honeymoose/OpenSearch
1
0
Fork 0
mirror of https://github.com/honeymoose/OpenSearch.git synced 2025-03-27 02:18:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

[DOCS] Add leading slashes to EQL API examples

Browse Source
This commit is contained in:
James Rodewig 2020-05-19 15:38:04 -04:00
parent fd84fdf581
commit cc43d67eb1
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/reference/eql/eql-search-api.asciidoc
View File

@ -33,7 +33,7 @@ PUT /my_index/_bulk?refresh
[source,console]
----
GET my_index/_eql/search
GET /my_index/_eql/search
{
"query": """
process where process.name = "regsvr32.exe"
@ -308,7 +308,7 @@ The following EQL search request searches for events with an `event.category` of
[source,console]
----
GET my_index/_eql/search
GET /my_index/_eql/search
{
"query": """
file where (file.name == "cmd.exe" and agent.id != "my_user")
@ -420,7 +420,7 @@ These events must also share the same `agent.id` value.
[source,console]
----
GET my_index/_eql/search
GET /my_index/_eql/search
{
"query": """
sequence by agent.id