Commit Graph

8417 Commits

Author SHA1 Message Date
James Rodewig 771ddbf083
[DOCS] EQL: Add sequence example to tutorial (#56965) (#56966)
Adds an example using the sequence syntax to the 'Run an EQL search'
tutorial.

Supplements other examples added with #56721
2020-05-19 16:14:57 -04:00
James Rodewig cc43d67eb1 [DOCS] Add leading slashes to EQL API examples 2020-05-19 15:38:37 -04:00
Adam Mohammed fd84fdf581 [DOCS] Fix typo in secure settings docs (#56778) 2020-05-19 12:04:25 -04:00
James Rodewig 0f233b1b0b
[DOCS] Remove outdated links for `similarity` mapping param args (#56925) 2020-05-19 11:04:53 -04:00
Lee Hinman e208925465
[7.x] Add template simulation API for simulating template composition (#56842) (#56924) 2020-05-19 08:12:21 -06:00
James Rodewig 342e713e2a
[DOCS] Fix fingerprint token filter's analyzer example (#56811) (#56943)
Co-authored-by: Abhilash Bolla <2282894+ivssh@users.noreply.github.com>
2020-05-19 09:30:00 -04:00
James Rodewig 22f54ba205 [DOCS] EQL: Fix API example headings 2020-05-18 16:29:29 -04:00
James Rodewig 74554f1ae8
[DOCS] Add put snapshot repo API docs (#56827) (#56900) 2020-05-18 08:55:22 -04:00
Benjamin Trent 297f864884
[ML] relax throttling on expired data cleanup (#56711) (#56895)
Throttling nightly cleanup as much as we do has been over cautious.

Night cleanup should be more lenient in its throttling. We still
keep the same batch size, but now the requests per second scale
with the number of data nodes. If we have more than 5 data nodes,
we don't throttle at all.

Additionally, the API now has `requests_per_second` and `timeout` set.
So users calling the API directly can set the throttling.

This commit also adds a new setting `xpack.ml.nightly_maintenance_requests_per_second`.
This will allow users to adjust throttling of the nightly maintenance.
2020-05-18 08:46:42 -04:00
James Rodewig e492c23944
[DOCS] Sort metric and pipeline agg docs (#56613) (#56846)
Co-authored-by: Gil Raphaelli <gil@elastic.co>
2020-05-15 17:15:53 -04:00
Gabriel Petrovay cb4d5f5042 Fixed calendar intervals documentation (#56666)
- the 1-letter intervals are not parseable (`m`, `h`, `d`, `w`,  `M`, `q`, `y`)
- fixed formatting broken by new lines
2020-05-15 16:55:57 -04:00
James Rodewig c50f86fbba
[DOCS] EQL: Document `case_sensitive` param (#56697) (#56818) 2020-05-15 11:47:19 -04:00
Dan Hermann 66871c5342
[7.x] Rename endpoint from plural "_data_streams" to singular "_data_stream" (#56825) 2020-05-15 10:27:53 -05:00
Dan Hermann 2a21d4d976
Docs for data stream REST APIs 2020-05-15 09:37:45 -05:00
James Rodewig 5e09762a27 [DOCS] EQL: Align comments in `between` fn examples 2020-05-15 09:20:45 -04:00
James Rodewig 24cd45345e [DOCS] EQL: Remove references to arrays/multi-value fields (#56772) 2020-05-15 09:09:07 -04:00
Benjamin Trent f71c305090
[7.x] [Transform] add support for terms agg in transforms (#56696) (#56809)
* [Transform] add support for terms agg in transforms (#56696)

This adds support for `terms` and `rare_terms` aggs in transforms. 

The default behavior is that the results are collapsed in the following manner:
`<AGG_NAME>.<BUCKET_NAME>.<SUBAGGS...>...`
Or if no sub aggs exist
`<AGG_NAME>.<BUCKET_NAME>.<_doc_count>`

The mapping is also defined as `flattened` by default. This is to avoid field explosion while still providing (limited) search and aggregation capabilities.
2020-05-15 08:08:43 -04:00
Tal Levy 5e90ff32f7
Add Normalize Pipeline Aggregation (#56399) (#56792)
This aggregation will perform normalizations of metrics
for a given series of data in the form of bucket values.

The aggregations supports the following normalizations

- rescale 0-1
- rescale 0-100
- percentage of sum
- mean normalization
- z-score normalization
- softmax normalization

To specify which normalization is to be used, it can be specified
in the normalize agg's `normalizer` field.

