honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[DOCS] Add watcher and elevated privilege info (elastic/x-pack-elasticsearch#2632) 

Original commit: elastic/x-pack-elasticsearch@2dcbace8a0
This commit is contained in:
Lisa Cawley 2017-09-26 13:26:02 -07:00 committed by GitHub
parent ea05298087
commit 95a5d36289
4 changed files with 36 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
docs/en/security/reference/privileges.asciidoc
View File

@ -33,6 +33,12 @@ All operations on index templates.
`manage_ml`::
All {ml} operations, such as creating and deleting {dfeeds}, jobs, and model
snapshots.
+
--
NOTE: Datafeeds run as a system user with elevated privileges, including
permission to read all indices.
--
`manage_pipeline`::
All operations on ingest pipelines.
@ -43,6 +49,12 @@ cache clearing.
`manage_watcher`::
All watcher operations, such as putting watches, executing, activate or acknowledging.
+
--
NOTE: Watches run as a system user with elevated privileges, including permission
to read and write all indices.
--
`transport_client`::
All privileges necessary for a transport client to connect. Required by the remote

3
docs/en/watcher/actions/index.asciidoc
View File

@ -73,3 +73,6 @@ a document and the index action indexes all of them in a bulk.
An `_id` value can be added per document to dynamically set the ID of the indexed
document.
NOTE: The index action runs as a system user with elevated privileges, including
permission to write all indices.

10
docs/en/watcher/index.asciidoc
View File

@ -3,8 +3,9 @@
[partintro]
--
You can watch for changes or anomalies in your data and perform the necessary
actions in response. For example, you might want to:
{xpack} alerting is a set of administrative features that enable you to watch
for changes or anomalies in your data and perform the necessary actions in
response. For example, you might want to:
* Monitor social media as another way to detect failures in user-facing
automated systems like ATMs or ticketing systems. When the number of tweets
@ -62,6 +63,11 @@ A full history of all watches is maintained in an Elasticsearch index. This
history keeps track of each time a watch is triggered and records the results
from the query, whether the condition was met, and what actions were taken.
NOTE: Watches run with elevated privileges. Users mapped to the built-in
`watcher_admin` role or any other role to which the `manage_watcher` cluster
privilege is assigned should be reviewed and granted only to personnel with
appropriate trust levels to read and write all indices.
--
include::getting-started.asciidoc[]

3
docs/en/watcher/input/search.asciidoc
View File

@ -201,3 +201,6 @@ specifying the request `body`:
| `ctx.trigger.scheduled_time` | The time this watch was supposed to be triggered.
| `ctx.metadata.*` | Any metadata associated with the watch.
|======
NOTE: The search input runs as a system user with elevated privileges, including
permission to read all indices.