honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
OpenSearch/docs/reference
History
Costin Leau bff3c7470e
EQL: Replace SearchHit in response with Event (#61428) (#61522) 
The building block of the eql response is currently the SearchHit. This
is a problem since it is tied to an actual search, and thus has scoring,
highlighting, shard information and a lot of other things that are not
relevant for EQL.
This becomes a problem when doing sequence queries since the response is
not generated from one search query and thus there are no SearchHits to
speak of.
Emulating one is not just conceptually incorrect but also problematic
since most of the data is missed or made-up.

As such this PR introduces a simple class, Event, that maps nicely to
the terminology while hiding the ES internals (the use of SearchHit or
GetResult/GetResponse depending on the API used).

Fix #59764
Fix #59779

Co-authored-by: Igor Motov <igor@motovs.org>
(cherry picked from commit 997376fbe6ef2894038968842f5e0635731ede65)
 		2020-08-25 17:32:42 +03:00
..
aggregations [DOCS] Adds example to the inference aggregation description (#61290) (#61318) 2020-08-19 12:07:30 +02:00
analysis [DOCS] Replace Wikipedia links with attribute (#61171) (#61209) 2020-08-17 11:27:04 -04:00
autoscaling Autoscaling decider and decision service (#59005) (#60884) 2020-08-10 15:28:52 +02:00
cat [DOCS] Replace Wikipedia links with attribute (#61171) (#61209) 2020-08-17 11:27:04 -04:00
ccr [DOCS] Fix typo in CCR Put Follow API docs (#61392) (#61470) 2020-08-24 09:46:23 -04:00
cluster [DOCS] Replace Wikipedia links with attribute (#61171) (#61209) 2020-08-17 11:27:04 -04:00
commands [DOCS] Replace Wikipedia links with attribute (#61171) (#61209) 2020-08-17 11:27:04 -04:00
data-streams [DOCS] Fix hyphenation for "time series" (#61472) (#61481) 2020-08-24 11:18:07 -04:00
docs [DOCS] Add admon for built-in index templates (#61063) (#61220) 2020-08-17 12:48:34 -04:00
eql EQL: Replace SearchHit in response with Event (#61428) (#61522) 2020-08-25 17:32:42 +03:00
graph [DOCS] Document `xpack.graph.enabled` setting (#60073) (#61433) 2020-08-21 15:13:13 -04:00
high-availability [DOCS] Replace Wikipedia links with attribute (#61171) (#61209) 2020-08-17 11:27:04 -04:00
how-to [DOCS] Replace Wikipedia links with attribute (#61171) (#61209) 2020-08-17 11:27:04 -04:00
ilm [DOCS] Fix hyphenation for "time series" (#61472) (#61481) 2020-08-24 11:18:07 -04:00
images [DOCS] Update example data stream names (#60783) (#60820) 2020-08-06 09:38:35 -04:00
index-modules [7.x] [DOCS] Update CCR docs to focus on Kibana. (#61237) 2020-08-17 16:58:13 -04:00
indices [DOCS] Fix hyphenation for "time series" (#61472) (#61481) 2020-08-24 11:18:07 -04:00
ingest [DOCS] Fix ingest processor TOC sort (#61412) (#61416) 2020-08-21 09:21:41 -04:00
licensing [DOCS] Swap `[float]` for `[discrete]` (#60134) 2020-07-23 12:42:33 -04:00
mapping [DOCS] Fix hyphenation for "time series" (#61472) (#61481) 2020-08-24 11:18:07 -04:00
migration [doc] Improve joda-time migration guide (#60499) 2020-08-20 16:03:58 +02:00
ml [7.x] [ML] adding docs + hlrc for data frame analysis feature_processors (#61149) (#61493) 2020-08-24 12:56:21 -04:00
modules [DOCS] Combine `Search your data` files (#61477) (#61486) 2020-08-24 13:08:00 -04:00
monitoring [DOCS] Update configuring-metricbeat.asciidoc (#60857) 2020-08-17 10:04:52 -07:00
query-dsl [DOCS] Fix hyphenation for "time series" (#61472) (#61481) 2020-08-24 11:18:07 -04:00
release-notes [DOCS] Add security updates to release notes (#61288) (#61296) 2020-08-18 12:00:21 -07:00
rest-api [DOCS] http -> https, remove outdated plugin docs (#60380) (#60545) 2020-07-31 16:16:31 -04:00
rollup [DOCS] Swap `[float]` for `[discrete]` (#60134) 2020-07-23 12:42:33 -04:00
