From 0a43fe96c669d3d25b8fb45e538092ec0bfdb2fe Mon Sep 17 00:00:00 2001 From: George Wallace Date: Wed, 20 Nov 2024 14:18:29 -0700 Subject: [PATCH 1/5] removing preview tag --- serverless/pages/action-connectors.asciidoc | 2 - serverless/pages/api-keys.asciidoc | 2 - .../apis-elasticsearch-conventions.asciidoc | 2 - serverless/pages/apis-http-apis.asciidoc | 2 - .../pages/apis-kibana-conventions.asciidoc | 2 - .../clients-dot-net-getting-started.asciidoc | 2 - .../pages/clients-go-getting-started.asciidoc | 2 - .../clients-java-getting-started.asciidoc | 2 - .../clients-nodejs-getting-started.asciidoc | 2 - .../clients-php-getting-started.asciidoc | 2 - .../clients-python-getting-started.asciidoc | 2 - .../clients-ruby-getting-started.asciidoc | 2 - serverless/pages/clients.asciidoc | 2 - serverless/pages/custom-roles.asciidoc | 1 - serverless/pages/data-views.asciidoc | 2 - .../pages/debug-grok-expressions.asciidoc | 2 - .../pages/debug-painless-scripts.asciidoc | 2 - .../developer-tools-troubleshooting.asciidoc | 2 - .../elasticsearch-developer-tools.asciidoc | 2 - .../pages/explore-your-data-alerting.asciidoc | 157 ++++++++++++++ ...lore-your-data-discover-your-data.asciidoc | 199 ++++++++++++++++++ ...re-your-data-ml-nlp-classify-text.asciidoc | 2 - ...ore-your-data-ml-nlp-deploy-model.asciidoc | 2 - ...data-ml-nlp-deploy-trained-models.asciidoc | 2 - .../explore-your-data-ml-nlp-elser.asciidoc | 2 - ...explore-your-data-ml-nlp-examples.asciidoc | 2 - ...ore-your-data-ml-nlp-extract-info.asciidoc | 2 - ...ore-your-data-ml-nlp-import-model.asciidoc | 2 - ...xplore-your-data-ml-nlp-inference.asciidoc | 2 - ...plore-your-data-ml-nlp-lang-ident.asciidoc | 2 - ...xplore-your-data-ml-nlp-model-ref.asciidoc | 2 - ...lore-your-data-ml-nlp-ner-example.asciidoc | 2 - ...lore-your-data-ml-nlp-ootb-models.asciidoc | 2 - ...e-your-data-ml-nlp-search-compare.asciidoc | 2 - ...ore-your-data-ml-nlp-select-model.asciidoc | 2 - ...e-your-data-ml-nlp-test-inference.asciidoc | 2 - ...ata-ml-nlp-text-embedding-example.asciidoc | 2 - .../pages/explore-your-data-ml-nlp.asciidoc | 2 - serverless/pages/explore-your-data.asciidoc | 4 +- serverless/pages/files.asciidoc | 2 - .../pages/fleet-and-elastic-agent.asciidoc | 2 - .../pages/general-developer-tools.asciidoc | 2 - serverless/pages/get-started.asciidoc | 2 - serverless/pages/index-management.asciidoc | 2 - serverless/pages/ingest-pipelines.asciidoc | 2 - ...your-data-ingest-data-through-api.asciidoc | 2 - ...t-data-through-integrations-beats.asciidoc | 2 - ...ata-through-integrations-logstash.asciidoc | 2 - .../ingest-your-data-upload-file.asciidoc | 2 - serverless/pages/ingest-your-data.asciidoc | 2 - serverless/pages/integrations.asciidoc | 2 - serverless/pages/knn-search.asciidoc | 2 - serverless/pages/logstash-pipelines.asciidoc | 2 - serverless/pages/machine-learning.asciidoc | 2 - serverless/pages/maintenance-windows.asciidoc | 2 - ...cess-to-org-from-existing-account.asciidoc | 2 - .../manage-access-to-org-user-roles.asciidoc | 2 - ...manage-billing-check-subscription.asciidoc | 2 - .../pages/manage-billing-history.asciidoc | 2 - .../manage-billing-monitor-usage.asciidoc | 2 - .../manage-billing-pricing-model.asciidoc | 2 - .../manage-billing-stop-project.asciidoc | 2 - serverless/pages/manage-billing.asciidoc | 8 - serverless/pages/manage-org.asciidoc | 2 - .../manage-your-project-rest-api.asciidoc | 2 - serverless/pages/manage-your-project.asciidoc | 2 - serverless/pages/maps.asciidoc | 2 - serverless/pages/pricing.asciidoc | 2 - .../profile-queries-and-aggregations.asciidoc | 2 - .../project-and-management-settings.asciidoc | 2 - serverless/pages/project-settings.asciidoc | 2 - serverless/pages/reports.asciidoc | 2 - serverless/pages/rules.asciidoc | 2 - .../run-api-requests-in-the-console.asciidoc | 2 - serverless/pages/saved-objects.asciidoc | 2 - serverless/pages/search-playground.asciidoc | 2 - .../pages/search-with-synonyms.asciidoc | 2 - ...h-your-data-semantic-search-elser.asciidoc | 2 - .../search-your-data-semantic-search.asciidoc | 2 - .../search-your-data-the-search-api.asciidoc | 2 - serverless/pages/search-your-data.asciidoc | 2 - .../pages/serverless-differences.asciidoc | 2 - serverless/pages/tags.asciidoc | 2 - .../technical-preview-limitations.asciidoc | 2 - serverless/pages/transforms.asciidoc | 2 - serverless/pages/user-profile.asciidoc | 2 - .../pages/welcome-to-serverless.asciidoc | 2 - .../what-is-elasticsearch-serverless.asciidoc | 7 + serverless/pages/what-is-serverless.asciidoc | 12 +- 89 files changed, 365 insertions(+), 187 deletions(-) create mode 100644 serverless/pages/explore-your-data-alerting.asciidoc create mode 100644 serverless/pages/explore-your-data-discover-your-data.asciidoc diff --git a/serverless/pages/action-connectors.asciidoc b/serverless/pages/action-connectors.asciidoc index 704627a62a..b92101573d 100644 --- a/serverless/pages/action-connectors.asciidoc +++ b/serverless/pages/action-connectors.asciidoc @@ -4,8 +4,6 @@ // :description: Configure connections to third party systems for use in cases and rules. // :keywords: serverless -preview:[] - This content applies to: {es-badge} {obs-badge} {sec-badge} The list of available connectors varies by project type. diff --git a/serverless/pages/api-keys.asciidoc b/serverless/pages/api-keys.asciidoc index 794f8c165f..d3a1519db0 100644 --- a/serverless/pages/api-keys.asciidoc +++ b/serverless/pages/api-keys.asciidoc @@ -4,8 +4,6 @@ // :description: API keys allow access to the {stack} on behalf of a user. // :keywords: serverless, Elasticsearch, Observability, Security -preview:[] - This content applies to: {es-badge} {obs-badge} {sec-badge} API keys are security mechanisms used to authenticate and authorize access to {stack} resources, diff --git a/serverless/pages/apis-elasticsearch-conventions.asciidoc b/serverless/pages/apis-elasticsearch-conventions.asciidoc index c23a9ccabd..4681854faf 100644 --- a/serverless/pages/apis-elasticsearch-conventions.asciidoc +++ b/serverless/pages/apis-elasticsearch-conventions.asciidoc @@ -4,8 +4,6 @@ // :description: The {es-serverless} REST APIs have conventions for headers and request bodies. // :keywords: serverless, elasticsearch, API, reference -preview:[] - You can run {es} API requests in **{dev-tools-app} → Console**. For example: diff --git a/serverless/pages/apis-http-apis.asciidoc b/serverless/pages/apis-http-apis.asciidoc index 937744c039..87873d1275 100644 --- a/serverless/pages/apis-http-apis.asciidoc +++ b/serverless/pages/apis-http-apis.asciidoc @@ -4,8 +4,6 @@ // :description: {es} and {kib} expose REST APIs that can be called directly to configure and access {stack} features. // :keywords: serverless, elasticsearch, http, rest, overview -preview:[] - * <>: The {es-serverless} REST APIs have conventions for headers and request bodies. * <>: The Management APIs for {serverless-short} have request header conventions. * https://www.elastic.co/docs/api/[API Reference]: Explore the reference information for Elastic Serverless REST APIs diff --git a/serverless/pages/apis-kibana-conventions.asciidoc b/serverless/pages/apis-kibana-conventions.asciidoc index 5e47fbb50f..926ae6a392 100644 --- a/serverless/pages/apis-kibana-conventions.asciidoc +++ b/serverless/pages/apis-kibana-conventions.asciidoc @@ -4,8 +4,6 @@ // :description: The Management APIs for {serverless-short} have request header conventions. // :keywords: serverless, kibana, API, reference -preview:[] - The Management REST APIs for {serverless-full} let you manage resources that are available in multiple solutions. These resources include connectors, data views, and saved objects. If you've previously used the {stack}, the Management APIs are similar to {kib} APIs. diff --git a/serverless/pages/clients-dot-net-getting-started.asciidoc b/serverless/pages/clients-dot-net-getting-started.asciidoc index 4697b0309b..1f9ab78819 100644 --- a/serverless/pages/clients-dot-net-getting-started.asciidoc +++ b/serverless/pages/clients-dot-net-getting-started.asciidoc @@ -4,8 +4,6 @@ // :description: Set up and use the .NET client for {es3}. // :keywords: serverless, elasticsearch, .net, how to -preview:[] - [NOTE] ==== This client is for use with {es-serverless} only. See also the https://www.elastic.co/guide/en/elasticsearch/client/index.html[{es} clients]. diff --git a/serverless/pages/clients-go-getting-started.asciidoc b/serverless/pages/clients-go-getting-started.asciidoc index 33caeaf48b..60764b332c 100644 --- a/serverless/pages/clients-go-getting-started.asciidoc +++ b/serverless/pages/clients-go-getting-started.asciidoc @@ -4,8 +4,6 @@ // :description: Set up and use the Go client for {es3}. // :keywords: serverless, elasticsearch, go, how to -preview:[] - [NOTE] ==== This client is for use with {es-serverless} only. See also the https://www.elastic.co/guide/en/elasticsearch/client/index.html[{es} clients]. diff --git a/serverless/pages/clients-java-getting-started.asciidoc b/serverless/pages/clients-java-getting-started.asciidoc index c6640d6d3d..acb7f34937 100644 --- a/serverless/pages/clients-java-getting-started.asciidoc +++ b/serverless/pages/clients-java-getting-started.asciidoc @@ -4,8 +4,6 @@ // :description: Set up and use the Java client for {es3}. // :keywords: serverless, elasticsearch, java, how to -preview:[] - [NOTE] ==== This client is for use with {es-serverless} only. See also the https://www.elastic.co/guide/en/elasticsearch/client/index.html[{es} clients]. diff --git a/serverless/pages/clients-nodejs-getting-started.asciidoc b/serverless/pages/clients-nodejs-getting-started.asciidoc index 4e0b1db2db..d4c57d03c4 100644 --- a/serverless/pages/clients-nodejs-getting-started.asciidoc +++ b/serverless/pages/clients-nodejs-getting-started.asciidoc @@ -4,8 +4,6 @@ // :description: Set up and use the Node.js client for {es3}. // :keywords: serverless, elasticsearch, nodejs, how to -preview:[] - [NOTE] ==== This client is for use with {es-serverless} only. See also the https://www.elastic.co/guide/en/elasticsearch/client/index.html[{es} clients]. diff --git a/serverless/pages/clients-php-getting-started.asciidoc b/serverless/pages/clients-php-getting-started.asciidoc index 7cc42c4401..87522d283f 100644 --- a/serverless/pages/clients-php-getting-started.asciidoc +++ b/serverless/pages/clients-php-getting-started.asciidoc @@ -4,8 +4,6 @@ // :description: Set up and use the PHP client for {es3}. // :keywords: serverless, elasticsearch, php, how to -preview:[] - [NOTE] ==== This client is for use with {es-serverless} only. See also the https://www.elastic.co/guide/en/elasticsearch/client/index.html[{es} clients]. diff --git a/serverless/pages/clients-python-getting-started.asciidoc b/serverless/pages/clients-python-getting-started.asciidoc index 9dee1a479c..8f12342d11 100644 --- a/serverless/pages/clients-python-getting-started.asciidoc +++ b/serverless/pages/clients-python-getting-started.asciidoc @@ -4,8 +4,6 @@ // :description: Set up and use the Python client for {es3}. // :keywords: serverless, elasticsearch, python, how to -preview:[] - [NOTE] ==== This client is for use with {es-serverless} only. See also the https://www.elastic.co/guide/en/elasticsearch/client/index.html[{es} clients]. diff --git a/serverless/pages/clients-ruby-getting-started.asciidoc b/serverless/pages/clients-ruby-getting-started.asciidoc index 6f18fbbb01..f71553923c 100644 --- a/serverless/pages/clients-ruby-getting-started.asciidoc +++ b/serverless/pages/clients-ruby-getting-started.asciidoc @@ -4,8 +4,6 @@ // :description: Set up and