Commit Graph

9144 Commits

Author SHA1 Message Date
Jake Landis 0795f4b898
[7.x] Add network from MaxMind Geo ASN database (#61676) (#62898)
This adds the network property from the MaxMind Geo ASN database. 
This enables analysis of IP data based on the subnets that MaxMind have 
previously identified for ASN networks.

closes #60942

Co-authored-by: Peter Ansell <p_ansell@yahoo.com>
2020-10-01 11:01:44 -05:00
Dan Hermann fbf552d24c
Add country_name to the default properties of geoip ingest processor (#62915) (#63124) 2020-10-01 08:47:51 -05:00
James Rodewig 700bfb156d
[DOCS] EQL: date_nanos timestamp is not supported (#63101) (#63103) 2020-09-30 17:45:00 -04:00
James Rodewig e91e5ff6d7
[DOCS] Document escaped backticks for identifiers (#63079) (#63084) 2020-09-30 12:26:20 -04:00
Lisa Cawley 3838fe1fd4 [DOCS] Add experimental tag to inference processor and bucket aggregation (#63023) 2020-09-30 08:51:26 -07:00
István Zoltán Szabó 0655d9e8ac
[DOCS] Adds limitation item about using scripts in transforms (#63021) (#63075) 2020-09-30 16:25:48 +02:00
James Rodewig e179b89085
[DOCS] Clarify that v2.0+ hyphenation files aren't supported (#60579) (#63073)
Co-authored-by: James Rodewig <40268737+jrodewig@users.noreply.github.com>

Co-authored-by: jgkirschbaum <juergen.kirschbaum@gmail.com>
2020-09-30 09:28:44 -04:00
James Rodewig 803f1ec897
[DOCS] Updated target_field description of the json ingest processor (#61968) (#63068)
Co-authored-by: Dan Hermann <danhermann@users.noreply.github.com>
Co-authored-by: Jakob Reiter <jakommo@users.noreply.github.com>
2020-09-30 09:04:59 -04:00
Przemysław Witek d677a2b8ee
[7.x] [ML] Implement AucRoc metric for classification - HLRC (#62304) (#63058) 2020-09-30 14:04:10 +02:00
Przemysław Witek 4366d58564
[7.x] [ML] Implement AucRoc metric for classification (#60502) (#63051) 2020-09-30 12:55:52 +02:00
István Zoltán Szabó ee985ea716
[DOCS] Adds data stream and ILM related limitation items to transforms (#63016) (#63046) 2020-09-30 10:37:28 +02:00
James Rodewig 454aafde1f
[DOCS] Fix painless-datetime example script error (#62811) (#63027)
Co-authored-by: mushao999 <mushaoqiong@126.com>
2020-09-29 13:47:51 -04:00
Alexander Reelsen a6548117d0
[DOCS] Backport normalize aggregation fix (#63017)
This is a backport of 8534bd5ce79103bf2d5d41c2ebb278ac53583631 which was only applied to the master branch, but not to 7.x or 7.$current
2020-09-29 11:17:40 -04:00
Dan Hermann c9be9963a8
[DOCS] Sort option for the grok patterns endpoint (#62092) (#62982) 2020-09-29 09:40:54 -05:00
James Rodewig 26f98f3a74
[DOCS] Fix 404s (#62918) (#63013)
Co-authored-by: James Rodewig <40268737+jrodewig@users.noreply.github.com>

Co-authored-by: Guido Lena Cota <guido.lenacota@kreuzwerker.de>
2020-09-29 10:37:26 -04:00
James Rodewig 42437e4b29
[DOCS] Fix elasticsearch-croneval chunking (#63008) (#63009) 2020-09-29 10:35:23 -04:00
Howard a914d8bc90
[DOCS] Remove duplicate disk.threshold_enabled setting (#62925) 2020-09-29 09:13:21 -04:00
James Rodewig fa98e30c81
[DOCS] EQL: Clarify EQL docs (#62961) (#62980) 2020-09-28 15:46:30 -04:00
Nik Everett c3e07da437
Docs: Support """ in console-response (#62876) (#62962)
We support `"""` in `console` snippets to emulate kibana's CONSOLE.
CONSOLE also spits out `"""` when a json field contains a new line or a
double quote. This adds support for those sorts of responses to the
handling of `console-response` snippets.
2020-09-28 11:51:07 -04:00
James Rodewig b814d10063
[DOCS] Document shard sizing guide (#61942) (#62957)
Revises the current 'How to avoid oversharding' docs to incorporate
information from our [shard sizing blog post][0].

Changes:

* Streamlines introduction
* Adds "Things to remember" section to describe how shards work
* Adds "Guidelines" section based on blog tips
* Creates a "Fix an oversharded cluster" section

[0]: https://www.elastic.co/blog/how-many-shards-should-i-have-in-my-elasticsearch-cluster
2020-09-28 09:57:39 -04:00
Ryan Ernst 4a17078ea5
Add warning about legacy glibc and bundled jvm (#62797)
This commit adds a warning to the setup docs regarding using the bundled
jvm on centos 6 and oracle enterprise linux 6.

relates #62709
2020-09-24 17:07:24 -07:00
Mayya Sharipova 54064a1eec
Unsigned long 64bits(#62892)
Introduce 64-bit unsigned long field type

This field type supports
- indexing of integer values from [0, 18446744073709551615]
- precise queries (term, range)
- precise sort and terms aggregations
- other aggregations are based on conversion of long values
  to double and can be imprecise for large values.

