Module: Elasticsearch::API::Fleet::Actions
- Defined in:
- lib/elasticsearch/api/actions/fleet/search.rb,
 lib/elasticsearch/api/actions/fleet/msearch.rb,
 lib/elasticsearch/api/actions/fleet/global_checkpoints.rb
Instance Method Summary collapse
- 
  
    
      #global_checkpoints(arguments = {})  ⇒ Object 
    
    
  
  
  
  
  
  
  
  
  
    Get global checkpoints. 
- 
  
    
      #msearch(arguments = {})  ⇒ Object 
    
    
  
  
  
  
  
  
  
  
  
    Run multiple Fleet searches. 
- 
  
    
      #search(arguments = {})  ⇒ Object 
    
    
  
  
  
  
  
  
  
  
  
    Run a Fleet search. 
Instance Method Details
#global_checkpoints(arguments = {}) ⇒ Object
Get global checkpoints. Get the current global checkpoints for an index. This API is designed for internal use by the Fleet server project.
| 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 | # File 'lib/elasticsearch/api/actions/fleet/global_checkpoints.rb', line 53 def global_checkpoints(arguments = {}) request_opts = { endpoint: arguments[:endpoint] || 'fleet.global_checkpoints' } defined_params = [:index].each_with_object({}) do |variable, set_variables| set_variables[variable] = arguments[variable] if arguments.key?(variable) end request_opts[:defined_params] = defined_params unless defined_params.empty? raise ArgumentError, "Required argument 'index' missing" unless arguments[:index] arguments = arguments.clone headers = arguments.delete(:headers) || {} body = nil _index = arguments.delete(:index) method = Elasticsearch::API::HTTP_GET path = "#{Utils.listify(_index)}/_fleet/global_checkpoints" params = Utils.process_params(arguments) Elasticsearch::API::Response.new( perform_request(method, path, params, body, headers, request_opts) ) end | 
#msearch(arguments = {}) ⇒ Object
Run multiple Fleet searches. Run several Fleet searches with a single API request. The API follows the same structure as the multi search API. However, similar to the Fleet search API, it supports the ‘wait_for_checkpoints` parameter. This functionality is Experimental and may be changed or removed completely in a future release. Elastic will take a best effort approach to fix any issues, but experimental features are not subject to the support SLA of official GA features.
| 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 | # File 'lib/elasticsearch/api/actions/fleet/msearch.rb', line 68 def msearch(arguments = {}) request_opts = { endpoint: arguments[:endpoint] || 'fleet.msearch' } defined_params = [:index].each_with_object({}) do |variable, set_variables| set_variables[variable] = arguments[variable] if arguments.key?(variable) end request_opts[:defined_params] = defined_params unless defined_params.empty? raise ArgumentError, "Required argument 'body' missing" unless arguments[:body] arguments = arguments.clone headers = arguments.delete(:headers) || {} body = arguments.delete(:body) _index = arguments.delete(:index) method = Elasticsearch::API::HTTP_POST path = if _index "#{Utils.listify(_index)}/_fleet/_fleet_msearch" else '_fleet/_fleet_msearch' end params = Utils.process_params(arguments) if body.is_a?(Array) && body.any? { |d| d.key? :search } payload = body.each_with_object([]) do |item, sum| = item data = .delete(:search) sum << sum << data end.map { |item| Elasticsearch::API.serializer.dump(item) } payload << '' unless payload.empty? payload = payload.join("\n") elsif body.is_a?(Array) payload = body.map { |d| d.is_a?(String) ? d : Elasticsearch::API.serializer.dump(d) } payload << '' unless payload.empty? payload = payload.join("\n") else payload = body end Utils.update_ndjson_headers!(headers, client.transport..dig(:transport_options, :headers)) Elasticsearch::API::Response.new( perform_request(method, path, params, payload, headers, request_opts) ) end | 
#search(arguments = {}) ⇒ Object
Run a Fleet search. The purpose of the Fleet search API is to provide an API where the search will be run only after the provided checkpoint has been processed and is visible for searches inside of Elasticsearch. This functionality is Experimental and may be changed or removed completely in a future release. Elastic will take a best effort approach to fix any issues, but experimental features are not subject to the support SLA of official GA features.
| 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 | # File 'lib/elasticsearch/api/actions/fleet/search.rb', line 97 def search(arguments = {}) request_opts = { endpoint: arguments[:endpoint] || 'fleet.search' } defined_params = [:index].each_with_object({}) do |variable, set_variables| set_variables[variable] = arguments[variable] if arguments.key?(variable) end request_opts[:defined_params] = defined_params unless defined_params.empty? raise ArgumentError, "Required argument 'index' missing" unless arguments[:index] arguments = arguments.clone headers = arguments.delete(:headers) || {} body = arguments.delete(:body) _index = arguments.delete(:index) method = if body Elasticsearch::API::HTTP_POST else Elasticsearch::API::HTTP_GET end path = "#{Utils.listify(_index)}/_fleet/_fleet_search" params = Utils.process_params(arguments) Elasticsearch::API::Response.new( perform_request(method, path, params, body, headers, request_opts) ) end |