use the Ruby client for {es3}. // :keywords: serverless, elasticsearch, ruby, how to -preview:[] - [NOTE] ==== This client is for use with {es-serverless} only. See also the https://www.elastic.co/guide/en/elasticsearch/client/index.html[{es} clients]. diff --git a/serverless/pages/clients.asciidoc b/serverless/pages/clients.asciidoc index e3c426c6f3..e3e42f6e88 100644 --- a/serverless/pages/clients.asciidoc +++ b/serverless/pages/clients.asciidoc @@ -4,8 +4,6 @@ // :description: Index, search, and manage {es} data in your preferred language. // :keywords: serverless, elasticsearch, clients, overview -preview:[] - {es3} provides official language clients for {es} REST APIs. [NOTE] diff --git a/serverless/pages/custom-roles.asciidoc b/serverless/pages/custom-roles.asciidoc index 041205c18f..57f3c80a22 100644 --- a/serverless/pages/custom-roles.asciidoc +++ b/serverless/pages/custom-roles.asciidoc @@ -9,7 +9,6 @@ coming:[] endif::[] ifdef::serverlessCustomRoles[] -preview:[] This content applies to: {es-badge} {sec-badge} diff --git a/serverless/pages/data-views.asciidoc b/serverless/pages/data-views.asciidoc index 45769891c7..bfa31dce3b 100644 --- a/serverless/pages/data-views.asciidoc +++ b/serverless/pages/data-views.asciidoc @@ -4,8 +4,6 @@ // :description: Elastic requires a {data-source} to access the {es} data that you want to explore. // :keywords: serverless, Elasticsearch, Observability, Security -preview:[] - This content applies to: {es-badge} {obs-badge} {sec-badge} A {data-source} can point to one or more indices, {ref}/data-streams.html[data streams], or {ref}/alias.html[index aliases]. diff --git a/serverless/pages/debug-grok-expressions.asciidoc b/serverless/pages/debug-grok-expressions.asciidoc index 388431f38a..ad0dc7545d 100644 --- a/serverless/pages/debug-grok-expressions.asciidoc +++ b/serverless/pages/debug-grok-expressions.asciidoc @@ -4,8 +4,6 @@ // :description: Build and debug grok patterns before you use them in your data processing pipelines. // :keywords: serverless, dev tools, how-to -preview:[] - This content applies to: {es-badge} {obs-badge} {sec-badge} You can build and debug grok patterns in the **Grok Debugger** before you use them in your data processing pipelines. diff --git a/serverless/pages/debug-painless-scripts.asciidoc b/serverless/pages/debug-painless-scripts.asciidoc index 045aaaa782..262cc25f32 100644 --- a/serverless/pages/debug-painless-scripts.asciidoc +++ b/serverless/pages/debug-painless-scripts.asciidoc @@ -4,8 +4,6 @@ // :description: Use our interactive code editor to test and debug Painless scripts in real-time. // :keywords: serverless, dev tools, how-to -preview:[] - This content applies to: {obs-badge} {sec-badge} beta::[] diff --git a/serverless/pages/developer-tools-troubleshooting.asciidoc b/serverless/pages/developer-tools-troubleshooting.asciidoc index 65fcff9588..0a883ca492 100644 --- a/serverless/pages/developer-tools-troubleshooting.asciidoc +++ b/serverless/pages/developer-tools-troubleshooting.asciidoc @@ -4,8 +4,6 @@ // :description: Troubleshoot searches. // :keywords: serverless, troubleshooting -preview:[] - When you query your data, {es} may return an error, no search results, or results in an unexpected order. This guide describes how to troubleshoot searches. diff --git a/serverless/pages/elasticsearch-developer-tools.asciidoc b/serverless/pages/elasticsearch-developer-tools.asciidoc index 76e8f23cf0..6386c424c7 100644 --- a/serverless/pages/elasticsearch-developer-tools.asciidoc +++ b/serverless/pages/elasticsearch-developer-tools.asciidoc @@ -4,8 +4,6 @@ // :description: Elastic tools for developers. // :keywords: serverless, elasticsearch, overview -preview:[] - A number of developer tools are available in your project's UI under the **Dev Tools** section. * <>: Make API calls to your {es} instance using the Query DSL and view the responses. diff --git a/serverless/pages/explore-your-data-alerting.asciidoc b/serverless/pages/explore-your-data-alerting.asciidoc new file mode 100644 index 0000000000..c3e243d973 --- /dev/null +++ b/serverless/pages/explore-your-data-alerting.asciidoc @@ -0,0 +1,157 @@ +[[elasticsearch-explore-your-data-alerting]] += Manage alerting rules + +// :description: Define when to generate alerts and notifications with alerting rules. +// :keywords: serverless, elasticsearch, alerting, how-to + +++++ +Alerts +++++ + +In **{alerts-app}** or **{project-settings} → {manage-app} → {rules-app}** you can: + +* Create and edit rules +* Manage rules including enabling/disabling, muting/unmuting, and deleting +* Drill down to rule details +* Configure rule settings + +[role="screenshot"] +image::images/rules-ui.png[Example rule listing in {rules-ui}] + +For an overview of alerting concepts, go to <>. + +//// +/* ## Required permissions + +Access to rules is granted based on your {alert-features} privileges. */ +//// + +//// +/* MISSING LINK: +For more information, go to missing linkSecuritys. */ +//// + +[discrete] +[[elasticsearch-explore-your-data-alerting-create-and-edit-rules]] +== Create and edit rules + +When you click the **Create rule** button, it launches a flyout that guides you through selecting a rule type and configuring its conditions and actions. + +[role="screenshot"] +image::images/alerting-overview.png[{rules-ui} app] + +The rule types available in an {es} project are: + +* {kibana-ref}/rule-type-es-query.html[{es} query] +* {kibana-ref}/rule-type-index-threshold.html[Index threshold] +* {kibana-ref}/geo-alerting.html[Tracking containement] +* {ref}/transform-alerts.html[Transform health] + +After a rule is created, you can open the action menu (…) and select **Edit rule** to re-open the flyout and change the rule properties. + +You can also manage rules as resources with the https://registry.terraform.io/providers/elastic/elasticstack/latest[Elasticstack provider] for Terraform. +For more details, refer to the https://registry.terraform.io/providers/elastic/elasticstack/latest/docs/resources/kibana_alerting_rule[elasticstack_kibana_alerting_rule] resource. + +// For details on what types of rules are available and how to configure them, refer to [Rule types]({kibana-ref}/rule-types.html). + +// missing link + +[discrete] +[[elasticsearch-explore-your-data-alerting-snooze-and-disable-rules]] +== Snooze and disable rules + +The rule listing enables you to quickly snooze, disable, enable, or delete individual rules. +For example, you can change the state of a rule: + +[role="screenshot"] +image::images/rule-enable-disable.png[Use the rule status dropdown to enable or disable an individual rule] + +When you snooze a rule, the rule checks continue to run on a schedule but the alert will not trigger any actions. +You can snooze for a specified period of time, indefinitely, or schedule single or recurring downtimes: + +[role="screenshot"] +image::images/rule-snooze-panel.png[Snooze notifications for a rule] + +When a rule is in a snoozed state, you can cancel or change the duration of this state. + +[discrete] +[[elasticsearch-explore-your-data-alerting-import-and-export-rules]] +== Import and export rules + +To import and export rules, use <>. + +//// +/* +TBD: Do stack monitoring rules exist in serverless? +Stack monitoring rules are automatically created for you and therefore cannot be managed in **Saved Objects**. +*/ +//// + +Rules are disabled on export. You are prompted to re-enable the rule on successful import. + +[role="screenshot"] +image::images/rules-imported-banner.png[Rules import banner] + +[discrete] +[[elasticsearch-explore-your-data-alerting-view-rule-details]] +== View rule details + +You can determine the health of a rule by looking at its **Last response**. +A rule can have one of the following responses: + +`failed`:: +The rule ran with errors. + +`succeeded`:: +The rule ran without errors. + +`warning`:: +The rule ran with some non-critical errors. + +Click the rule name to access a rule details page: + +[role="screenshot"] +image::images/rule-details-alerts-active.png[Rule details page with multiple alerts] + +In this example, the rule detects when a site serves more than a threshold number of bytes in a 24 hour period. Four sites are above the threshold. These are called alerts - occurrences of the condition being detected - and the alert name, status, time of detection, and duration of the condition are shown in this view. Alerts come and go from the list depending on whether the rule conditions are met. + +When an alert is created, it generates actions. If the conditions that caused the alert persist, the actions run again according to the rule notification settings. There are three common alert statuses: + +`active`:: +The conditions for the rule are met and actions should be generated according to the notification settings. + +`flapping`:: +The alert is switching repeatedly between active and recovered states. + +`recovered`:: +The conditions for the rule are no longer met and recovery actions should be generated. + +.Flapping alerts +[NOTE] +==== +The `flapping` state is possible only if you have enabled alert flapping detection in **{rules-ui}** → **Settings**. A look back window and threshold are used to determine whether alerts are flapping. For example, you can specify that the alert must change status at least 6 times in the last 10 runs. If the rule has actions that run when the alert status changes, those actions are suppressed while the alert is flapping. +==== + +If there are rule actions that failed to run successfully, you can see the details on the **History** tab. +In the **Message** column, click the warning or expand icon or click the number in the **Errored actions** column to open the **Errored Actions** panel. + +// + +//// +/* +TBD: Is this setting still feasible in serverless? +In this example, the action failed because the `xpack.actions.email.domain_allowlist` setting was updated and the action's email recipient is no longer included in the allowlist: + +![Rule history page with alerts that have errored actions](../images/rule-details-errored-actions.png) +*/ +//// + +// If an alert was affected by a maintenance window, its identifier appears in the **Maintenance windows** column. + +You can suppress future actions for a specific alert by turning on the **Mute** toggle. +If a muted alert no longer meets the rule conditions, it stays in the list to avoid generating actions if the conditions recur. +You can also disable a rule, which stops it from running checks and clears any alerts it was tracking. +You may want to disable rules that are not currently needed to reduce the load on your cluster. + +[role="screenshot"] +image::images/rule-details-disabling.png[Use the disable toggle to turn off rule checks and clear alerts tracked] diff --git a/serverless/pages/explore-your-data-discover-your-data.asciidoc b/serverless/pages/explore-your-data-discover-your-data.asciidoc new file mode 100644 index 0000000000..ba4325eabc --- /dev/null +++ b/serverless/pages/explore-your-data-discover-your-data.asciidoc @@ -0,0 +1,199 @@ +[[elasticsearch-explore-your-data-discover-your-data]] += Discover your data + +// :description: Learn how to use Discover to gain insights into your data. +// :keywords: serverless, elasticsearch, discover data, how to + + +With **Discover**, you can quickly search and filter your data, get information +about the structure of the fields, and display your findings in a visualization. +You can also customize and save your searches and place them on a