Backport for #60050
Closes #32434
2020-09-24 16:51:47 -04:00
James Rodewig 20630b0088
[DOCS] Correct the documented behaviour of `track_total_hits` (#62837) (#62867)
If `track_total_hits=true` is used, the exact value of the number of hits is returned - i.e. the value is effectively limitless, and not the default value of 10,000

Co-authored-by: AndyHunt66 <andrew.hunt@elastic.co>
2020-09-24 09:18:38 -04:00
James Rodewig e3d5915566 [DOCS] Fix JSON spec linnk for PIT API (#61783) 2020-09-23 14:29:06 +02:00
Jay Modi cb1dc5260f
Dedicated threadpool for system index writes (#62792)
This commit adds a dedicated threadpool for system index write
operations. The dedicated resources for system index writes serves as
a means to ensure that user activity does not block important system
operations from occurring such as the management of users and roles.

Backport of #61655
2020-09-22 15:31:38 -06:00
James Rodewig 2366c1443b [DOCS] EQL: Note = is not an equality operator 2020-09-22 13:54:38 -04:00
Lisa Cawley c995e73c6d [DOCS] Add realm limitations for monitoring clusters (#62714) 2020-09-22 09:37:00 -07:00
James Rodewig 7b2010de81 [DOCS] Fix EQL search API example 2020-09-22 12:09:38 -04:00
Adam Locke 56fbfabeda
[DOCS] Add remote node as a node role (#62730) (#62776)
* Adding remote node as a node role.

* Incorporating reviewer feedback.
2020-09-22 12:02:22 -04:00
markharwood a0df0fb074
Search - add case insensitive flag for "term" family of queries #61596 (#62661)
Backport of fe9145f

Closes #61546
2020-09-22 13:56:51 +01:00
James Rodewig 21d5236173 [DOCS] EQL: Style fixes 2020-09-21 19:44:21 -04:00
James Rodewig 00bfc2d684
[7.x] [DOCS] EQL: Improve regsvr32 misuse explanation (#62722) (#62738)
* [DOCS] EQL: Improve regsvr32 misuse explanation (#62722)

Expands the introduction to better explain what regsvr32 misuse is and
how it works at a high level.

* [DOCS] EQL: Style fixes
2020-09-21 19:02:10 -04:00
Seth Michael Larson ae24dfc4f0
[7.x] Migrate Python documentation to elasticsearch-py
Backport of PR #62710
2020-09-21 14:12:20 -05:00
Marios Trivyzas 1f612cccbb
SQL: Implement FORMAT function (#55454) (#62701)
Implement FORMAT according to the SQL Server spec: https://docs.microsoft.com/en-us/sql/t-sql/functions/format-transact-sql?view=sql-server-ver15#ExampleD by translating to the java.time patterns used in DATETIME_FORMAT.

Closes: #54965

Co-authored-by: Marios Trivyzas <matriv@users.noreply.github.com>
Co-authored-by: Bogdan Pintea <bogdan.pintea@elastic.co>
Co-authored-by: Andrei Stefan <astefan@users.noreply.github.com>
(cherry picked from commit da511f4e033db6e8a6aa2a54b23e906b5e026845)
2020-09-21 19:22:04 +02:00
Lisa Cawley fa48b5c836 [DOCS] Formatting fix in get trained model API (#62643) 2020-09-21 08:22:40 -07:00
James Rodewig 76da348f7a
[DOCS] Change index name from `index` to `my-index-000001` (#62678) (#62704)
Co-authored-by: James Rodewig <40268737+jrodewig@users.noreply.github.com>

Co-authored-by: Subhendu Sethi <cs13b1027@iith.ac.in>
2020-09-21 10:11:15 -04:00
Christoph Büscher 803f78ef05
Add field type for version strings (#59773) (#62692)
This PR adds a new 'version' field type that allows indexing string values
representing software versions similar to the ones defined in the Semantic
Versioning definition (semver.org). The field behaves very similar to a
'keyword' field but allows efficient sorting and range queries that take into
accound the special ordering needed for version strings. For example, the main
version parts are sorted numerically (ie 2.0.0 < 11.0.0) whereas this wouldn't
be possible with 'keyword' fields today.

Valid version values are similar to the Semantic Versioning definition, with the
notable exception that in addition to the "main" version consiting of
major.minor.patch, we allow less or more than three numeric identifiers, i.e.
"1.2" or "1.4.6.123.12" are treated as valid too.