For example:

```
{
  "normalize": {
    "buckets_path": <>,
    "normalizer": "percent"
  }
}
```
2020-05-14 17:40:15 -07:00
Lee Hinman a73d7d9e2b
[7.x] Don't allow invalid template combinations (#56397) (#56795)
Backports the following commits to 7.x:

- Don't allow invalid template combinations (#56397)
2020-05-14 16:20:53 -06:00
James Rodewig 2a943a58a4
[DOCS] EQL: Document `number` function (#56770)
Co-authored-by: Ross Wolf <31489089+rw-access@users.noreply.github.com>
2020-05-14 15:44:04 -04:00
James Rodewig 2921747b23
[7.x] [DOCS] EQL: Document sequences (#56721) (#56774)
Co-authored-by: Ross Wolf <31489089+rw-access@users.noreply.github.com>
2020-05-14 11:51:40 -04:00
Lisa Cawley 6a8e10189f [DOCS] Add throttling based on configuration parameter (#56653) 2020-05-14 08:45:29 -07:00
David Roberts 4438115be0 [DOCS] Docs changes for overridden delimiter in find_file_structure (#56288)
Docs for #55735

Co-authored-by: Lisa Cawley <lcawley@elastic.co>
2020-05-14 09:25:21 +01:00
debadair 83e9ff42da
[DOCS] Added info about automatic config for Beats & Logstash. (#56317) (#56729)
* [DOCS] Added info about automatic config for Beats & Logstash.

* Update docs/reference/ilm/set-up-lifecycle-policy.asciidoc

Co-authored-by: James Rodewig <james.rodewig@elastic.co>

* Update docs/reference/ilm/set-up-lifecycle-policy.asciidoc

Co-authored-by: James Rodewig <james.rodewig@elastic.co>

* Update docs/reference/ilm/index.asciidoc

* Updated note in GS tutorial

Co-authored-by: James Rodewig <james.rodewig@elastic.co>

Co-authored-by: James Rodewig <james.rodewig@elastic.co>
2020-05-13 19:27:22 -07:00
debadair 60f8a32dba
[DOCS] Add info about ILM and unallocated shards. (#56655) (#56724)
* [DOCS] Add info about ILM and unallocated shards.

* Incorporated review feedback.

* Update docs/reference/ilm/actions/ilm-allocate.asciidoc

Co-authored-by: James Rodewig <james.rodewig@elastic.co>

* Apply suggestions from code review

Co-authored-by: James Rodewig <james.rodewig@elastic.co>

* Fix xref

Co-authored-by: James Rodewig <james.rodewig@elastic.co>

Co-authored-by: James Rodewig <james.rodewig@elastic.co>
2020-05-13 16:12:37 -07:00
Nik Everett 126619ae3c
Add list of defered aggregations to the profiler (backport of #56208) (#56682)
This adds a few things to the `breakdown` of the profiler:
* `histogram` aggregations now contain `total_buckets` which is the
  count of buckets that they collected. This could be useful when
  debugging a histogram inside of another bucketing agg that is fairly
  selective.
* All bucketing aggs that can delay their sub-aggregations will now add
  a list of delayed sub-aggregations. This is useful because we
  sometimes have fairly involved logic around which sub-aggregations get
  delayed and this will save you from having to guess.
* Aggregtations wrapped in the `MultiBucketAggregatorWrapper` can't
  accurately add anything to the breakdown. Instead they the wrapper
  adds a marker entry `"multi_bucket_aggregator_wrapper": true` so we
  can be quickly pick out such aggregations when debugging.

It also fixes a bug where `_count` breakdown entries were contributing
to the overall `time_in_nanos`. They didn't add a large amount of time
so it is unlikely that this caused a big problem, but I was there.

To support the arbitrary breakdown data this reworks the profiler so
that the `breakdown` can contain any data that is supported by
`StreamOutput#writeGenericValue(Object)` and
`XContentBuilder#value(Object)`.
2020-05-13 16:33:22 -04:00
Bogdan Pintea ee437bef27
Docs: forward port release docs of 7.7.0 (#56706)
Forward port the release docs of 7.7.0: breaking changes, release notes,
release highlights.
2020-05-13 20:08:14 +02:00
Julie Tibshirani a92d138c77 Correct the type of the 'analyzer' parameter in the _analyze docs. (#56650)
This optional parameter can only be a string. To test out a transient custom
analysis chain, users are expected to use the 'tokenizer', 'filter', and
'char_filter' parameters.
2020-05-13 11:05:06 -07:00
David Turner 26382dff19 Clarify doc count stats (#56665)
Today we report some statistics in terms of Lucene-level documents, which
differ from Elasticsearch-level documents in a number of ways and include
things like document tombstones which users cannot directly observe. This
commit clarifies the internal nature of these statistics.

Closes #56497
2020-05-13 15:07:44 +01:00
James Rodewig c859fafcbd [DOCS] Correct `query` datatype in enrich policy definition (#56224)
Corrects the datatype for the `query` property of an enrich policy
object. The `query` property is a query object, not a string.
2020-05-13 08:35:17 -04:00
Ignacio Vera b4521d5183
upgrade to Lucene 8.6.0 snapshot (#56661) 2020-05-13 14:25:16 +02:00
Marios Trivyzas e781193cf9
SQL: Fix JDBC url pattern in docs and error message (#56612)
The docs pattern url was using `*` which means zero or many instead
of `?` which means zero or one. The pattern url returned in error
messages was not in sync with the one in the docs.

