diff --git a/manage-data/lifecycle/data-tiers.md b/manage-data/lifecycle/data-tiers.md index 1ea3ebe769..75c23810dc 100644 --- a/manage-data/lifecycle/data-tiers.md +++ b/manage-data/lifecycle/data-tiers.md @@ -260,7 +260,7 @@ To make sure that all data can be migrated from the data tier you want to disabl } ``` - Removing required attributes does not trigger a shard reallocation. These shards are moved when applying the plan to disable the data tier. Alternatively, you can use the [cluster re-route API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-reroute.html) to manually re-allocate the shards before removing the nodes, or explicitly re-allocate shards to hot nodes by using the following code: + Removing required attributes does not trigger a shard reallocation. These shards are moved when applying the plan to disable the data tier. Alternatively, you can use the [cluster re-route API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-reroute) to manually re-allocate the shards before removing the nodes, or explicitly re-allocate shards to hot nodes by using the following code: ```sh PUT /my-index/_settings @@ -442,9 +442,9 @@ When {{es}} creates an index as part of a [data stream](/manage-data/data-store/ At the time of index creation, you can override the default setting by explicitly setting the preferred value in one of two ways: * Using an [index template](/manage-data/data-store/templates.md). Refer to [Automate rollover with ILM](/manage-data/lifecycle/index-lifecycle-management.md) for details. -* Within the [create index](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-create-index.html) request body. +* Within the [create index](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-create) request body. -You can override this setting after index creation by [updating the index setting](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-update-settings.html) to the preferred value. +You can override this setting after index creation by [updating the index setting](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-put-settings) to the preferred value. This setting also accepts multiple tiers in order of preference. This prevents indices from remaining unallocated if no nodes are available in the preferred tier. For example, when {{ilm}} migrates an index to the cold phase, it sets the index `_tier_preference` to `data_cold,data_warm,data_hot`. @@ -452,7 +452,7 @@ To remove the data tier preference setting, set the `_tier_preference` value to ### Determine the current data tier preference [data-tier-allocation-value] -You can check an existing index’s data tier preference by [polling its settings](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-get-settings.html) for `index.routing.allocation.include._tier_preference`: +You can check an existing index’s data tier preference by [polling its settings](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-get-settings) for `index.routing.allocation.include._tier_preference`: ```console GET /my-index-000001/_settings?filter_path=*.settings.index.routing.allocation.include._tier_preference @@ -462,7 +462,7 @@ GET /my-index-000001/_settings?filter_path=*.settings.index.routing.allocation.i The `_tier_preference` setting might conflict with other allocation settings. This conflict might prevent the shard from allocating. A conflict might occur when a cluster has not yet been completely [migrated to data tiers](/troubleshoot/elasticsearch/troubleshoot-migrate-to-tiers.md). -This setting will not unallocate a currently allocated shard, but might prevent it from migrating from its current location to its designated data tier. To troubleshoot, call the [cluster allocation explain API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-allocation-explain.html) and specify the suspected problematic shard. +This setting will not unallocate a currently allocated shard, but might prevent it from migrating from its current location to its designated data tier. To troubleshoot, call the [cluster allocation explain API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-allocation-explain) and specify the suspected problematic shard. ### Automatic data tier migration [data-tier-migration] diff --git a/raw-migrated-files/cloud-on-k8s/cloud-on-k8s/k8s-orchestration.md b/raw-migrated-files/cloud-on-k8s/cloud-on-k8s/k8s-orchestration.md index b6be38b8dc..049fb3c251 100644 --- a/raw-migrated-files/cloud-on-k8s/cloud-on-k8s/k8s-orchestration.md +++ b/raw-migrated-files/cloud-on-k8s/cloud-on-k8s/k8s-orchestration.md @@ -168,7 +168,7 @@ Advanced users may force an upgrade by manually deleting Pods themselves. The de Operations that reduce the number of nodes in the cluster cannot make progress without user intervention, if the Elasticsearch index replica settings are incompatible with the intended downscale. Specifically, if the Elasticsearch index settings demand a higher number of shard copies than data nodes in the cluster after the downscale operation, ECK cannot migrate the data away from the node about to be removed. You can address this in the following ways: -* Adjust the Elasticsearch [index settings](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-update-settings.html) to a number of replicas that allow the desired node removal. +* Adjust the Elasticsearch [index settings](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-put-settings) to a number of replicas that allow the desired node removal. * Use [`auto_expand_replicas`](https://www.elastic.co/guide/en/elasticsearch/reference/current/index-modules.html#dynamic-index-settings) to automatically adjust the replicas to the number of data nodes in the cluster. diff --git a/raw-migrated-files/cloud-on-k8s/cloud-on-k8s/k8s-users-and-roles.md b/raw-migrated-files/cloud-on-k8s/cloud-on-k8s/k8s-users-and-roles.md index 1461186867..c42f06ae36 100644 --- a/raw-migrated-files/cloud-on-k8s/cloud-on-k8s/k8s-users-and-roles.md +++ b/raw-migrated-files/cloud-on-k8s/cloud-on-k8s/k8s-users-and-roles.md @@ -43,7 +43,7 @@ Do not run the `elasticsearch-service-tokens` command inside an Elasticsearch Po ### Native realm [k8s_native_realm] -You can create custom users in the [Elasticsearch native realm](https://www.elastic.co/guide/en/elasticsearch/reference/current/native-realm.html) using [Elasticsearch user management APIs](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api.html#security-user-apis). +You can create custom users in the [Elasticsearch native realm](https://www.elastic.co/guide/en/elasticsearch/reference/current/native-realm.html) using [Elasticsearch user management APIs](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-security). ### File realm [k8s_file_realm] diff --git a/raw-migrated-files/cloud/cloud-enterprise/ece-config-change-errors.md b/raw-migrated-files/cloud/cloud-enterprise/ece-config-change-errors.md index f4a7f09b30..fed68c1a9a 100644 --- a/raw-migrated-files/cloud/cloud-enterprise/ece-config-change-errors.md +++ b/raw-migrated-files/cloud/cloud-enterprise/ece-config-change-errors.md @@ -117,7 +117,7 @@ In rare cases, when you attempt to upgrade the version of a deployment and the u To resolve this: 1. Check that you don’t need the content. -2. Run an {{es}} [Delete index request](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-delete-index.html) to remove the existing index. +2. Run an {{es}} [Delete index request](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-delete) to remove the existing index. In this example, the `.kibana_2` index is the rollover of saved objects (such as Kibana visualizations or dashboards) from the original `.kibana_1` index. Since `.kibana_2` was created as part of the failed upgrade process, this index does not yet contain any pertinent data and it can safely be deleted. diff --git a/raw-migrated-files/cloud/cloud-enterprise/ece-configuring-keystore.md b/raw-migrated-files/cloud/cloud-enterprise/ece-configuring-keystore.md index af8419c4a7..b21397ec06 100644 --- a/raw-migrated-files/cloud/cloud-enterprise/ece-configuring-keystore.md +++ b/raw-migrated-files/cloud/cloud-enterprise/ece-configuring-keystore.md @@ -22,10 +22,10 @@ Add keys and secret values to the keystore. 4. Locate **Elasticsearch keystore** and select **Add settings**. 5. On the **Create setting** window, select the secret **Type**. 6. Configure the settings, then select **Save**. -7. All the modifications to the non-reloadable keystore take effect only after restarting Elasticsearch. Reloadable keystore changes take effect after issuing a [reload_secure_settings](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-nodes-reload-secure-settings.html) API request. +7. All the modifications to the non-reloadable keystore take effect only after restarting Elasticsearch. Reloadable keystore changes take effect after issuing a [reload_secure_settings](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-nodes-reload-secure-settings) API request. ::::{important} -Only some settings are designed to be read from the keystore. However, the keystore has no validation to block unsupported settings. Adding unsupported settings to the keystore causes [reload_secure_settings](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-nodes-reload-secure-settings.html) to fail and if not addressed, Elasticsearch will fail to start. To check whether a setting is supported in the keystore, look for a "Secure" qualifier in the [setting reference](../../../deploy-manage/security/secure-settings.md). +Only some settings are designed to be read from the keystore. However, the keystore has no validation to block unsupported settings. Adding unsupported settings to the keystore causes [reload_secure_settings](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-nodes-reload-secure-settings) to fail and if not addressed, Elasticsearch will fail to start. To check whether a setting is supported in the keystore, look for a "Secure" qualifier in the [setting reference](../../../deploy-manage/security/secure-settings.md). :::: @@ -42,5 +42,5 @@ When your keys and secret values are no longer needed, delete them from the keys 3. From your deployment menu, select **Security**. 4. From the **Existing keystores** list, use the delete icon next to the **Setting Name** that you want to delete. 5. On the **Confirm to delete** window, select **Confirm**. -6. All modifications to the non-reloadable keystore take effect only after restarting Elasticsearch. Reloadable keystore changes take effect after issuing a [reload_secure_settings](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-nodes-reload-secure-settings.html) API request. +6. All modifications to the non-reloadable keystore take effect only after restarting Elasticsearch. Reloadable keystore changes take effect after issuing a [reload_secure_settings](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-nodes-reload-secure-settings) API request. diff --git a/raw-migrated-files/cloud/cloud-enterprise/ece-getting-started-node-js.md b/raw-migrated-files/cloud/cloud-enterprise/ece-getting-started-node-js.md index 3cacc5f79b..fa1faee689 100644 --- a/raw-migrated-files/cloud/cloud-enterprise/ece-getting-started-node-js.md +++ b/raw-migrated-files/cloud/cloud-enterprise/ece-getting-started-node-js.md @@ -280,7 +280,7 @@ const client = new Client({ }) ``` -Check [Create API key API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-create-api-key.html) to learn more about API Keys and [Security privileges](../../../deploy-manage/users-roles/cluster-or-deployment-auth/elasticsearch-privileges.md) to understand which privileges are needed. If you are not sure what the right combination of privileges for your custom application is, you can enable [audit logging](../../../deploy-manage/monitor/logging-configuration/enabling-elasticsearch-audit-logs.md) on {{es}} to find out what privileges are being used. To learn more about how logging works on Elastic Cloud Enterprise, check [Monitoring Elastic Cloud deployment logs and metrics](https://www.elastic.co/blog/monitoring-elastic-cloud-deployment-logs-and-metrics). +Check [Create API key API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-create-api-key) to learn more about API Keys and [Security privileges](../../../deploy-manage/users-roles/cluster-or-deployment-auth/elasticsearch-privileges.md) to understand which privileges are needed. If you are not sure what the right combination of privileges for your custom application is, you can enable [audit logging](../../../deploy-manage/monitor/logging-configuration/enabling-elasticsearch-audit-logs.md) on {{es}} to find out what privileges are being used. To learn more about how logging works on Elastic Cloud Enterprise, check [Monitoring Elastic Cloud deployment logs and metrics](https://www.elastic.co/blog/monitoring-elastic-cloud-deployment-logs-and-metrics). ### Best practices [ece_best_practices] diff --git a/raw-migrated-files/cloud/cloud-enterprise/ece-getting-started-python.md b/raw-migrated-files/cloud/cloud-enterprise/ece-getting-started-python.md index 716d5d889a..bcae4285df 100644 --- a/raw-migrated-files/cloud/cloud-enterprise/ece-getting-started-python.md +++ b/raw-migrated-files/cloud/cloud-enterprise/ece-getting-started-python.md @@ -340,7 +340,7 @@ es = Elasticsearch( ) ``` -Check [Create API key API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-create-api-key.html) to learn more about API Keys and [Security privileges](../../../deploy-manage/users-roles/cluster-or-deployment-auth/elasticsearch-privileges.md) to understand which privileges are needed. If you are not sure what the right combination of privileges for your custom application is, you can enable [audit logging](../../../deploy-manage/monitor/logging-configuration/enabling-elasticsearch-audit-logs.md) on {{es}} to find out what privileges are being used. To learn more about how logging works on Elastic Cloud Enterprise, check [Monitoring Elastic Cloud deployment logs and metrics](https://www.elastic.co/blog/monitoring-elastic-cloud-deployment-logs-and-metrics). +Check [Create API key API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-create-api-key) to learn more about API Keys and [Security privileges](../../../deploy-manage/users-roles/cluster-or-deployment-auth/elasticsearch-privileges.md) to understand which privileges are needed. If you are not sure what the right combination of privileges for your custom application is, you can enable [audit logging](../../../deploy-manage/monitor/logging-configuration/enabling-elasticsearch-audit-logs.md) on {{es}} to find out what privileges are being used. To learn more about how logging works on Elastic Cloud Enterprise, check [Monitoring Elastic Cloud deployment logs and metrics](https://www.elastic.co/blog/monitoring-elastic-cloud-deployment-logs-and-metrics). For more information on refreshing an index, searching, updating, and deleting, check the [elasticsearch-py examples](https://www.elastic.co/guide/en/elasticsearch/client/python-api/current/examples.html). diff --git a/raw-migrated-files/cloud/cloud-enterprise/ece-securing-clusters-ad.md b/raw-migrated-files/cloud/cloud-enterprise/ece-securing-clusters-ad.md index b5aa474ee7..77f7b34e0c 100644 --- a/raw-migrated-files/cloud/cloud-enterprise/ece-securing-clusters-ad.md +++ b/raw-migrated-files/cloud/cloud-enterprise/ece-securing-clusters-ad.md @@ -177,7 +177,7 @@ If the keystore is also password protected (which isn’t typical for keystores ## Mapping Active Directory groups to roles [ece-securing-clusters-ad-role-mapping] -You have two ways of mapping Active Directory groups to roles for your users. The preferred one is to use the [role mapping API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-role-mapping.html). If for some reason this is not possible, you can use a [role mapping file](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-roles.html) to specify the mappings instead. +You have two ways of mapping Active Directory groups to roles for your users. The preferred one is to use the [role mapping API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-put-role-mapping). If for some reason this is not possible, you can use a [role mapping file](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-roles.html) to specify the mappings instead. ::::{important} Only Active Directory security groups are supported. You cannot map distribution groups to roles. diff --git a/raw-migrated-files/cloud/cloud-enterprise/ece-securing-clusters-ldap.md b/raw-migrated-files/cloud/cloud-enterprise/ece-securing-clusters-ldap.md index 207bc650c4..3ade007882 100644 --- a/raw-migrated-files/cloud/cloud-enterprise/ece-securing-clusters-ldap.md +++ b/raw-migrated-files/cloud/cloud-enterprise/ece-securing-clusters-ldap.md @@ -175,7 +175,7 @@ If your CA certificate is available as a `JKS` or `PKCS#12` keystore, you can up ## Mapping LDAP groups to roles [ece-securing-clusters-ldap-role-mapping] -You have two ways of mapping LDAP groups to roles for your users. The preferred one is to use the [role mapping API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-role-mapping.html). If for some reason this is not possible, you can use a [role mapping file](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-roles.html) to specify the mappings instead. +You have two ways of mapping LDAP groups to roles for your users. The preferred one is to use the [role mapping API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-put-role-mapping). If for some reason this is not possible, you can use a [role mapping file](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-roles.html) to specify the mappings instead. ### Using the Role Mapping API [ece_using_the_role_mapping_api] diff --git a/raw-migrated-files/cloud/cloud-enterprise/ece-working-with-elasticsearch.md b/raw-migrated-files/cloud/cloud-enterprise/ece-working-with-elasticsearch.md index 2cde2b5aa3..ebce61a561 100644 --- a/raw-migrated-files/cloud/cloud-enterprise/ece-working-with-elasticsearch.md +++ b/raw-migrated-files/cloud/cloud-enterprise/ece-working-with-elasticsearch.md @@ -97,7 +97,7 @@ Either a `GET` or a `POST` request with some URI search parameters works, or omi curl -u USER:PASSWORD https://ELASTICSEARCH_URL/my_index/_doc/_search?q=title:T* ``` -For an explanation of the allowed parameters, check [URI Search](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-search.html). +For an explanation of the allowed parameters, check [URI Search](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-search). To make {{es}} return a more human readable JSON response, add `?pretty=true` to the request: @@ -111,7 +111,7 @@ curl -u USER:PASSWORD https://ELASTICSEARCH_URL/my_index/_doc/_search?pretty=tru For performance reasons, `?pretty=true` is not recommended in production. You can verify the performance difference yourself by checking the `took` field in the JSON response which tells you how long Elasticsearch took to evaluate the search in milliseconds. When we tested these examples ourselves, the difference was `"took" : 4` against `"took" : 18`, a substantial difference. -For a full explanation of how the request body is structured, check [Elasticsearch Request Body documentation](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-request-body.html). You can also execute multiple queries in one request with the [Multi Search API](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-multi-search.html). +For a full explanation of how the request body is structured, check [Elasticsearch Request Body documentation](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-request-body.html). You can also execute multiple queries in one request with the [Multi Search