dashboard. + +[discrete] +[[elasticsearch-explore-your-data-discover-your-data-explore-and-query-your-data]] +== Explore and query your data + +This tutorial shows you how to use **Discover** to search large amounts of +data and understand what’s going on at any given time. This tutorial uses the book sample data set from the <>. + +You’ll learn to: + +* **Select** data for your exploration, set a time range for that data, +search it with the {kib} Query Language, and filter the results. +* **Explore** the details of your data, view individual documents, and create tables +that summarize the contents of the data. +* **Present** your findings in a visualization. + +At the end of this tutorial, you’ll be ready to start exploring with your own +data in **Discover**. + +[discrete] +[[elasticsearch-explore-your-data-discover-your-data-find-your-data]] +== Find your data + +Tell {kib} where to find the data you want to explore, and then specify the time range in which to view that data. + +. Once the book sample data has been ingested, navigate to **Explore → Discover** and click **Create data view**. +. Give your data view a name. ++ +[role="screenshot"] +image::images/create-data-view.png[Create a data view] ++ +. Start typing in the **Index pattern** field, and the names of indices, data streams, and aliases that match your input will be displayed. ++ +** To match multiple sources, use a wildcard (*), for example, `b*` and any indices starting with the letter `b` display. +** To match multiple sources, enter their names separated by a comma. Do not include a space after the comma. For example `books,magazines` would match two indices: `books` and `magazines`. +** To exclude a source, use a minus sign (-), for example `-books`. +. In the **Timestamp** field dropdown, and then select `release_date`. ++ +** If you don't set a time field, you can't use global time filters on your dashboards. Leaving the time field unset might be useful if you have multiple time fields and want to create dashboards that combine visualizations based on different timestamps. +** If your index doesn't have time-based data, choose **I don't want to use the time filter**. +. Click **Show advanced settings** to: ++ +** Display hidden and system indices. +** Specify your own data view name. For example, enter your Elasticsearch index alias name. +. Click **Save data view to {kib}**. +. Adjust the time range to view data for the **Last 40 years** to view all your book data. ++ +[role="screenshot"] +image::images/book-data.png[Your book data displayed] + +[discrete] +[[explore-fields-in-your-data]] +== Explore the fields in your data + +**Discover** includes a table that shows all the documents that match your search. By default, the document table includes a column for the time field and a column that lists all other fields in the document. You’ll modify the document table to display your fields of interest. + +. In the sidebar, enter `au` in the search field to find the `author` field. +. In the **Available fields** list, click `author` to view its most popular values. ++ +**Discover** shows the top 10 values and the number of records used to calculate those values. ++ +. Click image:images/icons/plusInCircleFilled.svg[Add] to toggle the field into the document table. You can also drag the field from the **Available fields** list into the document table. + +[discrete] +[[elasticsearch-explore-your-data-discover-your-data-add-a-field-to-your-data-source]] +== Add a field to your {data-source} + +What happens if you forgot to define an important value as a separate field? Or, what if you +want to combine two fields and treat them as one? This is where {ref}/runtime.html[runtime fields] come into play. +You can add a runtime field to your {data-source} from inside of **Discover**, +and then use that field for analysis and visualizations, +the same way you do with other fields. + +. In the sidebar, click **Add a field**. +. In the **Create field** form, enter `hello` for the name. +. Turn on **Set value**. +. Define the script using the Painless scripting language. Runtime fields require an `emit()`. ++ +[source,ts] +---- +emit("Hello World!"); +---- +. Click **Save**. +. In the sidebar, search for the **hello** field, and then add it to the document table. +. Create a second field named `authorabbrev` that combines the authors last name and first initial. ++ +[source,ts] +---- +String str = doc['author.keyword'].value; +char ch1 = str.charAt(0); +emit(doc['author.keyword'].value + ", " + ch1); +---- +. Add `authorabbrev` to the document table. + +[role="screenshot"] +image::images/add-fields.png[How the fields you just created should display] + +[discrete] +[[search-in-discover]] +== Search your data + +One of the unique capabilities of **Discover** is the ability to combine free text search with filtering based on structured data. To search all fields, enter a simple string in the query bar. + +To search particular fields and build more complex queries, use the {kib} Query language. As you type, KQL prompts you with the fields you can search and the operators you can use to build a structured query. + +Search the book data to find out which books have more than 500 pages: + +. Enter `p`, and then select **page_count**. +. Select **>** for greater than and enter **500**, then click the refresh button or press the Enter key to see which books have more than 500 pages. + +[discrete] +[[filter-in-discover]] +== Filter your data + +Whereas the query defines the set of documents you are interested in, +filters enable you to zero in on subsets of those documents. +You can filter results to include or exclude specific fields, filter for a value in a range, +and more. + +Exclude documents where the author is not Terry Pratchett: + +. Click image:images/icons/plusInCircleFilled.svg[Add] next to the query bar. +. In the **Add filter** pop-up, set the field to **author**, the operator to **is not**, and the value to **Terry Pratchett**. +. Click **Add filter**. +. Continue your exploration by adding more filters. +. To remove a filter, click the close icon (x) next to its name in the filter bar. + +[discrete] +[[look-inside-a-document]] +== Look inside a document + +Dive into an individual document to view its fields and the documents that occurred before and after it. + +. In the document table, click the expand icon image:images/icons/expand.svg[View details] to show document details. +. Scan through the fields and their values. If you find a field of interest, hover your mouse over the **Actions** column for filters and other options. +. To create a view of the document that you can bookmark and share, click **Single document**. +. To view documents that occurred before or after the event you are looking at, click **Surrounding documents**. + +[discrete] +[[save-your-search]] +== Save your search for later use + +Save your search so you can use it later to generate a CSV report, create visualizations and Dashboards. Saving a search saves the query text, filters, and current view of **Discover**, including the columns selected in the document table, the sort order, and the {data-source}. + +. In the upper right toolbar, click **Save**. +. Give your search a title. +. Optionally store tags and the time range with the search. +. Click **Save**. + +[discrete] +[[elasticsearch-explore-your-data-discover-your-data-visualize-your-findings]] +== Visualize your findings + +If a field can be {ref}/search-aggregations.html[aggregated], you can quickly visualize it from **Discover**. + +. In the sidebar, find and then click `release_date`. +. In the popup, click **Visualize**. ++ +[NOTE] +==== +{kib} creates a visualization best suited for this field. +==== ++ +. From the **Available fields** list, drag and drop `page_count` onto the workspace. +. Save your visualization for use on a dashboard. + +For geographical point fields, if you click **Visualize**, your data appears in a map. + +[discrete] +[[share-your-findings]] +== Share your findings + +To share your findings with a larger audience, click **Share** in the upper right toolbar. + +[discrete] +[[alert-from-Discover]] +== Generate alerts + +From **Discover**, you can create a rule to periodically check when data goes above or below a certain threshold within a given time interval. + +. Ensure that your data view, +query, and filters fetch the data for which you want an alert. +. In the toolbar, click **Alerts → Create search threshold rule**. ++ +The **Create rule** form is pre-filled with the latest query sent to {es}. +. Configure your {es} query and select a connector type. +. Click **Save**. + +For more about this and other rules provided in {alert-features}, go to <>. diff --git a/serverless/pages/explore-your-data-ml-nlp-classify-text.asciidoc b/serverless/pages/explore-your-data-ml-nlp-classify-text.asciidoc index e4928c9676..346872d6ba 100644 --- a/serverless/pages/explore-your-data-ml-nlp-classify-text.asciidoc +++ b/serverless/pages/explore-your-data-ml-nlp-classify-text.asciidoc @@ -3,8 +3,6 @@ // :description: NLP tasks that classify input text or determine the language of text. // :keywords: serverless, elasticsearch, tbd -preview:[] - These NLP tasks enable you to identify the language of text and classify or label unstructured input text: diff --git a/serverless/pages/explore-your-data-ml-nlp-deploy-model.asciidoc b/serverless/pages/explore-your-data-ml-nlp-deploy-model.asciidoc index c45fae60b4..6f24c54372 100644 --- a/serverless/pages/explore-your-data-ml-nlp-deploy-model.asciidoc +++ b/serverless/pages/explore-your-data-ml-nlp-deploy-model.asciidoc @@ -2,8 +2,6 @@ // :description: Description to be written -preview:[] - After you import the model and vocabulary, you can use {kib} to view and manage their deployment across your cluster under **{ml-app}** → **Model Management**. Alternatively, you can use the diff --git a/serverless/pages/explore-your-data-ml-nlp-deploy-trained-models.asciidoc b/serverless/pages/explore-your-data-ml-nlp-deploy-trained-models.asciidoc index e4fc0a8f3d..90346ee516 100644 --- a/serverless/pages/explore-your-data-ml-nlp-deploy-trained-models.asciidoc +++ b/serverless/pages/explore-your-data-ml-nlp-deploy-trained-models.asciidoc @@ -3,8 +3,6 @@ // :description: You can import trained models into your cluster and configure them for specific NLP tasks. // :keywords: serverless, elasticsearch, tbd -preview:[] - If you want to perform {nlp} tasks in your cluster, you must deploy an appropriate trained model. There is tooling support in https://github.com/elastic/eland[Eland] and {kib} to help you prepare and diff --git a/serverless/pages/explore-your-data-ml-nlp-elser.asciidoc b/serverless/pages/explore-your-data-ml-nlp-elser.asciidoc index ef2312da40..32a026f542 100644 --- a/serverless/pages/explore-your-data-ml-nlp-elser.asciidoc +++ b/serverless/pages/explore-your-data-ml-nlp-elser.asciidoc @@ -3,8 +3,6 @@ // :description: ELSER is a learned sparse ranking model trained by Elastic. // :keywords: serverless, elasticsearch, tbd -preview:[] - Elastic Learned Sparse EncodeR - or ELSER - is a retrieval model trained by Elastic that enables you to perform {ref}/semantic-search-elser.html[semantic search] to retrieve more relevant diff --git a/serverless/pages/explore-your-data-ml-nlp-examples.asciidoc b/serverless/pages/explore-your-data-ml-nlp-examples.asciidoc index 304d9c446f..991fd10639 100644 --- a/serverless/pages/explore-your-data-ml-nlp-examples.asciidoc +++ b/serverless/pages/explore-your-data-ml-nlp-examples.asciidoc @@ -2,8 +2,6 @@ // :description: Description to be written -preview:[] - The following pages contain end-to-end examples of how to use the different {nlp} tasks in the {stack}. diff --git a/serverless/pages/explore-your-data-ml-nlp-extract-info.asciidoc b/serverless/pages/explore-your-data-ml-nlp-extract-info.asciidoc index 80cfb8c7b4..03f77861c5 100644 --- a/serverless/pages/explore-your-data-ml-nlp-extract-info.asciidoc +++ b/serverless/pages/explore-your-data-ml-nlp-extract-info.asciidoc @@ -3,8 +3,6 @@ // :description: NLP tasks that extract information from unstructured text. // :keywords: serverless, elasticsearch, tbd -preview:[] - These NLP tasks enable you to extract information from your unstructured text: * https://www.elastic.co/docs/current/serverless/elasticsearch/explore-your-data-ml-nlp/extract-info[Named entity recognition] diff --git a/serverless/pages/explore-your-data-ml-nlp-import-model.asciidoc b/serverless/pages/explore-your-data-ml-nlp-import-model.asciidoc index 45887244b2..2fc9bba428 100644 --- a/serverless/pages/explore-your-data-ml-nlp-import-model.asciidoc +++ b/serverless/pages/explore-your-data-ml-nlp-import-model.asciidoc @@ -2,8 +2,6 @@ // :keywords: serverless, elasticsearch, tbd -preview:[] - [IMPORTANT] ==== If you want to install a trained model in a restricted or closed diff --git a/serverless/pages/explore-your-data-ml-nlp-inference.asciidoc b/serverless/pages/explore-your-data-ml-nlp-inference.asciidoc index 6095f0ca1f..bd8b3cd85d 100644 --- a/serverless/pages/explore-your-data-ml-nlp-inference.asciidoc +++ b/serverless/pages/explore-your-data-ml-nlp-inference.asciidoc @@ -3,8 +3,6 @@ // :description: You can import trained models into your cluster and configure them for specific NLP tasks. // :keywords: serverless, elasticsearch, tbd -preview:[] - After you https://www.elastic.co/docs/current/serverless/elasticsearch/explore-your-data-ml-nlp/deploy-trained-models[deploy a trained model in your cluster], you can use it to perform {nlp} tasks in ingest pipelines. diff --git a/serverless/pages/explore-your-data-ml-nlp-lang-ident.asciidoc b/serverless/pages/explore-your-data-ml-nlp-lang-ident.asciidoc index e389d91fa1..08c967b81f 100644 --- a/serverless/pages/explore-your-data-ml-nlp-lang-ident.asciidoc +++ b/serverless/pages/explore-your-data-ml-nlp-lang-ident.asciidoc @@ -3,8 +3,6 @@ // :description: Language identification is an NLP task and a model that enables you to determine the language of text. // :keywords: serverless, elasticsearch, tbd -preview:[] - {lang-ident-cap} enables you to determine the language of text. A {lang-ident} model is provided in your cluster, which you can use in an diff --git a/serverless/pages/explore-your-data-ml-nlp-model-ref.asciidoc b/serverless/pages/explore-your-data-ml-nlp-model-ref.asciidoc index 17a1099df3..5c38de51ab 100644 --- a/serverless/pages/explore-your-data-ml-nlp-model-ref.asciidoc +++ b/serverless/pages/explore-your-data-ml-nlp-model-ref.asciidoc @@ -3,8 +3,6 @@ // :description: The list of compatible third party NLP models. // :keywords: ml, reference, analyze -preview:[] - The {stack-ml-features} support transformer models that conform to the standard BERT model interface and use the WordPiece tokenization algorithm. diff --git a/serverless/pages/explore-your-data-ml-nlp-ner-example.asciidoc b/serverless/pages/explore-your-data-ml-nlp-ner-example.asciidoc index 3543d8dcde..03cd5ce39a 100644 --- a/serverless/pages/explore-your-data-ml-nlp-ner-example.asciidoc +++ b/serverless/pages/explore-your-data-ml-nlp-ner-example.asciidoc @@ -2,8 +2,6 @@ // :description: Description to be written -preview:[] - You can use these instructions to deploy a https://www.elastic.co/docs/current/serverless/elasticsearch/explore-your-data-ml-nlp/extract-info[named entity recognition (NER)] model in {es}, test the model, and add it to an {infer} ingest pipeline. The diff --git a/serverless/pages/explore-your-data-ml-nlp-ootb-models.asciidoc b/serverless/pages/explore-your-data-ml-nlp-ootb-models.asciidoc index 5f0713a42f..f452a56536 100644 --- a/serverless/pages/explore-your-data-ml-nlp-ootb-models.asciidoc +++ b/serverless/pages/explore-your-data-ml-nlp-ootb-models.asciidoc @@ -3,8 +3,6 @@ // :description: Models trained and provided by Elastic // :keywords: serverless, elasticsearch, tbd -preview:[] - You can use models that are trained and provided by Elastic that are available within the {stack} with a click of a button. diff --git a/serverless/pages/explore-your-data-ml-nlp-search-compare.asciidoc b/serverless/pages/explore-your-data-ml-nlp-search-compare.asciidoc index 0b16c7cb7c..97730070a7 100644 --- a/serverless/pages/explore-your-data-ml-nlp-search-compare.asciidoc +++ b/serverless/pages/explore-your-data-ml-nlp-search-compare.asciidoc @@ -3,8 +3,6 @@ // :description: NLP tasks for generate embeddings which can be used to search in text or compare different peieces of text. // :keywords: serverless, elasticsearch, tbd -preview:[] - The {stack-ml-features} can generate embeddings, which you can use to search in unstructured text or compare different pieces of text. diff --git a/serverless/pages/explore-your-data-ml-nlp-select-model.asciidoc b/serverless/pages/explore-your-data-ml-nlp-select-model.asciidoc index b02dafa43b..00a6b6a4a8 100644 --- a/serverless/pages/explore-your-data-ml-nlp-select-model.asciidoc +++ b/serverless/pages/explore-your-data-ml-nlp-select-model.asciidoc @@ -2,8 +2,6 @@ // :keywords: serverless, elasticsearch, tbd -preview:[] - Per the <>, there are multiple ways that you can use NLP features within the {stack}. diff --git a/serverless/pages/explore-your-data-ml-nlp-test-inference.asciidoc b/serverless/pages/explore-your-data-ml-nlp-test-inference.asciidoc index 39f93ffecd..4cd1b725bd 100644 --- a/serverless/pages/explore-your-data-ml-nlp-test-inference.asciidoc +++ b/serverless/pages/explore-your-data-ml-nlp-test-inference.asciidoc @@ -3,8 +3,6 @@ // :description: You can import trained models into your cluster and configure them for specific NLP tasks. // :keywords: serverless, elasticsearch, tbd -preview:[] - When the model is deployed on at least one node in the cluster, you can begin to perform inference. _{infer-cap}_ is a {ml} feature that enables you to use your trained models to perform NLP tasks (such as text extraction, diff --git a/serverless/pages/explore-your-data-ml-nlp-text-embedding-example.asciidoc b/serverless/pages/explore-your-data-ml-nlp-text-embedding-example.asciidoc index 2fede73c04..a581f8df33 100644 --- a/serverless/pages/explore-your-data-ml-nlp-text-embedding-example.asciidoc +++ b/serverless/pages/explore-your-data-ml-nlp-text-embedding-example.asciidoc @@ -2,8 +2,6 @@ // :description: Description to be written -preview:[] - You can use these instructions to deploy a https://www.elastic.co/docs/current/serverless/elasticsearch/explore-your-data-ml-nlp/search-compare-text[text embedding] model in {es}, test the model, and add it to an {infer} ingest pipeline. It diff --git a/serverless/pages/explore-your-data-ml-nlp.asciidoc b/serverless/pages/explore-your-data-ml-nlp.asciidoc index d655cd4114..8fe9e9476d 100644 --- a/serverless/pages/explore-your-data-ml-nlp.asciidoc +++ b/serverless/pages/explore-your-data-ml-nlp.asciidoc @@ -2,8 +2,6 @@ // :keywords: serverless, elasticsearch, tbd -preview:[] - {nlp-cap} (NLP) refers to the way in which we can use software to understand natural language in spoken word or written text. diff --git a/serverless/pages/explore-your-data.asciidoc b/serverless/pages/explore-your-data.asciidoc index a9b8229bed..b274f1143e 100644 --- a/serverless/pages/explore-your-data.asciidoc +++ b/serverless/pages/explore-your-data.asciidoc @@ -4,9 +4,7 @@ // :description: Turn {es} data into actionable insights with aggregations, visualizations, and alerts // :keywords: serverless, elasticsearch, explore, overview -preview:[] - -In addition to search, {es-serverless} offers several options for analyzing and visualizing your data. +In addition to search, {es3} offers several options for analyzing and visualizing your data. [NOTE] ==== diff --git a/serverless/pages/files.asciidoc b/serverless/pages/files.asciidoc index c0716e8b84..bcd148a80e 100644 --- a/serverless/pages/files.asciidoc +++ b/serverless/pages/files.asciidoc @@ -4,8 +4,6 @@ // :description: Manage files that are stored in Elastic. // :keywords: serverless, Elasticsearch, Observability, Security -preview:[] - This content applies to: {es-badge} {obs-badge} {sec-badge} Several {serverless-full} features let you upload files. For example, you can add files to <> or upload a logo to an **Image** panel in a {kibana-ref}/dashboard.html[Dashboard]. diff --git a/serverless/pages/fleet-and-elastic-agent.asciidoc b/serverless/pages/fleet-and-elastic-agent.asciidoc index ae57b48bf8..69f59b7a7e 100644 --- a/serverless/pages/fleet-and-elastic-agent.asciidoc +++ b/serverless/pages/fleet-and-elastic-agent.asciidoc @@ -4,8 +4,6 @@ // :description: Centrally manage your Elastic Agents in Fleet // :keywords: serverless, ingest, fleet, elastic agent -preview:[] - This content applies to: {obs-badge} {sec-badge} {agent} is a single, unified way to add monitoring for logs, metrics, and other types of data to a host. diff --git a/serverless/pages/general-developer-tools.asciidoc b/serverless/pages/general-developer-tools.asciidoc index 02e4f842ad..23be484fa5 100644 --- a/serverless/pages/general-developer-tools.asciidoc +++ b/serverless/pages/general-developer-tools.asciidoc @@ -1,8 +1,6 @@ // :description: Use our developer tools to interact with your data. // :keywords: serverless, dev tools, overview -preview:[] - |=== | Feature | Description | Available in diff --git a/serverless/pages/get-started.asciidoc b/serverless/pages/get-started.asciidoc index 8acd015c71..dab32e2df0 100644 --- a/serverless/pages/get-started.asciidoc +++ b/serverless/pages/get-started.asciidoc @@ -4,8 +4,6 @@ // :description: Get started with {es3} in a few steps // :keywords: serverless, elasticsearch, getstarted, overview -preview:[] - On this page, you will learn how to: - <>. diff --git a/serverless/pages/index-management.asciidoc b/serverless/pages/index-management.asciidoc index 23a3f8e939..0d58b569d3 100644 --- a/serverless/pages/index-management.asciidoc +++ b/serverless/pages/index-management.asciidoc @@ -4,8 +4,6 @@ // :description: Perform CRUD operations on indices and data streams. View index settings, mappings, and statistics. // :keywords: serverless, Elasticsearch, Observability, Security -preview:[] - This content applies to: {es-badge} {obs-badge} {sec-badge} Elastic's index management features are an easy, convenient way to manage your cluster's indices, data streams, index templates, and enrich policies. diff --git a/serverless/pages/ingest-pipelines.asciidoc b/serverless/pages/ingest-pipelines.asciidoc index 69943721c2..da743d499d 100644 --- a/serverless/pages/ingest-pipelines.asciidoc +++ b/serverless/pages/ingest-pipelines.asciidoc @@ -4,8 +4,6 @@ // :description: Create and manage {ingest-pipelines} to perform common transformations and enrichments on your data. // :keywords: serverless, Elasticsearch, Observability, Security -preview:[] - This content applies to: {es-badge} {obs-badge} {sec-badge} {ref}/ingest.html[{ingest-pipelines-cap}] let you perform common transformations on your data before indexing. diff --git a/serverless/pages/ingest-your-data-ingest-data-through-api.asciidoc b/serverless/pages/ingest-your-data-ingest-data-through-api.asciidoc index da8389fc6b..78a14b9000 100644 --- a/serverless/pages/ingest-your-data-ingest-data-through-api.asciidoc +++ b/serverless/pages/ingest-your-data-ingest-data-through-api.asciidoc @@ -4,8 +4,6 @@ // :description: Add data to {es} using HTTP APIs or a language client. // :keywords: serverless, elasticsearch, ingest, api, how to -preview:[] - The {es} APIs enable you to ingest data through code. You can use the APIs of one of the <> or the diff --git a/serverless/pages/ingest-your-data-ingest-data-through-integrations-beats.asciidoc b/serverless/pages/ingest-your-data-ingest-data-through-integrations-beats.asciidoc index 9e5a2159a3..15d2b8c9f9 100644 --- a/serverless/pages/ingest-your-data-ingest-data-through-integrations-beats.asciidoc +++ b/serverless/pages/ingest-your-data-ingest-data-through-integrations-beats.asciidoc @@ -4,8 +4,6 @@ // :description: Use {beats} to ship operational data to {es}. // :keywords: serverless, elasticsearch, ingest, beats, how to -preview:[] - {beats} are lightweight data shippers that send operational data to {es}. Elastic provides separate {beats} for different types of data, such as logs, metrics, and uptime. Depending on what data you want to collect, you may need to install multiple shippers on a single host. diff --git a/serverless/pages/ingest-your-data-ingest-data-through-integrations-logstash.asciidoc b/serverless/pages/ingest-your-data-ingest-data-through-integrations-logstash.asciidoc index 5cca7bbb52..63640a7679 100644 --- a/serverless/pages/ingest-your-data-ingest-data-through-integrations-logstash.asciidoc +++ b/serverless/pages/ingest-your-data-ingest-data-through-integrations-logstash.asciidoc @@ -4,8 +4,6 @@ // :description: Use {ls} to ship data to {es}. // :keywords: serverless, elasticsearch, ingest, logstash, how to -preview:[] - {ls} is an open source data collection engine with real-time pipelining capabilities. It supports a wide variety of data sources, and can dynamically unify data from disparate sources and normalize the data into destinations of your choice. diff --git a/serverless/pages/ingest-your-data-upload-file.asciidoc b/serverless/pages/ingest-your-data-upload-file.asciidoc index 5520564d16..4c4bfeb24f 100644 --- a/serverless/pages/ingest-your-data-upload-file.asciidoc +++ b/serverless/pages/ingest-your-data-upload-file.asciidoc @@ -4,8 +4,6 @@ // :description: Add data to {es} using the File Uploader. // :keywords: serverless, elasticsearch, ingest, how to -preview:[] - You can upload files to {es} using the File Uploader. Use the visualizer to inspect the data before importing it. diff --git a/serverless/pages/ingest-your-data.asciidoc b/serverless/pages/ingest-your-data.asciidoc index 7a906530c6..aa4f772ff1 100644 --- a/serverless/pages/ingest-your-data.asciidoc +++ b/serverless/pages/ingest-your-data.asciidoc @@ -4,8 +4,6 @@ // :description: Add data to your {es-serverless} project. // :keywords: serverless, elasticsearch, ingest, overview -preview:[] - You have many options for ingesting, or indexing, data into {es}: * <> diff --git a/serverless/pages/integrations.asciidoc b/serverless/pages/integrations.asciidoc index 8b4425b62a..8236017185 100644 --- a/serverless/pages/integrations.asciidoc +++ b/serverless/pages/integrations.asciidoc @@ -4,8 +4,6 @@ // :description: Use our pre-built integrations to connect your data to Elastic. // :keywords: serverless, ingest, integration -preview:[] - This content applies to: {obs-badge} {sec-badge} Elastic integrations are a streamlined way to connect your data to Elastic. diff --git a/serverless/pages/knn-search.asciidoc b/serverless/pages/knn-search.asciidoc index ba2ade2cc5..0db335bc04 100644 --- a/serverless/pages/knn-search.asciidoc +++ b/serverless/pages/knn-search.asciidoc @@ -4,8 +4,6 @@ // :description: Vector search with k-nearest neighbor (kNN). // :keywords: serverless, elasticsearch, search, vector, knn, ann -preview:[] - A _k-nearest neighbor_ (kNN) search finds the _k_ nearest vectors to a query vector, as measured by a similarity metric. diff --git a/serverless/pages/logstash-pipelines.asciidoc b/serverless/pages/logstash-pipelines.asciidoc index 7f2551cda8..5a44ffd037 100644 --- a/serverless/pages/logstash-pipelines.asciidoc +++ b/serverless/pages/logstash-pipelines.asciidoc @@ -4,8 +4,6 @@ // :description: Create, edit, and delete your {ls} pipeline configurations. // :keywords: serverless, Elasticsearch, Observability, Security -preview:[] - This content applies to: {es-badge} {obs-badge} {sec-badge} In **{project-settings} → {manage-app} → {ls-pipelines-app}**, you can control multiple {ls} instances and pipeline configurations. diff --git a/serverless/pages/machine-learning.asciidoc b/serverless/pages/machine-learning.asciidoc index 5462e27801..5dba785e8a 100644 --- a/serverless/pages/machine-learning.asciidoc +++ b/serverless/pages/machine-learning.asciidoc @@ -4,8 +4,6 @@ // :description: View, export, and import {ml} jobs and models. // :keywords: serverless, Elasticsearch, Observability, Security -preview:[] - This content applies to: {es-badge} {obs-badge} {sec-badge} To view your {ml} resources, go to **{project-settings} → {manage-app} → {ml-app}**: diff --git a/serverless/pages/maintenance-windows.asciidoc b/serverless/pages/maintenance-windows.asciidoc index 38d0eb3840..525dd5922b 100644 --- a/serverless/pages/maintenance-windows.asciidoc +++ b/serverless/pages/maintenance-windows.asciidoc @@ -4,8 +4,6 @@ // :description: Suppress rule notifications for scheduled periods of time. // :keywords: serverless, Observability, Security -preview:[] - This content applies to: {obs-badge} {sec-badge} preview::[] diff --git a/serverless/pages/manage-access-to-org-from-existing-account.asciidoc b/serverless/pages/manage-access-to-org-from-existing-account.asciidoc index 20607b9e16..fd5ec2f26e 100644 --- a/serverless/pages/manage-access-to-org-from-existing-account.asciidoc +++ b/serverless/pages/manage-access-to-org-from-existing-account.asciidoc @@ -4,8 +4,6 @@ // :description: Join a new organization and bring over your projects. // :keywords: serverless, general, organization, join, how to -preview:[] - If you already belong to an organization, and you want to join a new one, it is currently not possible to bring your projects over to the new organization. If you want to join a new project, follow these steps: diff --git a/serverless/pages/manage-access-to-org-user-roles.asciidoc b/serverless/pages/manage-access-to-org-user-roles.asciidoc index 6569c153f3..9463d8310c 100644 --- a/serverless/pages/manage-access-to-org-user-roles.asciidoc +++ b/serverless/pages/manage-access-to-org-user-roles.asciidoc @@ -4,8 +4,6 @@ // :description: Manage the predefined set of roles and privileges for all your projects. // :keywords: serverless, general, organization, roles, how to -preview:[] - Within an organization, users can have one or more roles and each role grants specific privileges. You must assign user roles when you <>. diff --git a/serverless/pages/manage-billing-check-subscription.asciidoc b/serverless/pages/manage-billing-check-subscription.asciidoc index fe61ee1c66..920cb28897 100644 --- a/serverless/pages/manage-billing-check-subscription.asciidoc +++ b/serverless/pages/manage-billing-check-subscription.asciidoc @@ -4,8 +4,6 @@ // :description: Manage your account details and subscription level. // :keywords: serverless, general, billing, subscription -preview:[] - To find more details about your subscription: . Navigate to https://cloud.elastic.co/[cloud.elastic.co] and log in to your Elastic Cloud account. diff --git a/serverless/pages/manage-billing-history.asciidoc b/serverless/pages/manage-billing-history.asciidoc index d65f3d5f50..ec43f6ba53 100644 --- a/serverless/pages/manage-billing-history.asciidoc +++ b/serverless/pages/manage-billing-history.asciidoc @@ -4,8 +4,6 @@ // :description: Monitor payments and billing receipts. // :keywords: serverless, general, billing, history -preview:[] - Information about outstanding payments and billing receipts is available from the {ess-console}[{ess-console-name}]. To check your billing history: diff --git a/serverless/pages/manage-billing-monitor-usage.asciidoc b/serverless/pages/manage-billing-monitor-usage.asciidoc index 21828b4336..8803d1f7d9 100644 --- a/serverless/pages/manage-billing-monitor-usage.asciidoc +++ b/serverless/pages/manage-billing-monitor-usage.asciidoc @@ -4,8 +4,6 @@ // :description: Check the usage breakdown of your account. // :keywords: serverless, general, billing, usage -preview:[] - To get more details about your account usage: . Navigate to https://cloud.elastic.co/[cloud.elastic.co] and log in to your {ecloud} account. diff --git a/serverless/pages/manage-billing-pricing-model.asciidoc b/serverless/pages/manage-billing-pricing-model.asciidoc index 5dfd818536..273ea4d806 100644 --- a/serverless/pages/manage-billing-pricing-model.asciidoc +++ b/serverless/pages/manage-billing-pricing-model.asciidoc @@ -4,8 +4,6 @@ // :description: Understand how usage affects serverless pricing. // :keywords: serverless, general, billing, pricing model -preview:[] - Elastic Cloud serverless billing is based on your usage across these dimensions: * <> diff --git a/serverless/pages/manage-billing-stop-project.asciidoc b/serverless/pages/manage-billing-stop-project.asciidoc index 6500ac3d7e..4fad387695 100644 --- a/serverless/pages/manage-billing-stop-project.asciidoc +++ b/serverless/pages/manage-billing-stop-project.asciidoc @@ -4,8 +4,6 @@ // :description: How to stop charges for a project. // :keywords: serverless, general, billing -preview:[] - Got a project you no longer need and don't want to be charged for? Simply delete it. Warning: All data is lost. Billing for usage is by the hour and any outstanding charges for usage before you deleted the project will still appear on your next bill. diff --git a/serverless/pages/manage-billing.asciidoc b/serverless/pages/manage-billing.asciidoc index 101903e915..1d70c614ad 100644 --- a/serverless/pages/manage-billing.asciidoc +++ b/serverless/pages/manage-billing.asciidoc @@ -8,14 +8,6 @@ Manage billing ++++ -preview:[] - -.Serverless billing starts June 1, 2024 -[IMPORTANT] -==== -Until May 31, 2024, your serverless consumption will not incur any charges, but will be visible along with your total Elastic Cloud consumption on the https://cloud.elastic.co/billing/usage[Billing Usage page]. Unless you are in a trial period, usage on or after June 1, 2024 will be deducted from your existing Elastic Cloud credits or be billed to your active payment method. -==== - You can manage the billing details of your organization directly from the Elastic Cloud console. . Navigate to https://cloud.elastic.co/[cloud.elastic.co] and log in to your Elastic Cloud account. diff --git a/serverless/pages/manage-org.asciidoc b/serverless/pages/manage-org.asciidoc index a74ca77d27..a65f809ba0 100644 --- a/serverless/pages/manage-org.asciidoc +++ b/serverless/pages/manage-org.asciidoc @@ -4,8 +4,6 @@ // :description: Manage your instances, users, and settings. // :keywords: serverless, general, organization, overview -preview:[] - When you sign up to Elastic Cloud, you create an **organization**. This organization is the umbrella for all of your Elastic Cloud resources, users, and account settings. Every organization has a unique identifier. Bills are invoiced according to the billing contact and details that you set for your organization. diff --git a/serverless/pages/manage-your-project-rest-api.asciidoc b/serverless/pages/manage-your-project-rest-api.asciidoc index 6b8ce3f95e..bc6e9996ad 100644 --- a/serverless/pages/manage-your-project-rest-api.asciidoc +++ b/serverless/pages/manage-your-project-rest-api.asciidoc @@ -4,8 +4,6 @@ // :description: Manage your organization's serverless projects using the REST API. // :keywords: serverless, project, manage, rest, api -preview:[] - You can manage serverless projects using the https://www.elastic.co/docs/api/doc/elastic-cloud-serverless[Elastic Cloud Serverless REST API]. This API allows you to create, update, and delete projects, as well as manage project features and usage. [TIP] diff --git a/serverless/pages/manage-your-project.asciidoc b/serverless/pages/manage-your-project.asciidoc index ee314e9737..ffa9a0d48f 100644 --- a/serverless/pages/manage-your-project.asciidoc +++ b/serverless/pages/manage-your-project.asciidoc @@ -4,8 +4,6 @@ // :description: Configure project-wide features and usage. // :keywords: serverless, elasticsearch, project, manage -preview:[] - To manage a project: . Navigate to https://cloud.elastic.co/[cloud.elastic.co]. diff --git a/serverless/pages/maps.asciidoc b/serverless/pages/maps.asciidoc index d289dfd146..17655ac848 100644 --- a/serverless/pages/maps.asciidoc +++ b/serverless/pages/maps.asciidoc @@ -4,8 +4,6 @@ // :description: Create maps from your geographical data. // :keywords: serverless, Security -preview:[] - This content applies to: {sec-badge} In **{project-settings} → {maps-app}** you can: diff --git a/serverless/pages/pricing.asciidoc b/serverless/pages/pricing.asciidoc index d5d3028944..4e4df2bdeb 100644 --- a/serverless/pages/pricing.asciidoc +++ b/serverless/pages/pricing.asciidoc @@ -4,8 +4,6 @@ // :description: Learn about how Elasticsearch usage affects pricing. // :keywords: serverless, elasticsearch, overview -preview:[] - Elasticsearch is priced based on consumption of the underlying infrastructure that supports your use case, with the performance characteristics you need. Measurements are in Virtual Compute Units (VCUs). diff --git a/serverless/pages/profile-queries-and-aggregations.asciidoc b/serverless/pages/profile-queries-and-aggregations.asciidoc index 67f67f0d8d..e1c2b98acc 100644 --- a/serverless/pages/profile-queries-and-aggregations.asciidoc +++ b/serverless/pages/profile-queries-and-aggregations.asciidoc @@ -4,8 +4,6 @@ // :description: Diagnose and debug poorly performing search queries. // :keywords: serverless, dev tools, how-to -preview:[] - This content applies to: {es-badge} {obs-badge} {sec-badge} //// diff --git a/serverless/pages/project-and-management-settings.asciidoc b/serverless/pages/project-and-management-settings.asciidoc index a23249cd8a..4cf44b625c 100644 --- a/serverless/pages/project-and-management-settings.asciidoc +++ b/serverless/pages/project-and-management-settings.asciidoc @@ -1,8 +1,6 @@ // :description: Learn about capabilities available in multiple serverless solutions. // :keywords: serverless, observability, security, elasticsearch, overview -preview:[] - The documentation in this section describes shared capabilities that are available in multiple solutions. Look for the doc badge on each page to see if the page is valid for your solution: diff --git a/serverless/pages/project-settings.asciidoc b/serverless/pages/project-settings.asciidoc index c10545d2b6..9dc0f0c2db 100644 --- a/serverless/pages/project-settings.asciidoc +++ b/serverless/pages/project-settings.asciidoc @@ -8,8 +8,6 @@ Management ++++ -preview:[] - Go to **Project settings**, then ** Management** to manage your indices, data views, saved objects, settings, and more. You can also open Management by using the {kibana-ref}/kibana-concepts-analysts.html#_finding_your_apps_and_objects[global search field]. diff --git a/serverless/pages/reports.asciidoc b/serverless/pages/reports.asciidoc index 533313c194..4061479c78 100644 --- a/serverless/pages/reports.asciidoc +++ b/serverless/pages/reports.asciidoc @@ -4,8 +4,6 @@ // :description: View and manage generated reports. // :keywords: serverless, Elasticsearch, Observability, Security -preview:[] - This content applies to: {es-badge} {obs-badge} {sec-badge} {kib} provides you with several options to share saved searches, dashboards, and visualizations. diff --git a/serverless/pages/rules.asciidoc b/serverless/pages/rules.asciidoc index b8cf47bd88..5c3389534f 100644 --- a/serverless/pages/rules.asciidoc +++ b/serverless/pages/rules.asciidoc @@ -4,8 +4,6 @@ // :description: Alerting works by running checks on a schedule to detect conditions defined by a rule. // :keywords: serverless, Elasticsearch, alerting, learn -preview:[] - This content applies to: {es-badge} In general, a rule consists of three parts: diff --git a/serverless/pages/run-api-requests-in-the-console.asciidoc b/serverless/pages/run-api-requests-in-the-console.asciidoc index fd540cca3e..b49d4f2934 100644 --- a/serverless/pages/run-api-requests-in-the-console.asciidoc +++ b/serverless/pages/run-api-requests-in-the-console.asciidoc @@ -4,8 +4,6 @@ // :description: Use the Console to interact with Elastic REST APIs. // :keywords: serverless, dev tools, how-to -preview:[] - This content applies to: {es-badge} {obs-badge} {sec-badge} **Console** lets you interact with https://www.elastic.co/docs/api[{es} and Kibana serverless APIs] from your project. diff --git a/serverless/pages/saved-objects.asciidoc b/serverless/pages/saved-objects.asciidoc index bb8a4d7f8c..dc0bd8e50a 100644 --- a/serverless/pages/saved-objects.asciidoc +++ b/serverless/pages/saved-objects.asciidoc @@ -4,8 +4,6 @@ // :description: Manage your saved objects, including dashboards, visualizations, maps, {data-sources}, and more. // :keywords: serverless, Elasticsearch, Observability, Security -preview:[] - This content applies to: {es-badge} {obs-badge} {sec-badge} To get started, go to **{project-settings} → {manage-app} → {saved-objects-app}**: diff --git a/serverless/pages/search-playground.asciidoc b/serverless/pages/search-playground.asciidoc index 992ed6fb3e..83aefb73c6 100644 --- a/serverless/pages/search-playground.asciidoc +++ b/serverless/pages/search-playground.asciidoc @@ -4,8 +4,6 @@ // :description: Test and edit Elasticsearch queries and chat with your data using LLMs. // :keywords: serverless, elasticsearch, search, playground, GenAI, LLMs -preview:[] - Use the Search Playground to test and edit {es} queries visually in the UI. Then use the Chat Playground to combine your {es} data with large language models (LLMs) for retrieval augmented generation (RAG). You can also view the underlying Python code that powers the chat interface, and use it in your own application. diff --git a/serverless/pages/search-with-synonyms.asciidoc b/serverless/pages/search-with-synonyms.asciidoc index c38ea8e0df..e107513488 100644 --- a/serverless/pages/search-with-synonyms.asciidoc +++ b/serverless/pages/search-with-synonyms.asciidoc @@ -4,8 +4,6 @@ // :description: Use synonyms to search for words or phrases that have the same or similar meaning. // :keywords: serverless, elasticsearch, search, synonyms -preview:[] - Synonyms are words or phrases that have the same or similar meaning. They are an important aspect of search, as they can improve the search experience and increase the scope of search results. diff --git a/serverless/pages/search-your-data-semantic-search-elser.asciidoc b/serverless/pages/search-your-data-semantic-search-elser.asciidoc index eba40284c8..5e9d49070f 100644 --- a/serverless/pages/search-your-data-semantic-search-elser.asciidoc +++ b/serverless/pages/search-your-data-semantic-search-elser.asciidoc @@ -4,8 +4,6 @@ // :description: Perform semantic search using ELSER, an NLP model trained by Elastic. // :keywords: elasticsearch, elser, semantic search -preview:[] - Elastic Learned Sparse EncodeR - or ELSER - is an NLP model trained by Elastic that enables you to perform semantic search by using sparse vector representation. Instead of literal matching on search terms, semantic search diff --git a/serverless/pages/search-your-data-semantic-search.asciidoc b/serverless/pages/search-your-data-semantic-search.asciidoc index c04f26e80c..efe8670f61 100644 --- a/serverless/pages/search-your-data-semantic-search.asciidoc +++ b/serverless/pages/search-your-data-semantic-search.asciidoc @@ -4,8 +4,6 @@ // :description: Find data based on the intent and contextual meaning of a search query with semantic search // :keywords: elasticsearch, elser, semantic search -preview:[] - Semantic search is a search method that helps you find data based on the intent and contextual meaning of a search query, instead of a match on query terms (lexical search). diff --git a/serverless/pages/search-your-data-the-search-api.asciidoc b/serverless/pages/search-your-data-the-search-api.asciidoc index 1574332ae6..dcf65a9581 100644 --- a/serverless/pages/search-your-data-the-search-api.asciidoc +++ b/serverless/pages/search-your-data-the-search-api.asciidoc @@ -4,8 +4,6 @@ // :description: Run queries and aggregations with the search API. // :keywords: serverless, elasticsearch, API -preview:[] - A _search_ consists of one or more queries that are combined and sent to {es}. Documents that match a search's queries are returned in the _hits_, or _search results_, of the response. diff --git a/serverless/pages/search-your-data.asciidoc b/serverless/pages/search-your-data.asciidoc index b74c844cf1..196e5b1c49 100644 --- a/serverless/pages/search-your-data.asciidoc +++ b/serverless/pages/search-your-data.asciidoc @@ -4,8 +4,6 @@ // :description: Use the search API to run queries on your data. // :keywords: serverless, elasticsearch, search -preview:[] - A search query, or query, is a request for information about data in {es} data streams or indices. You can think of a query as a question, written in a way {es} understands. Depending on your data, you can use a query to get answers to questions like: diff --git a/serverless/pages/serverless-differences.asciidoc b/serverless/pages/serverless-differences.asciidoc index 6ee6b81293..65533244e7 100644 --- a/serverless/pages/serverless-differences.asciidoc +++ b/serverless/pages/serverless-differences.asciidoc @@ -8,8 +8,6 @@ Serverless differences ++++ -preview:[] - Some features that are available in Elastic Cloud Hosted and self-managed offerings are not available in {es-serverless}. These features have either been replaced by a new feature, or are not applicable in the new Serverless architecture: diff --git a/serverless/pages/tags.asciidoc b/serverless/pages/tags.asciidoc index 88e161591f..5c126c6595 100644 --- a/serverless/pages/tags.asciidoc +++ b/serverless/pages/tags.asciidoc @@ -4,8 +4,6 @@ // :description: Use tags to categorize your saved objects, then filter for related objects based on shared tags. // :keywords: serverless, Elasticsearch, Observability, Security -preview:[] - This content applies to: {es-badge} {obs-badge} {sec-badge} To get started, go to **{project-settings} → {manage-app} → {tags-app}**: diff --git a/serverless/pages/technical-preview-limitations.asciidoc b/serverless/pages/technical-preview-limitations.asciidoc index a307e053f5..ccb2ee8c90 100644 --- a/serverless/pages/technical-preview-limitations.asciidoc +++ b/serverless/pages/technical-preview-limitations.asciidoc @@ -4,8 +4,6 @@ // :description: Review the limitations that apply to {es-serverless} projects. // :keywords: serverless, elasticsearch -preview:[] - The following are currently not available: * Custom plugins and custom bundles diff --git a/serverless/pages/transforms.asciidoc b/serverless/pages/transforms.asciidoc index 29e6187a23..c561356f10 