113 lines
3.0 KiB
Plaintext
113 lines
3.0 KiB
Plaintext
[role="xpack"]
|
|
[testenv="basic"]
|
|
[[put-data-frame-transform]]
|
|
=== Create {dataframe-transforms} API
|
|
|
|
[subs="attributes"]
|
|
++++
|
|
<titleabbrev>Create {dataframe-transforms}</titleabbrev>
|
|
++++
|
|
|
|
beta[]
|
|
|
|
Instantiates a {dataframe-transform}.
|
|
|
|
|
|
==== Request
|
|
|
|
`PUT _data_frame/transforms/<data_frame_transform_id>`
|
|
|
|
===== Description
|
|
|
|
IMPORTANT: You must use {kib} or this API to create a {dataframe-transform}.
|
|
Do not put a {dataframe-transform} directly into any
|
|
`.data-frame-internal*` indices using the Elasticsearch index API.
|
|
If {es} {security-features} are enabled, do not give users any
|
|
privileges on `.data-frame-internal*` indices.
|
|
|
|
==== Path Parameters
|
|
|
|
`data_frame_transform_id` (required)::
|
|
(string) Identifier for the {dataframe-transform}. This identifier can contain
|
|
lowercase alphanumeric characters (a-z and 0-9), hyphens, and underscores. It
|
|
must start and end with alphanumeric characters.
|
|
|
|
|
|
==== Request Body
|
|
|
|
`source` (required):: (object) The source configuration, consisting of `index` and optionally
|
|
a `query`.
|
|
|
|
`dest` (required):: (object) The destination configuration, consisting of `index` and optionally a
|
|
`pipeline` id.
|
|
|
|
`pivot`:: (object) Defines the pivot function `group by` fields and the aggregation to
|
|
reduce the data. See <<data-frame-transform-pivot, data frame transform pivot objects>>.
|
|
|
|
`description`:: Optional free text description of the data frame transform
|
|
|
|
|
|
==== Authorization
|
|
|
|
If the {es} {security-features} are enabled, you must have
|
|
`manage_data_frame_transforms` cluster privileges to use this API. The built-in
|
|
`data_frame_transforms_admin` role has these privileges. You must also
|
|
have `read` and `view_index_metadata` privileges on the source index and `read`,
|
|
`create_index`, and `index` privileges on the destination index. For more
|
|
information, see {stack-ov}/security-privileges.html[Security privileges] and
|
|
{stack-ov}/built-in-roles.html[Built-in roles].
|
|
|
|
==== Examples
|
|
|
|
The following example creates a {dataframe-transform} for the {kib} eCommerce
|
|
sample data:
|
|
|
|
[source,js]
|
|
--------------------------------------------------
|
|
PUT _data_frame/transforms/ecommerce_transform
|
|
{
|
|
"source": {
|
|
"index": "kibana_sample_data_ecommerce",
|
|
"query": {
|
|
"term": {
|
|
"geoip.continent_name": {
|
|
"value": "Asia"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"dest": {
|
|
"index": "kibana_sample_data_ecommerce_transform",
|
|
"pipeline": "add_timestamp_pipeline"
|
|
},
|
|
"pivot": {
|
|
"group_by": {
|
|
"customer_id": {
|
|
"terms": {
|
|
"field": "customer_id"
|
|
}
|
|
}
|
|
},
|
|
"aggregations": {
|
|
"max_price": {
|
|
"max": {
|
|
"field": "taxful_total_price"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"description": "Maximum priced ecommerce data by customer_id in Asia"
|
|
}
|
|
--------------------------------------------------
|
|
// CONSOLE
|
|
// TEST[skip: https://github.com/elastic/elasticsearch/issues/43271]
|
|
|
|
When the transform is created, you receive the following results:
|
|
[source,js]
|
|
----
|
|
{
|
|
"acknowledged" : true
|
|
}
|
|
----
|
|
// TESTRESPONSE
|