API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-msearch). ## Deleting [ece_deleting] diff --git a/raw-migrated-files/cloud/cloud-heroku/ech-add-user-settings.md b/raw-migrated-files/cloud/cloud-heroku/ech-add-user-settings.md index 702a614039..c5382a5132 100644 --- a/raw-migrated-files/cloud/cloud-heroku/ech-add-user-settings.md +++ b/raw-migrated-files/cloud/cloud-heroku/ech-add-user-settings.md @@ -5,7 +5,7 @@ Change how {{es}} runs by providing your own user settings. Elasticsearch Add-On Elasticsearch Add-On for Heroku automatically rejects `elasticsearch.yml` settings that could break your cluster. For a list of supported settings, check [Supported {{es}} settings](../../../deploy-manage/deploy/elastic-cloud/edit-stack-settings.md#ech-es-elasticsearch-settings). ::::{warning} -You can also update [dynamic cluster settings](../../../deploy-manage/deploy/self-managed/configure-elasticsearch.md#dynamic-cluster-setting) using {{es}}'s [update cluster settings API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-update-settings.html). However, Elasticsearch Add-On for Heroku doesn’t reject unsafe setting changes made using this API. Use with caution. +You can also update [dynamic cluster settings](../../../deploy-manage/deploy/self-managed/configure-elasticsearch.md#dynamic-cluster-setting) using {{es}}'s [update cluster settings API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-put-settings). However, Elasticsearch Add-On for Heroku doesn’t reject unsafe setting changes made using this API. Use with caution. :::: @@ -55,19 +55,19 @@ $$$http-cors-settings$$$`http.cors.*` : Enables explicit allowing of [read-only URL repositories](../../../deploy-manage/tools/snapshot-and-restore/read-only-url-repository.md). `reindex.remote.whitelist` -: Explicitly allows the set of hosts that can be [reindexed from remotely](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-reindex.html#reindex-from-remote). Expects a YAML array of `host:port` strings. Consists of a comma-delimited list of `host:port` entries. Defaults to `["\*.io:*", "\*.com:*"]`. +: Explicitly allows the set of hosts that can be [reindexed from remotely](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex). Expects a YAML array of `host:port` strings. Consists of a comma-delimited list of `host:port` entries. Defaults to `["\*.io:*", "\*.com:*"]`. `reindex.ssl.*` -: To learn more on how to configure reindex SSL user settings, check [configuring reindex SSL parameters](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-reindex.html#reindex-ssl). +: To learn more on how to configure reindex SSL user settings, check [configuring reindex SSL parameters](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex). `script.painless.regex.enabled` : Enables [regular expressions](https://www.elastic.co/guide/en/elasticsearch/painless/current/painless-walkthrough.html#modules-scripting-painless-regex) for the Painless scripting language. `action.auto_create_index` -: [Automatically create index](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-index_.html#index-creation) if it doesn’t already exist. +: [Automatically create index](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-create) if it doesn’t already exist. `action.destructive_requires_name` -: When set to `true`, users must [specify the index name](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-delete-index.html#indices-delete-index) to delete an index. It’s not possible to delete _all or use wildcards. +: When set to `true`, users must [specify the index name](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-delete) to delete an index. It’s not possible to delete _all or use wildcards. `xpack.notification.webhook.additional_token_enabled` : When set to `true`, {{es}} automatically sets a token which enables the bypassing of traffic filters for calls initiated by Watcher towards {{es}} or {{kib}}. The default is `false` and the feature is available starting with {{es}} version 8.7.1 and later. diff --git a/raw-migrated-files/cloud/cloud-heroku/ech-analyze_shards_with-api.md b/raw-migrated-files/cloud/cloud-heroku/ech-analyze_shards_with-api.md index f63803f6ef..3e6fc23c45 100644 --- a/raw-migrated-files/cloud/cloud-heroku/ech-analyze_shards_with-api.md +++ b/raw-migrated-files/cloud/cloud-heroku/ech-analyze_shards_with-api.md @@ -11,7 +11,7 @@ You can retrieve information about the status of your cluster, indices, and shar ## Check cluster health [ech-check-cluster-health] -Use the [Cluster health API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html): +Use the [Cluster health API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-health): ```json GET /_cluster/health/ @@ -42,7 +42,7 @@ This command returns the cluster status (green, yellow, or red) and shows the nu ## Check unhealthy indices [ech-check-unhealthy-indices] -Use the [cat indices API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cat-indices.html) to get the status of individual indices. Specify the `health` parameter to limit the results to a particular status, for example `?v&health=red` or `?v&health=yellow`. +Use the [cat indices API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cat-indices) to get the status of individual indices. Specify the `health` parameter to limit the results to a particular status, for example `?v&health=red` or `?v&health=yellow`. ```json GET /_cat/indices?v&health=red @@ -60,7 +60,7 @@ For more information, refer to [Fix a red or yellow cluster status](../../../tro ## Check which shards are unassigned [ech-check-which-unassigned-shards] -Use the [cat shards API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cat-shards.html): +Use the [cat shards API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cat-shards): ```json GET /_cat/shards/?v @@ -77,7 +77,7 @@ filebeat-7.9.3-2022.01.07-000015 2 r UNASSIGNED ## Check why shards are unassigned [ech-check-why-unassigned-shards] -To understand why shards are unassigned, run the [Cluster allocation explain API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-allocation-explain.html). +To understand why shards are unassigned, run the [Cluster allocation explain API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-allocation-explain). Running the API call `GET _cluster/allocation/explain` retrieves an allocation explanation for unassigned primary shards, or replica shards. diff --git a/raw-migrated-files/cloud/cloud-heroku/ech-config-change-errors.md b/raw-migrated-files/cloud/cloud-heroku/ech-config-change-errors.md index c074533990..4c17bdb81c 100644 --- a/raw-migrated-files/cloud/cloud-heroku/ech-config-change-errors.md +++ b/raw-migrated-files/cloud/cloud-heroku/ech-config-change-errors.md @@ -126,7 +126,7 @@ In rare cases, when you attempt to upgrade the version of a deployment and the u To resolve this: 1. Check that you don’t need the content. -2. Run an {{es}} [Delete index request](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-delete-index.html) to remove the existing index. +2. Run an {{es}} [Delete index request](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-delete) to remove the existing index. In this example, the `.kibana_2` index is the rollover of saved objects (such as Kibana visualizations or dashboards) from the original `.kibana_1` index. Since `.kibana_2` was created as part of the failed upgrade process, this index does not yet contain any pertinent data and it can safely be deleted. diff --git a/raw-migrated-files/cloud/cloud-heroku/ech-configuring-keystore.md b/raw-migrated-files/cloud/cloud-heroku/ech-configuring-keystore.md index 043198e0c7..9499f91c0d 100644 --- a/raw-migrated-files/cloud/cloud-heroku/ech-configuring-keystore.md +++ b/raw-migrated-files/cloud/cloud-heroku/ech-configuring-keystore.md @@ -22,10 +22,10 @@ Add keys and secret values to the keystore. 4. Locate **Elasticsearch keystore** and select **Add settings**. 5. On the **Create setting** window, select the secret **Type**. 6. Configure the settings, then select **Save**. -7. All the modifications to the non-reloadable keystore take effect only after restarting Elasticsearch. Reloadable keystore changes take effect after issuing a [reload_secure_settings](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-nodes-reload-secure-settings.html) API request. +7. All the modifications to the non-reloadable keystore take effect only after restarting Elasticsearch. Reloadable keystore changes take effect after issuing a [reload_secure_settings](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-nodes-reload-secure-settings) API request. ::::{important} -Only some settings are designed to be read from the keystore. However, the keystore has no validation to block unsupported settings. Adding unsupported settings to the keystore causes [reload_secure_settings](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-nodes-reload-secure-settings.html) to fail and if not addressed, Elasticsearch will fail to start. To check whether a setting is supported in the keystore, look for a "Secure" qualifier in the [setting reference](../../../deploy-manage/security/secure-settings.md). +Only some settings are designed to be read from the keystore. However, the keystore has no validation to block unsupported settings. Adding unsupported settings to the keystore causes [reload_secure_settings](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-nodes-reload-secure-settings) to fail and if not addressed, Elasticsearch will fail to start. To check whether a setting is supported in the keystore, look for a "Secure" qualifier in the [setting reference](../../../deploy-manage/security/secure-settings.md). :::: @@ -42,5 +42,5 @@ When your keys and secret values are no longer needed, delete them from the keys 3. From your deployment menu, select **Security**. 4. From the **Existing keystores** list, use the delete icon next to the **Setting Name** that you want to delete. 5. On the **Confirm to delete** window, select **Confirm**. -6. All modifications to the non-reloadable keystore take effect only after restarting Elasticsearch. Reloadable keystore changes take effect after issuing a [reload_secure_settings](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-nodes-reload-secure-settings.html) API request. +6. All modifications to the non-reloadable keystore take effect only after restarting Elasticsearch. Reloadable keystore changes take effect after issuing a [reload_secure_settings](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-nodes-reload-secure-settings) API request. diff --git a/raw-migrated-files/cloud/cloud-heroku/ech-cpu-usage-exceed-allowed-threshold.md b/raw-migrated-files/cloud/cloud-heroku/ech-cpu-usage-exceed-allowed-threshold.md index 1e688676fa..b14a5e2973 100644 --- a/raw-migrated-files/cloud/cloud-heroku/ech-cpu-usage-exceed-allowed-threshold.md +++ b/raw-migrated-files/cloud/cloud-heroku/ech-cpu-usage-exceed-allowed-threshold.md @@ -63,7 +63,7 @@ Stack Monitoring comes with out-of-the-box rules, but you need to enable them wh * If the master node is overwhelmed by internal tasks initiated by users: - * Check [cluster-level pending tasks](https://www.elastic.co/guide/en/elasticsearch/reference/current/cat-pending-tasks.html). + * Check [cluster-level pending tasks](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cat-pending-tasks). * Reduce the number of Machine Learning jobs or watches. * Change the number of ingest pipelines or processors to use less memory. diff --git a/raw-migrated-files/cloud/cloud-heroku/ech-jvm-heap-usage-exceed-allowed-threshold.md b/raw-migrated-files/cloud/cloud-heroku/ech-jvm-heap-usage-exceed-allowed-threshold.md index 992a65067a..05a612bc11 100644 --- a/raw-migrated-files/cloud/cloud-heroku/ech-jvm-heap-usage-exceed-allowed-threshold.md +++ b/raw-migrated-files/cloud/cloud-heroku/ech-jvm-heap-usage-exceed-allowed-threshold.md @@ -44,7 +44,7 @@ * If the master node is overwhelmed by internal tasks initiated by users: - * Check [cluster-level pending tasks](https://www.elastic.co/guide/en/elasticsearch/reference/current/cat-pending-tasks.html). + * Check [cluster-level pending tasks](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cat-pending-tasks). * Reduce the number of Machine Learning jobs or watches. * Change the number of ingest pipelines or processors to use less memory. diff --git a/raw-migrated-files/cloud/cloud-heroku/ech-monitoring-setup.md b/raw-migrated-files/cloud/cloud-heroku/ech-monitoring-setup.md index 6012ad4ec1..86831b6007 100644 --- a/raw-migrated-files/cloud/cloud-heroku/ech-monitoring-setup.md +++ b/raw-migrated-files/cloud/cloud-heroku/ech-monitoring-setup.md @@ -137,7 +137,7 @@ As a managed service, {{ecloud}} is here to help you manage the maintenance and * Review the deployment logs * Act on automated alerts -When issues come up that you need to troubleshoot, you’ll frequently start with the same queries to determine which rabbit hole to investigate further, such as [`_cluster/health`](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html) to determine overall deployment health. +When issues come up that you need to troubleshoot, you’ll frequently start with the same queries