scripting [DOCS] Fix ingest script compilation rate and cache size (#61468) (#61479) 2020-08-24 10:46:44 -04:00
search [DOCS] Fix typo in profile API docs (#61445) (#61501) 2020-08-24 15:30:18 -04:00
searchable-snapshots/apis Adjust searchable snapshot license (#60578) 2020-08-03 13:19:53 +02:00
settings [DOCS] Document static machine learning settings (#61382) 2020-08-24 07:35:38 -07:00
setup [DOCS] Note the cluster settings API can override `elasticsearch.yml` (#61394) (#61464) 2020-08-24 09:32:26 -04:00
slm [DOCS] Swap `[float]` for `[discrete]` (#60134) 2020-07-23 12:42:33 -04:00
snapshot-restore Adding ignore_unavailable param. (#61368) (#61370) 2020-08-20 10:10:16 -04:00
sql [DOCS] Replace Wikipedia links with attribute (#61171) (#61209) 2020-08-17 11:27:04 -04:00
transform [DOCS] Fix security links in machine learning APIs (#60098) (#60152) 2020-07-23 16:43:10 -07:00
upgrade [DOCS] Note remote reindex is not fwd compatible (#60425) (#60454) 2020-07-30 09:23:55 -04:00
vectors [DOCS] Update my-index examples (#60132) (#60248) 2020-07-27 15:58:26 -04:00
aggregations.asciidoc [DOCS] Swap `[float]` for `[discrete]` (#60134) 2020-07-23 12:42:33 -04:00
analysis.asciidoc [DOCS] Swap `[float]` for `[discrete]` (#60134) 2020-07-23 12:42:33 -04:00
api-conventions.asciidoc [DOCS] Fix hyphenation for "time series" (#61472) (#61481) 2020-08-24 11:18:07 -04:00
cat.asciidoc AwaitsFix for #51619 2020-08-06 09:48:35 +01:00
cluster.asciidoc Password-protected Keystore Feature Branch PR (#51123) (#51510) 2020-01-28 05:32:32 -05:00
data-rollup-transform.asciidoc [DOCS] Changes level offset of transform pages (#60066) (#60075) 2020-07-22 11:22:57 -07:00
docs.asciidoc [DOCS] Remove heading offsets for REST APIs (#44568) 2019-07-19 14:36:06 -04:00
frozen-indices.asciidoc [DOCS] Replace `twitter` dataset in docs (#60604) (#60609) 2020-08-03 13:31:19 -04:00
getting-started.asciidoc [DOCS] Swap `[float]` for `[discrete]` (#60134) 2020-07-23 12:42:33 -04:00
glossary.asciidoc [DOCS] Fix hyphenation for "time series" (#61472) (#61481) 2020-08-24 11:18:07 -04:00
gs-index.asciidoc
high-availability.asciidoc [DOCS] Add docs for designing resilient clusters (#47233) (#57743) 2020-06-05 12:08:45 -04:00
how-to.asciidoc [DOCS] Add 'how to' doc about avoiding oversharding (#55480) 2020-04-22 10:44:16 -04:00
index-modules.asciidoc [7.x] [DOCS] Update CCR docs to focus on Kibana. (#61237) 2020-08-17 16:58:13 -04:00
index.asciidoc [DOCS] Combine `Search your data` files (#61477) (#61486) 2020-08-24 13:08:00 -04:00
index.x.asciidoc
indices.asciidoc [DOCS] Refactored index-templates topic. (#59737) (#60165) 2020-07-23 19:48:19 -07:00
ingest.asciidoc [DOCS] Update my-index examples (#60132) (#60248) 2020-07-27 15:58:26 -04:00
intro.asciidoc [DOCS] Fix hyphenation for "time series" (#61472) (#61481) 2020-08-24 11:18:07 -04:00
links.asciidoc [DOCS] Fix security links in machine learning APIs (#60098) (#60152) 2020-07-23 16:43:10 -07:00
mapping.asciidoc [DOCS] Fix metadata field refs (#60764) (#60769) 2020-08-05 14:04:55 -04:00
query-dsl.asciidoc Search - remove allow-expensive-query checks from wildcard field. (#60273) (#60308) 2020-07-28 17:12:33 +01:00
redirects.asciidoc [7.x] [DOCS] Update CCR docs to focus on Kibana. (#61237) 2020-08-17 16:58:13 -04:00
release-notes.asciidoc [DOCS] Adds ml-cpp PRs to release notes (#59188) 2020-07-07 11:56:40 -07:00
scripting.asciidoc [DOCS] Swap `[float]` for `[discrete]` (#60134) 2020-07-23 12:42:33 -04:00
search.asciidoc [DOCS] Prune `Search your data` content (#61303) (#61462) 2020-08-24 09:31:53 -04:00
setup.asciidoc [DOCS] http -> https, remove outdated plugin docs (#60380) (#60545) 2020-07-31 16:16:31 -04:00
upgrade.asciidoc [7.x] [DOCS] Update upgrade docs and release highlights for 7.9 (#59674) 2020-07-16 15:58:40 -04:00