (String, Array<String>)
    TODO
  • :_source_includes (String, Array<String>)
    TODO
  • :seq_no_primary_term (Boolean)
    TODO
  • :q (String)
    TODO
  • :size (Integer)
    TODO
  • :from (Integer)
    TODO
  • :sort (String, Array<String>)
    TODO
  • :wait_for_checkpoints (Array<Integer>)

    A comma separated list of checkpoints. When configured, the search API will only be executed on a shard after the relevant checkpoint has become visible for search. Defaults to an empty list which will cause Elasticsearch to immediately execute the search. Server default: [].

  • :allow_partial_search_results (Boolean)

    If true, returns partial results if there are shard request timeouts or shard failures. If false, returns an error with no partial results. Defaults to the configured cluster setting ‘search.default_allow_partial_results`, which is true by default.

  • :error_trace (Boolean)

    When set to ‘true` Elasticsearch will include the full stack trace of errors when they occur.

  • :filter_path (String, Array<String>)

    Comma-separated list of filters in dot notation which reduce the response returned by Elasticsearch.

  • :human (Boolean)

    When set to ‘true` will return statistics in a format suitable for humans. For example `“exists_time”: “1h”` for humans and `“exists_time_in_millis”: 3600000` for computers. When disabled the human readable values will be omitted. This makes sense for responses being consumed only by machines.

  • :pretty (Boolean)

    If set to ‘true` the returned JSON will be “pretty-formatted”. Only use this option for debugging only.

  • :headers (Hash)

    Custom HTTP headers

  • :body (Hash)

    request body

Raises:

  • (ArgumentError)

See Also:



103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
 
# File 'lib/elasticsearch/api/actions/fleet/search.rb', line 103

def search(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'fleet.search' }

  defined_params = [:index].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]
  raise ArgumentError, "Required argument 'index' missing" unless arguments[:index]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = arguments.delete(:body)

  _index = arguments.delete(:index)

  method = Elasticsearch::API::HTTP_POST
  path   = "#{Utils.listify(_index)}/_fleet/_fleet_search"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end