to determine which rabbit hole to investigate further, such as [`_cluster/health`](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-health) to determine overall deployment health. :::{image} ../../../images/cloud-heroku-ec-ce-monitoring-ongoing.png :alt: Elasticsearch API console showing queries useful for monitoring diff --git a/raw-migrated-files/cloud/cloud-heroku/ech-multiple-node-deployment-disk-used.md b/raw-migrated-files/cloud/cloud-heroku/ech-multiple-node-deployment-disk-used.md index 7a68e74c51..75742ee36e 100644 --- a/raw-migrated-files/cloud/cloud-heroku/ech-multiple-node-deployment-disk-used.md +++ b/raw-migrated-files/cloud/cloud-heroku/ech-multiple-node-deployment-disk-used.md @@ -22,7 +22,7 @@ **Resolution** -* [Delete unused data](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-delete-index.html). +* [Delete unused data](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-delete). * Increase the disk size (scale up). ::::{note} diff --git a/raw-migrated-files/cloud/cloud-heroku/ech-nodes-unavailable-missing.md b/raw-migrated-files/cloud/cloud-heroku/ech-nodes-unavailable-missing.md index 6fa2d23d64..e10bee7072 100644 --- a/raw-migrated-files/cloud/cloud-heroku/ech-nodes-unavailable-missing.md +++ b/raw-migrated-files/cloud/cloud-heroku/ech-nodes-unavailable-missing.md @@ -18,7 +18,7 @@ * Routing stopped: A failed {{es}} configuration might stop the nodes routing. Restart the routing manually to bring the node back to health. * Disk/memory/CPU saturated: - * [Delete unused data](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-delete-index.html). + * [Delete unused data](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-delete). * Increase disk size. * [Enable autoscaling](../../../deploy-manage/autoscaling.md). * Configuration of ILM policies. diff --git a/raw-migrated-files/cloud/cloud-heroku/ech-remediate-issues-allocation-explain-API.md b/raw-migrated-files/cloud/cloud-heroku/ech-remediate-issues-allocation-explain-API.md index 3539e16f47..56582c692e 100644 --- a/raw-migrated-files/cloud/cloud-heroku/ech-remediate-issues-allocation-explain-API.md +++ b/raw-migrated-files/cloud/cloud-heroku/ech-remediate-issues-allocation-explain-API.md @@ -51,7 +51,7 @@ During the routine system maintenance performed by Elastic, it might happen that Configure an [highly available cluster](../../../deploy-manage/production-guidance/plan-for-production-elastic-cloud.md) to keep your service running. Also, consider taking the following actions to bring your deployment back to health and recover your data from the snapshot. -* [Close the red indices](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-close.html) +* [Close the red indices](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-close) * [Restore the indices](../../../deploy-manage/tools/snapshot-and-restore.md) from the last successful snapshot For more information, check also [Designing for resilience](../../../deploy-manage/production-guidance/availability-and-resilience.md). @@ -76,7 +76,7 @@ When shards cannot be assigned, due to [data tier allocation](../../../manage-da **Resolutions** * Make sure nodes are available in each data tier and have sufficient disk space. -* [Check the index settings](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices.html#index-settings) and ensure shards can be allocated to the expected data tier. +* [Check the index settings](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-indices) and ensure shards can be allocated to the expected data tier. * Check the [ILM policy](../../../manage-data/lifecycle/index-lifecycle-management.md) and check for issues with the [allocate action](https://www.elastic.co/guide/en/elasticsearch/reference/current/ilm-allocate.html). * Inspect the [index templates](../../../manage-data/data-store/templates.md) and check for issues with the index settings. @@ -90,7 +90,7 @@ Unassigned replica shards are often caused by there being fewer eligible data no **Resolutions** * Add more [eligible data nodes or more availability zones](../../../deploy-manage/deploy/elastic-cloud/ech-customize-deployment-components.md) to ensure resiliency. -* Adjust the `number_of_replicas` [setting](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-update-settings.html) for your indices to the number of eligible data nodes -1. +* Adjust the `number_of_replicas` [setting](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-put-settings) for your indices to the number of eligible data nodes -1. ## A snapshot issue prevents searchable snapshot indices from being allocated [ech-searchable-snapshot-indices-not-allocated] @@ -124,7 +124,7 @@ The parameter [`cluster.max_shards_per_node`](https://www.elastic.co/guide/en/el **Resolutions** -Delete unnecessary indices, add more data nodes, and [avoid oversharding](../../../deploy-manage/production-guidance/optimize-performance/size-shards.md) as too many shards can overwhelm your cluster. If you cannot take these actions, and you’re confident your changes won’t destabilize the cluster, you can temporarily increase the limit using the [cluster update settings API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-update-settings.html) and retry the action. For more details, check [Troubleshoot shard-related errors](../../../deploy-manage/production-guidance/optimize-performance/size-shards.md#troubleshoot-shard-related-errors). +Delete unnecessary indices, add more data nodes, and [avoid oversharding](../../../deploy-manage/production-guidance/optimize-performance/size-shards.md) as too many shards can overwhelm your cluster. If you cannot take these actions, and you’re confident your changes won’t destabilize the cluster, you can temporarily increase the limit using the [cluster update settings API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-put-settings) and retry the action. For more details, check [Troubleshoot shard-related errors](../../../deploy-manage/production-guidance/optimize-performance/size-shards.md#troubleshoot-shard-related-errors). ## Maximum retry times exceeded [ech-max-retry-exceeded] @@ -137,6 +137,6 @@ The cluster will attempt to allocate a shard a few times, before giving up and l **Resolutions** -Run [`POST /_cluster/reroute?retry_failed=true`](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-reroute.html) API to retry. If it still fails, rerun the [Cluster allocation explain](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-allocation-explain.html) API to diagnose the problem. +Run [`POST /_cluster/reroute?retry_failed=true`](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-reroute) API