100644 --- a/serverless/pages/transforms.asciidoc +++ b/serverless/pages/transforms.asciidoc @@ -4,8 +4,6 @@ // :description: Use transforms to pivot existing indices into summarized or entity-centric indices. // :keywords: serverless, Elasticsearch, Observability, Security -preview:[] - This content applies to: {es-badge} {obs-badge} {sec-badge} {transforms-cap} enable you to convert existing {es} indices into summarized diff --git a/serverless/pages/user-profile.asciidoc b/serverless/pages/user-profile.asciidoc index 5d7a04f93c..fb8d8b39a3 100644 --- a/serverless/pages/user-profile.asciidoc +++ b/serverless/pages/user-profile.asciidoc @@ -4,8 +4,6 @@ // :description: Manage your profile settings. // :keywords: serverless, general, profile, update -preview:[] - To edit your user profile, go to the user icon on the header bar and select **Profile**. [discrete] diff --git a/serverless/pages/welcome-to-serverless.asciidoc b/serverless/pages/welcome-to-serverless.asciidoc index a42f4420ec..2d1f993d52 100644 --- a/serverless/pages/welcome-to-serverless.asciidoc +++ b/serverless/pages/welcome-to-serverless.asciidoc @@ -10,8 +10,6 @@ ++++ -preview:[] - Elastic serverless products allow you to deploy and use Elastic for your use cases without managing the underlying Elastic cluster, such as nodes, data tiers, and scaling. Serverless instances are fully-managed, autoscaled, and automatically upgraded by Elastic so you can focus more on gaining value and insight from your data. diff --git a/serverless/pages/what-is-elasticsearch-serverless.asciidoc b/serverless/pages/what-is-elasticsearch-serverless.asciidoc index 58fbb60d8a..e6722e03e7 100644 --- a/serverless/pages/what-is-elasticsearch-serverless.asciidoc +++ b/serverless/pages/what-is-elasticsearch-serverless.asciidoc @@ -4,9 +4,16 @@ // :description: Build search solutions and applications with {es-serverless}. // :keywords: serverless, elasticsearch, overview +<<<<<<< HEAD preview:[] [TIP] +======= +Elasticsearch allows you to build custom applications. Whether you have structured or unstructured text, numerical data, or geospatial data, Elasticsearch can efficiently store and index it in a way that supports fast searches. + +.Understanding Elasticsearch on serverless +[IMPORTANT] +>>>>>>> f77bb4b (removing preview tag) ==== If you haven't used {es} before, first learn the basics in the https://www.elastic.co/guide/en/elasticsearch/reference/current/elasticsearch-intro.html[core {es} documentation]. ==== diff --git a/serverless/pages/what-is-serverless.asciidoc b/serverless/pages/what-is-serverless.asciidoc index 8999cbd112..de9dfef961 100644 --- a/serverless/pages/what-is-serverless.asciidoc +++ b/serverless/pages/what-is-serverless.asciidoc @@ -21,12 +21,6 @@ The size of the cache layer and the volume of data it holds depend on < Date: Wed, 20 Nov 2024 14:33:31 -0700 Subject: [PATCH 2/5] removing removed pages --- .../pages/explore-your-data-alerting.asciidoc | 157 -------------- ...lore-your-data-discover-your-data.asciidoc | 199 ------------------ 2 files changed, 356 deletions(-) delete mode 100644 serverless/pages/explore-your-data-alerting.asciidoc delete mode 100644 serverless/pages/explore-your-data-discover-your-data.asciidoc diff --git a/serverless/pages/explore-your-data-alerting.asciidoc b/serverless/pages/explore-your-data-alerting.asciidoc deleted file mode 100644 index c3e243d973..0000000000 --- a/serverless/pages/explore-your-data-alerting.asciidoc +++ /dev/null @@ -1,157 +0,0 @@ -[[elasticsearch-explore-your-data-alerting]] -= Manage alerting rules - -// :description: Define when to generate alerts and notifications with alerting rules. -// :keywords: serverless, elasticsearch, alerting, how-to - -++++ -Alerts -++++ - -In **{alerts-app}** or **{project-settings} → {manage-app} → {rules-app}** you can: - -* Create and edit rules -* Manage rules including enabling/disabling, muting/unmuting, and deleting -* Drill down to rule details -* Configure rule settings - -[role="screenshot"] -image::images/rules-ui.png[Example rule listing in {rules-ui}] - -For an overview of alerting concepts, go to <>. - -//// -/* ## Required permissions - -Access to rules is granted based on your {alert-features} privileges. */ -//// - -//// -/* MISSING LINK: -For more information, go to missing linkSecuritys. */ -//// - -[discrete] -[[elasticsearch-explore-your-data-alerting-create-and-edit-rules]] -== Create and edit rules - -When you click the **Create rule** button, it launches a flyout that guides you through selecting a rule type and configuring its conditions and actions. - -[role="screenshot"] -image::images/alerting-overview.png[{rules-ui} app] - -The rule types available in an {es} project are: - -* {kibana-ref}/rule-type-es-query.html[{es} query] -* {kibana-ref}/rule-type-index-threshold.html[Index threshold] -* {kibana-ref}/geo-alerting.html[Tracking containement] -* {ref}/transform-alerts.html[Transform health] - -After a rule is created, you can open the action menu (…) and select **Edit rule** to re-open the flyout and change the rule properties. - -You can also manage rules as resources with the https://registry.terraform.io/providers/elastic/elasticstack/latest[Elasticstack provider] for Terraform. -For more details, refer to the https://registry.terraform.io/providers/elastic/elasticstack/latest/docs/resources/kibana_alerting_rule[elasticstack_kibana_alerting_rule] resource. - -// For details on what types of rules are available and how to configure them, refer to [Rule types]({kibana-ref}/rule-types.html). - -// missing link - -[discrete] -[[elasticsearch-explore-your-data-alerting-snooze-and-disable-rules]] -== Snooze and disable rules - -The rule listing enables you to quickly snooze, disable, enable, or delete individual rules. -For example, you can change the state of a rule: - -[role="screenshot"] -image::images/rule-enable-disable.png[Use the rule status dropdown to enable or disable an individual rule] - -When you snooze a rule, the rule checks continue to run on a schedule but the alert will not trigger any actions. -You can snooze for a specified period of time, indefinitely, or schedule single or recurring downtimes: - -[role="screenshot"] -image::images/rule-snooze-panel.png[Snooze notifications for a rule] - -When a rule is in a snoozed state, you can cancel or change the duration of this state. - -[discrete] -[[elasticsearch-explore-your-data-alerting-import-and-export-rules]] -== Import and export rules - -To import and export rules, use <>. - -//// -/* -TBD: Do stack monitoring rules exist in serverless? -Stack monitoring rules are automatically created for you and therefore cannot be managed in **Saved Objects**. -*/ -//// - -Rules are disabled on export. You are prompted to re-enable the rule on successful import. - -[role="screenshot"] -image::images/rules-imported-banner.png[Rules import banner] - -[discrete] -[[elasticsearch-explore-your-data-alerting-view-rule-details]] -== View rule details - -You can determine the health of a rule by looking at its **Last response**. -A rule can have one of the following responses: - -`failed`:: -The rule ran with errors. - -`succeeded`:: -The rule ran without errors. - -`warning`:: -The rule ran with some non-critical errors. - -Click the rule name to access a rule details page: - -[role="screenshot"] -image::images/rule-details-alerts-active.png[Rule details page with multiple alerts] - -In this example, the rule detects when a site serves more than a threshold number of bytes in a 24 hour period. Four sites are above the threshold. These are called alerts - occurrences of the condition being detected - and the alert name, status, time of detection, and duration of the condition are shown in this view. Alerts come and go from the list depending on whether the rule conditions are met. - -When an alert is created, it generates actions. If the conditions that caused the alert persist, the actions run again according to the rule notification settings. There are three common alert statuses: - -`active`:: -The conditions for the rule are met and actions should be generated according to the notification settings. - -`flapping`:: -The alert is switching repeatedly between active and recovered states. - -`recovered`:: -The conditions for the rule are no longer met and recovery actions should be generated. - -.Flapping alerts -[NOTE] -==== -The `flapping` state is possible only if you have enabled alert flapping detection in **{rules-ui}** → **Settings**. A look back window and threshold are used to determine whether alerts are flapping. For example, you can specify that the alert must change status at least 6 times in the last 10 runs. If the rule has actions that run when the alert status changes, those actions are suppressed while the alert is flapping. -==== - -If there are rule actions that failed to run successfully, you can see the details on the **History** tab. -In the **Message** column, click the warning or expand icon or click the number in the **Errored actions** column to open the **Errored Actions** panel. - -// - -//// -/* -TBD: Is this setting still feasible in serverless? -In this example, the action failed because the `xpack.actions.email.domain_allowlist` setting was updated and the action's email recipient is no longer included in the allowlist: - -![Rule history page with alerts that have errored actions](../images/rule-details-errored-actions.png) -*/ -//// - -// If an alert was affected by a maintenance window, its identifier appears in the **Maintenance windows** column. - -You can suppress future actions for a specific alert by turning on the **Mute** toggle. -If a muted alert no longer meets the rule conditions, it stays in the list to avoid generating actions if the conditions recur. -You can also disable a rule, which stops it from running checks and clears any alerts it was tracking. -You may want to disable rules that are not currently needed to reduce the load on your cluster. - -[role="screenshot"] -image::images/rule-details-disabling.png[Use the disable toggle to turn off rule checks and clear alerts tracked] diff --git a/serverless/pages/explore-your-data-discover-your-data.asciidoc b/serverless/pages/explore-your-data-discover-your-data.asciidoc deleted file mode 100644 index ba4325eabc..0000000000 --- a/serverless/pages/explore-your-data-discover-your-data.asciidoc +++ /dev/null @@ -1,199 +0,0 @@ -[[elasticsearch-explore-your-data-discover-your-data]] -= Discover your data - -// :description: Learn how to use Discover to gain insights into your data. -// :keywords: serverless, elasticsearch, discover data, how to - - -With **Discover**, you can quickly search and filter your data, get information -about the structure of the fields, and display your findings in a visualization. -You can also customize and save your searches and place them on a dashboard. - -[discrete] -[[elasticsearch-explore-your-data-discover-your-data-explore-and-query-your-data]] -== Explore and query your data - -This tutorial shows you how to use **Discover** to search large amounts of -data and understand what’s going on at any given time. This tutorial uses the book sample data set from the <>. - -You’ll learn to: - -* **Select** data for your exploration, set a time range for that data, -search it with the {kib} Query Language, and filter the results. -* **Explore** the details of your data, view individual documents, and create tables -that summarize the contents of the data. -* **Present** your findings in a visualization. - -At the end