Relates to #48878
2020-09-21 14:25:42 +02:00
Bogdan Pintea 5e0f9a414c SQL: Document Maven Central as a JDBC repository (#62618)
* Add Maven Central as a JDBC repository

Document Maven Central as a JDBC repository.

(cherry picked from commit 2bc4d7eb19a26bf21b11214c4351470b677e1598)
2020-09-21 13:04:43 +02:00
Christos Soulios ad79a2b6a1
[7.x] Histogram field type support for min/max aggregations (#62689)
Implement min/max aggregations for histogram fields.

Backports #62532
2020-09-21 12:53:56 +03:00
Henning Andersen 2eeb1bddde
Autoscaling decision return absolute capacity (#61575) (#62670)
The autoscaling decision API now returns an absolute capacity,
and leaves the actual decision of whether a scale up or down
is needed to the orchestration system.

The decision API now returns both a tier and node level required
and current capacity as wells as a decider level breakdown of the
same though with in particular current memory still not populated.
2020-09-19 09:05:23 +02:00
Lee Hinman 4a08928c47
[7.x] Add index.routing.allocation.include._tier_preference setting (#62589) (#62667)
This commit adds the `index.routing.allocation.prefer._tier` setting to the
`DataTierAllocationDecider`. This special-purpose allocation setting lets a user specify a
preference-based list of tiers for an index to be assigned to. For example, if the setting were set
to:

```
"index.routing.allocation.prefer._tier": "data_hot,data_warm,data_content"
```

If the cluster contains any nodes with the `data_hot` role, the decider will only allow them to be
allocated on the `data_hot` node(s). If there are no `data_hot` nodes, but there are `data_warm` and
`data_content` nodes, then the index will be allowed to be allocated on `data_warm` nodes.

This allows us to specify an index's preference for tier(s) without causing the index to be
unassigned if no nodes of a preferred tier are available.

Subsequent work will change the ILM migration to make additional use of this setting.

Relates to #60848
2020-09-18 15:41:36 -06:00
James Rodewig c2e73ba061
[DOCS] Fix issue link in redirects (#62654) (#62656) 2020-09-18 16:55:18 -04:00
James Rodewig 1dd8a5971f
[DOCS] Fix typo in SLM docs (#62591) (#62647)
Co-authored-by: Leaf-Lin <39002973+Leaf-Lin@users.noreply.github.com>
2020-09-18 12:50:34 -04:00
Alan Woodward 17aabaed15 Fix warning on boost docs and warning message on non-implementing fieldmappers 2020-09-18 16:45:08 +01:00
Benjamin Trent 0f142c6afc
[ML] all multiple wildcard values for GET Calendars, Events, and DELETE forecasts (#62563) (#62629)
This commit adjusts the following APIs so now they not only support an `_all` case, but wildcard patterned Ids as well.

- `GET _ml/calendars/<calendar_id>/events`
- `GET _ml/calendars/<calendar_id>`
- `GET _ml/anomaly_detectors/<job_id>/model_snapshots/<snapshot_id>`
- `DELETE _ml/anomaly_detectors/<job_id>/_forecast/<forecast_id>`
2020-09-18 11:06:07 -04:00
Alan Woodward 43ace5f80d Emit deprecation warnings when boosts are defined in mappings (#62623)
We removed index-time boosting back in 5x, and we no longer document the 'boost'
parameter on any of our mapping types. However, it is still possible to define an
index-time boost on a field mapper for a surprisingly large number of field types, and
they even have an effect (sometimes, on some queries).

As a first step in finally removing all traces of index time boosting, this comment emits
a deprecation warning whenever a boost parameter is found on a mapping definition.
2020-09-18 15:40:53 +01:00
Benjamin Trent e163559e4c
[7.x] [ML] Add new include flag to GET inference/<model_id> API for model training metadata (#61922) (#62620)
* [ML] Add new include flag to GET inference/<model_id> API for model training metadata (#61922)

Adds new flag include to the get trained models API
The flag initially has two valid values: definition, total_feature_importance.
Consequently, the old include_model_definition flag is now deprecated.
When total_feature_importance is included, the total_feature_importance field is included in the model metadata object.
Including definition is the same as previously setting include_model_definition=true.

* fixing test

* Update x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/ml/action/GetTrainedModelsRequestTests.java
2020-09-18 10:07:35 -04:00
Dan Hermann e1a4a3073a
[DOCS] Configurable output format for date processor (#61440) (#62630) 2020-09-18 09:00:52 -05:00
James Rodewig 9d6f94ffa3
[DOCS] EQL: Disallow chained comparisons (#62570) (#62625) 2020-09-18 08:47:27 -04:00
Martijn van Groningen 6e071580ff
Unmute rollover docs test (#62603) (#62605)
The underlying issue was fixed a while ago in Lucene:
https://issues.apache.org/jira/browse/LUCENE-9517

and went away when lucene snapshot version was upgraded.

Also the name of the index to rollover had to be slightly changed,
so that it doesn't collide with data stream template's namespace.
(a regular index can't be created in the namespace that is managed
by a template that creates data streams)

Closes #62043
2020-09-18 11:11:13 +02:00