to retry. If it still fails, rerun the [Cluster allocation explain](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-allocation-explain) API to diagnose the problem. diff --git a/raw-migrated-files/cloud/cloud-heroku/ech-saas-metrics-accessing.md b/raw-migrated-files/cloud/cloud-heroku/ech-saas-metrics-accessing.md index 44d91f8572..b1003f5699 100644 --- a/raw-migrated-files/cloud/cloud-heroku/ech-saas-metrics-accessing.md +++ b/raw-migrated-files/cloud/cloud-heroku/ech-saas-metrics-accessing.md @@ -85,7 +85,7 @@ Performance correlates directly with resources assigned to your cluster, and man It is not uncommon for performance issues on Elasticsearch Add-On for Heroku to be caused by an undersized cluster that cannot cope with the workload it is being asked to handle. If your cluster performance metrics often shows high CPU usage or excessive memory pressure, consider increasing the size of your cluster soon to improve performance. This is especially true for clusters that regularly reach 100% of CPU usage or that suffer out-of-memory failures; it is better to resize your cluster early when it is not yet maxed out than to have to resize a cluster that is already overwhelmed. [Changing the configuration of your cluster](../../../deploy-manage/deploy/elastic-cloud/cloud-hosted.md) may add some overhead if data needs to be migrated to the new nodes, which can increase the load on a cluster further and delay configuration changes. -To help diagnose high CPU usage you can also use the Elasticsearch [nodes hot threads API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-nodes-hot-threads.html), which identifies the threads on each node that have the highest CPU usage or that have been executing for a longer than normal period of time. +To help diagnose high CPU usage you can also use the Elasticsearch [nodes hot threads API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-nodes-hot-threads), which identifies the threads on each node that have the highest CPU usage or that have been executing for a longer than normal period of time. ::::{tip} Got an overwhelmed cluster that needs to be upsized? [Try enabling maintenance mode first](https://www.elastic.co/guide/en/cloud-heroku/current/ech-upgrading-v5.html#ech-maintenance-mode-routing). It will likely help with configuration changes. diff --git a/raw-migrated-files/cloud/cloud-heroku/ech-single-node-deployment-disk-used.md b/raw-migrated-files/cloud/cloud-heroku/ech-single-node-deployment-disk-used.md index 09c35479a4..c7211e9083 100644 --- a/raw-migrated-files/cloud/cloud-heroku/ech-single-node-deployment-disk-used.md +++ b/raw-migrated-files/cloud/cloud-heroku/ech-single-node-deployment-disk-used.md @@ -22,7 +22,7 @@ **Resolution** -* [Delete unused data](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-delete-index.html). +* [Delete unused data](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-delete). * Increase the disk size on your Hot data and Content tier (scale up). ::::{note} diff --git a/raw-migrated-files/cloud/cloud/ec-add-user-settings.md b/raw-migrated-files/cloud/cloud/ec-add-user-settings.md index 8bd097d5d9..515be42eaa 100644 --- a/raw-migrated-files/cloud/cloud/ec-add-user-settings.md +++ b/raw-migrated-files/cloud/cloud/ec-add-user-settings.md @@ -5,7 +5,7 @@ Change how {{es}} runs by providing your own user settings. Elasticsearch Servic Elasticsearch Service automatically rejects `elasticsearch.yml` settings that could break your cluster. For a list of supported settings, check [Supported {{es}} settings](../../../deploy-manage/deploy/elastic-cloud/edit-stack-settings.md#ec-es-elasticsearch-settings). ::::{warning} -You can also update [dynamic cluster settings](../../../deploy-manage/deploy/self-managed/configure-elasticsearch.md#dynamic-cluster-setting) using {{es}}'s [update cluster settings API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-update-settings.html). However, Elasticsearch Service doesn’t reject unsafe setting changes made using this API. Use with caution. +You can also update [dynamic cluster settings](../../../deploy-manage/deploy/self-managed/configure-elasticsearch.md#dynamic-cluster-setting) using {{es}}'s [update cluster settings API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-put-settings). However, Elasticsearch Service doesn’t reject unsafe setting changes made using this API. Use with caution. :::: @@ -55,19 +55,19 @@ $$$http-cors-settings$$$`http.cors.*` : Enables explicit allowing of [read-only URL repositories](../../../deploy-manage/tools/snapshot-and-restore/read-only-url-repository.md). `reindex.remote.whitelist` -: Explicitly allows the set of hosts that can be [reindexed from remotely](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-reindex.html#reindex-from-remote). Expects a YAML array of `host:port` strings. Consists of a comma-delimited list of `host:port` entries. Defaults to `["\*.io:*", "\*.com:*"]`. +: Explicitly allows the set of hosts that can be [reindexed from remotely](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex). Expects a YAML array of `host:port` strings. Consists of a comma-delimited list of `host:port` entries. Defaults to `["\*.io:*", "\*.com:*"]`. `reindex.ssl.*` -: To learn more on how to configure reindex SSL user settings, check [configuring reindex SSL parameters](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-reindex.html#reindex-ssl). +: To learn more on how to configure reindex SSL user settings, check [configuring reindex SSL parameters](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex). `script.painless.regex.enabled` : Enables [regular expressions](https://www.elastic.co/guide/en/elasticsearch/painless/current/painless-walkthrough.html#modules-scripting-painless-regex) for the Painless scripting language. `action.auto_create_index` -: [Automatically create index](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-index_.html#index-creation) if it doesn’t already exist. +: [Automatically create index](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-create) if it doesn’t already exist. `action.destructive_requires_name` -: When set to `true`, users must [specify the index name](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-delete-index.html#indices-delete-index) to delete an index. It’s not possible to delete _all or use wildcards. +: When set to `true`, users must [specify the index name](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-delete) to delete an index. It’s not possible to delete _all or use