Fixes: #56476
(cherry picked from commit 1a5945c3962cdda21482f4b0b3e0ca508534c2c4)
2020-05-13 12:13:58 +02:00
Gabriel Petrovay ca586f2a8d [Docs] Correct formatting in datehistogram-aggregation.asciidoc (#56664) 2020-05-13 12:01:42 +02:00
debadair 6de6ec68f2
[DOCS] Extract the cron docs from Watcher docs and add to the API conventions. (#56313) (#56651)
* [DOCS] Promote cron expressions info from Watcher to a separate topic.

* Fix table error

* Fixed xref

* Apply suggestions from code review

Co-authored-by: James Rodewig <james.rodewig@elastic.co>

* Incorporated review feedback

Co-authored-by: James Rodewig <james.rodewig@elastic.co>

Co-authored-by: James Rodewig <james.rodewig@elastic.co>
2020-05-12 16:36:18 -07:00
CJ Cenizal 2704428a9c [Docs] Clarify that _ccr/info omits parameters from the response when the follower index is paused. (#55961) 2020-05-12 15:25:08 -07:00
debadair cabc963135
[DOCS] Add request body param descriptions for move to step (#56560) (#56644)
* [DOCS] Add request body param descriptions for move to step (#56560)

* [DOCS] Clarify definition of max_size (#56561)
2020-05-12 15:00:48 -07:00
James Rodewig a5154cc190 [DOCS] Correct setting type for `indices.query.bool.max_clause_count` (#56640)
#56449 incorrectly labelled this as a dynamic setting.

This corrects that error.
2020-05-12 16:26:18 -04:00
Jake Landis 5f5a648b9a
[7.x] remove the term 'system' from indicies doc (#56367) (#56375)
'system' indices will carry special meaning in the future this commit
removes the system from the name to avoid confusion. (technically
these indices will be hidden not system)
2020-05-12 14:44:50 -05:00
James Rodewig 54088a21d7
[DOCS] Collapse 7.8 breaking changes for security (#56622) 2020-05-12 15:30:28 -04:00
James Rodewig d247e8f7a6 [DOCS] Sort EQL search API params alphabetically 2020-05-12 13:52:18 -04:00
Andrei Stefan f0074e93a0
QL: case sensitive support in EQL (#56404) (#56597)
* QL: case sensitive support in EQL (#56404)
* adds a generic startsWith function to QL
* modifies the existent EQL startsWith function to be case sensitive
aware
* improves the existent EQL startsWith function to use a prefix query
when the function is used in a case sensitive context. Same improvement
is used in SQL's newly added STARTS_WITH function.
* adds case sensitivity to EQL configuration through a case_sensitive
parameter in the eql request, as established in #54411.
The case_sensitive parameter can be specified when running queries
(default is case insensitive)

(cherry picked from commit ee5a09ea840167566e34c28c8225dc38bc6a7ae8)
2020-05-12 16:56:18 +03:00
James Rodewig 8c457c884a
[DOCS] Add clean up snapshot repository API docs (#56519) 2020-05-12 09:54:49 -04:00
Ignacio Vera 222ee721ec
Add moving percentiles pipeline aggregation (#55441) (#56575)
Similar to what the moving function aggregation does, except merging windows of percentiles
sketches together instead of cumulatively merging final metrics
2020-05-12 11:35:23 +02:00
debadair 8f2c1cda2e
[DOCS] Added info about refresh interval & max_docs and step execution. Closes #49151. (#56315) (#56554) 2020-05-11 15:10:57 -07:00
Marc e0e7b89499 [DOCS] Add document update API link to concurrency control docs (#56481)
Co-authored-by: James Rodewig <james.rodewig@elastic.co>
2020-05-11 17:37:32 -04:00
Lee Hinman 1337b35572
Remove prefer_v2_templates query string parameter (#56545)
This commit removes the `prefer_v2_templates` flag and setting. This was a brief setting that
allowed specifying whether V1 or V2 template should be used when an index is created. It has been
removed in favor of V2 templates always having priority.

Relates to #53101
Resolves #56528

This is not a breaking change because this flag was never in a released version.
2020-05-11 14:56:42 -06:00
Brandon Morelli 659edb92ff
docs: [7.x][apm] link to master in n.x branches (#56539) 2020-05-11 13:42:37 -07:00
renshuki b90c7e3797 [DOCS] Add more examples to Painless statements (#48397)
Add more examples to the Painless statements documentation (including while and do...while) as requested in #47485 (review)
2020-05-11 10:21:45 -07:00
James Rodewig 2be6d7b8b6
[DOCS] Relocate request body param docs to search API docs (#56436)
Moves documentation for the following request body parameters to the
search API reference docs:

* `explain`
* `query`
* `seq_no_primary_term`
* `version`

Removes documentation for these parameters from the Request body search
page[0].

[0]: https://www.elastic.co/guide/en/elasticsearch/reference/master/search-request-body.html
2020-05-11 11:29:38 -04:00
Lisa Cawley 7ce0a25fbc [DOCS] Add UUID troubleshooting tip for stack monitoring (#55744) 2020-05-11 07:49:34 -07:00