of this tutorial, you’ll be ready to start exploring with your own -data in **Discover**. - -[discrete] -[[elasticsearch-explore-your-data-discover-your-data-find-your-data]] -== Find your data - -Tell {kib} where to find the data you want to explore, and then specify the time range in which to view that data. - -. Once the book sample data has been ingested, navigate to **Explore → Discover** and click **Create data view**. -. Give your data view a name. -+ -[role="screenshot"] -image::images/create-data-view.png[Create a data view] -+ -. Start typing in the **Index pattern** field, and the names of indices, data streams, and aliases that match your input will be displayed. -+ -** To match multiple sources, use a wildcard (*), for example, `b*` and any indices starting with the letter `b` display. -** To match multiple sources, enter their names separated by a comma. Do not include a space after the comma. For example `books,magazines` would match two indices: `books` and `magazines`. -** To exclude a source, use a minus sign (-), for example `-books`. -. In the **Timestamp** field dropdown, and then select `release_date`. -+ -** If you don't set a time field, you can't use global time filters on your dashboards. Leaving the time field unset might be useful if you have multiple time fields and want to create dashboards that combine visualizations based on different timestamps. -** If your index doesn't have time-based data, choose **I don't want to use the time filter**. -. Click **Show advanced settings** to: -+ -** Display hidden and system indices. -** Specify your own data view name. For example, enter your Elasticsearch index alias name. -. Click **Save data view to {kib}**. -. Adjust the time range to view data for the **Last 40 years** to view all your book data. -+ -[role="screenshot"] -image::images/book-data.png[Your book data displayed] - -[discrete] -[[explore-fields-in-your-data]] -== Explore the fields in your data - -**Discover** includes a table that shows all the documents that match your search. By default, the document table includes a column for the time field and a column that lists all other fields in the document. You’ll modify the document table to display your fields of interest. - -. In the sidebar, enter `au` in the search field to find the `author` field. -. In the **Available fields** list, click `author` to view its most popular values. -+ -**Discover** shows the top 10 values and the number of records used to calculate those values. -+ -. Click image:images/icons/plusInCircleFilled.svg[Add] to toggle the field into the document table. You can also drag the field from the **Available fields** list into the document table. - -[discrete] -[[elasticsearch-explore-your-data-discover-your-data-add-a-field-to-your-data-source]] -== Add a field to your {data-source} - -What happens if you forgot to define an important value as a separate field? Or, what if you -want to combine two fields and treat them as one? This is where {ref}/runtime.html[runtime fields] come into play. -You can add a runtime field to your {data-source} from inside of **Discover**, -and then use that field for analysis and visualizations, -the same way you do with other fields. - -. In the sidebar, click **Add a field**. -. In the **Create field** form, enter `hello` for the name. -. Turn on **Set value**. -. Define the script using the Painless scripting language. Runtime fields require an `emit()`. -+ -[source,ts] ----- -emit("Hello World!"); ----- -. Click **Save**. -. In the sidebar, search for the **hello** field, and then add it to the document table. -. Create a second field named `authorabbrev` that combines the authors last name and first initial. -+ -[source,ts] ----- -String str = doc['author.keyword'].value; -char ch1 = str.charAt(0); -emit(doc['author.keyword'].value + ", " + ch1); ----- -. Add `authorabbrev` to the document table. - -[role="screenshot"] -image::images/add-fields.png[How the fields you just created should display] - -[discrete] -[[search-in-discover]] -== Search your data - -One of the unique capabilities of **Discover** is the ability to combine free text search with filtering based on structured data. To search all fields, enter a simple string in the query bar. - -To search particular fields and build more complex queries, use the {kib} Query language. As you type, KQL prompts you with the fields you can search and the operators you can use to build a structured query. - -Search the book data to find out which books have more than 500 pages: - -. Enter `p`, and then select **page_count**. -. Select **>** for greater than and enter **500**, then click the refresh button or press the Enter key to see which books have more than 500 pages. - -[discrete] -[[filter-in-discover]] -== Filter your data - -Whereas the query defines the set of documents you are interested in, -filters enable you to zero in on subsets of those documents. -You can filter results to include or exclude specific fields, filter for a value in a range, -and more. - -Exclude documents where the author is not Terry Pratchett: - -. Click image:images/icons/plusInCircleFilled.svg[Add] next to the query bar. -. In the **Add filter** pop-up, set the field to **author**, the operator to **is not**, and the value to **Terry Pratchett**. -. Click **Add filter**. -. Continue your exploration by adding more filters. -. To remove a filter, click the close icon (x) next to its name in the filter bar. - -[discrete] -[[look-inside-a-document]] -== Look inside a document - -Dive into an individual document to view its fields and the documents that occurred before and after it. - -. In the document table, click the expand icon image:images/icons/expand.svg[View details] to show document details. -. Scan through the fields and their values. If you find a field of interest, hover your mouse over the **Actions** column for filters and other options. -. To create a view of the document that you can bookmark and share, click **Single document**. -. To view documents that occurred before or after the event you are looking at, click **Surrounding documents**. - -[discrete] -[[save-your-search]] -== Save your search for later use - -Save your search so you can use it later to generate a CSV report, create visualizations and Dashboards. Saving a search saves the query text, filters, and current view of **Discover**, including the columns selected in the document table, the sort order, and the {data-source}. - -. In the upper right toolbar, click **Save**. -. Give your search a title. -. Optionally store tags and the time range with the search. -. Click **Save**. - -[discrete] -[[elasticsearch-explore-your-data-discover-your-data-visualize-your-findings]] -== Visualize your findings - -If a field can be {ref}/search-aggregations.html[aggregated], you can quickly visualize it from **Discover**. - -. In the sidebar, find and then click `release_date`. -. In the popup, click **Visualize**. -+ -[NOTE] -==== -{kib} creates a visualization best suited for this field. -==== -+ -. From the **Available fields** list, drag and drop `page_count` onto the workspace. -. Save your visualization for use on a dashboard. - -For geographical point fields, if you click **Visualize**, your data appears in a map. - -[discrete] -[[share-your-findings]] -== Share your findings - -To share your findings with a larger audience, click **Share** in the upper right toolbar. - -[discrete] -[[alert-from-Discover]] -== Generate alerts - -From **Discover**, you can create a rule to periodically check when data goes above or below a certain threshold within a given time interval. - -. Ensure that your data view, -query, and filters fetch the data for which you want an alert. -. In the toolbar, click **Alerts → Create search threshold rule**. -+ -The **Create rule** form is pre-filled with the latest query sent to {es}. -. Configure your {es} query and select a connector type. -. Click **Save**. - -For more about this and other rules provided in {alert-features}, go to <>. From 6902312d4b42b5b7fccad8f2aa4340f4a4219abf Mon Sep 17 00:00:00 2001 From: George Wallace Date: Wed, 20 Nov 2024 14:36:08 -0700 Subject: [PATCH 3/5] removing blog link --- serverless/pages/what-is-serverless.asciidoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/serverless/pages/what-is-serverless.asciidoc b/serverless/pages/what-is-serverless.asciidoc index de9dfef961..f3ca114384 100644 --- a/serverless/pages/what-is-serverless.asciidoc +++ b/serverless/pages/what-is-serverless.asciidoc @@ -3,8 +3,8 @@ // :keywords: serverless -Serverless projects use the core components of the {stack}, such as {es} and {kib}, and are based on https://www.elastic.co/blog/elastic-serverless-architecture[an architecture that -decouples compute and storage]. Search and indexing operations are separated, which offers high flexibility for scaling your workloads while ensuring +Serverless projects use the core components of the {stack}, such as {es} and {kib}, and are based on an architecture that +decouples compute and storage. Search and indexing operations are separated, which offers high flexibility for scaling your workloads while ensuring a high level of performance. **Management free.** Elastic manages the underlying Elastic cluster, so you can focus on your data. With serverless projects, Elastic is responsible for automatic upgrades, data backups, From 493d0018a6b86fcef6675830f274e1a62ae60640 Mon Sep 17 00:00:00 2001 From: George Wallace Date: Wed, 20 Nov 2024 18:47:06 -0700 Subject: [PATCH 4/5] fixing merge conflict error message in doc --- serverless/pages/what-is-elasticsearch-serverless.asciidoc | 6 ------ 1 file changed, 6 deletions(-) diff --git a/serverless/pages/what-is-elasticsearch-serverless.asciidoc b/serverless/pages/what-is-elasticsearch-serverless.asciidoc index e6722e03e7..713da55ca9 100644 --- a/serverless/pages/what-is-elasticsearch-serverless.asciidoc +++ b/serverless/pages/what-is-elasticsearch-serverless.asciidoc @@ -4,16 +4,10 @@ // :description: Build search solutions and applications with {es-serverless}. // :keywords: serverless, elasticsearch, overview -<<<<<<< HEAD -preview:[] - -[TIP] -======= Elasticsearch allows you to build custom applications. Whether you have structured or unstructured text, numerical data, or geospatial data, Elasticsearch can efficiently store and index it in a way that supports fast searches. .Understanding Elasticsearch on serverless [IMPORTANT] ->>>>>>> f77bb4b (removing preview tag) ==== If you haven't used {es} before, first learn the basics in the https://www.elastic.co/guide/en/elasticsearch/reference/current/elasticsearch-intro.html[core {es} documentation]. ==== From 853824ebd7b9f0da249f11f2c76e3ad5eb47f20f Mon Sep 17 00:00:00 2001 From: George Wallace Date: Wed, 20 Nov 2024 19:18:46 -0700 Subject: [PATCH 5/5] removing custom roles from limitations --- serverless/pages/technical-preview-limitations.asciidoc | 1 - 1 file changed, 1 deletion(-) diff --git a/serverless/pages/technical-preview-limitations.asciidoc b/serverless/pages/technical-preview-limitations.asciidoc index ccb2ee8c90..f34629a2c0 100644 --- a/serverless/pages/technical-preview-limitations.asciidoc +++ b/serverless/pages/technical-preview-limitations.asciidoc @@ -12,7 +12,6 @@ The following are currently not available: * Snapshot and restore * Clone index API * Migrations from non-serverless {es} deployments. In the interim, you can <> to move data to and from serverless projects. -* Custom roles * Audit logging * {es} for Apache Hadoop