wildcards. `xpack.notification.webhook.additional_token_enabled` : When set to `true`, {{es}} automatically sets a token which enables the bypassing of traffic filters for calls initiated by Watcher towards {{es}} or {{kib}}. The default is `false` and the feature is available starting with {{es}} version 8.7.1 and later. diff --git a/raw-migrated-files/cloud/cloud/ec-config-change-errors.md b/raw-migrated-files/cloud/cloud/ec-config-change-errors.md index 2edce8d83e..053f3c3a1f 100644 --- a/raw-migrated-files/cloud/cloud/ec-config-change-errors.md +++ b/raw-migrated-files/cloud/cloud/ec-config-change-errors.md @@ -126,7 +126,7 @@ In rare cases, when you attempt to upgrade the version of a deployment and the u To resolve this: 1. Check that you don’t need the content. -2. Run an {{es}} [Delete index request](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-delete-index.html) to remove the existing index. +2. Run an {{es}} [Delete index request](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-delete) to remove the existing index. In this example, the `.kibana_2` index is the rollover of saved objects (such as Kibana visualizations or dashboards) from the original `.kibana_1` index. Since `.kibana_2` was created as part of the failed upgrade process, this index does not yet contain any pertinent data and it can safely be deleted. diff --git a/raw-migrated-files/cloud/cloud/ec-configuring-keystore.md b/raw-migrated-files/cloud/cloud/ec-configuring-keystore.md index 58d29b5a19..bf99ff5656 100644 --- a/raw-migrated-files/cloud/cloud/ec-configuring-keystore.md +++ b/raw-migrated-files/cloud/cloud/ec-configuring-keystore.md @@ -22,10 +22,10 @@ Add keys and secret values to the keystore. 4. Locate **Elasticsearch keystore** and select **Add settings**. 5. On the **Create setting** window, select the secret **Type**. 6. Configure the settings, then select **Save**. -7. All the modifications to the non-reloadable keystore take effect only after restarting Elasticsearch. Reloadable keystore changes take effect after issuing a [reload_secure_settings](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-nodes-reload-secure-settings.html) API request. +7. All the modifications to the non-reloadable keystore take effect only after restarting Elasticsearch. Reloadable keystore changes take effect after issuing a [reload_secure_settings](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-nodes-reload-secure-settings) API request. ::::{important} -Only some settings are designed to be read from the keystore. However, the keystore has no validation to block unsupported settings. Adding unsupported settings to the keystore causes [reload_secure_settings](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-nodes-reload-secure-settings.html) to fail and if not addressed, Elasticsearch will fail to start. To check whether a setting is supported in the keystore, look for a "Secure" qualifier in the [setting reference](../../../deploy-manage/security/secure-settings.md). +Only some settings are designed to be read from the keystore. However, the keystore has no validation to block unsupported settings. Adding unsupported settings to the keystore causes [reload_secure_settings](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-nodes-reload-secure-settings) to fail and if not addressed, Elasticsearch will fail to start. To check whether a setting is supported in the keystore, look for a "Secure" qualifier in the [setting reference](../../../deploy-manage/security/secure-settings.md). :::: @@ -42,5 +42,5 @@ When your keys and secret values are no longer needed, delete them from the keys 3. From your deployment menu, select **Security**. 4. From the **Existing keystores** list, use the delete icon next to the **Setting Name** that you want to delete. 5. On the **Confirm to delete** window, select **Confirm**. -6. All modifications to the non-reloadable keystore take effect only after restarting Elasticsearch. Reloadable keystore changes take effect after issuing a [reload_secure_settings](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-nodes-reload-secure-settings.html) API request. +6. All modifications to the non-reloadable keystore take effect only after restarting Elasticsearch. Reloadable keystore changes take effect after issuing a [reload_secure_settings](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-nodes-reload-secure-settings) API request. diff --git a/raw-migrated-files/cloud/cloud/ec-getting-started-node-js.md b/raw-migrated-files/cloud/cloud/ec-getting-started-node-js.md index 3d74b083cd..a3f3ac7cb2 100644 --- a/raw-migrated-files/cloud/cloud/ec-getting-started-node-js.md +++ b/raw-migrated-files/cloud/cloud/ec-getting-started-node-js.md @@ -272,7 +272,7 @@ const client = new Client({ }) ``` -Check [Create API key API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-create-api-key.html) to learn more about API Keys and [Security privileges](../../../deploy-manage/users-roles/cluster-or-deployment-auth/elasticsearch-privileges.md) to understand which privileges are needed. If you are not sure what the right combination of privileges for your custom application is, you can enable [audit logging](../../../deploy-manage/monitor/logging-configuration/enabling-elasticsearch-audit-logs.md) on {{es}} to find out what privileges are being used. To learn more about how logging works on Elasticsearch Service, check [Monitoring Elastic Cloud deployment logs and metrics](https://www.elastic.co/blog/monitoring-elastic-cloud-deployment-logs-and-metrics). +Check [Create API key API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-create-api-key) to learn more about API Keys and [Security privileges](../../../deploy-manage/users-roles/cluster-or-deployment-auth/elasticsearch-privileges.md) to understand which privileges are needed. If you are not sure what the right combination of privileges for your custom application is, you can enable [audit logging](../../../deploy-manage/monitor/logging-configuration/enabling-elasticsearch-audit-logs.md) on {{es}} to find out what privileges are being used. To learn more about how logging works on Elasticsearch Service, check [Monitoring Elastic Cloud deployment logs and metrics](https://www.elastic.co/blog/monitoring-elastic-cloud-deployment-logs-and-metrics). ### Best practices [ec_best_practices] diff --git a/raw-migrated-files/cloud/cloud/ec-getting-started-python.md b/raw-migrated-files/cloud/cloud/ec-getting-started-python.md index 0a3d33cb52..210c7e2edc 100644 --- a/raw-migrated-files/cloud/cloud/ec-getting-started-python.md +++ b/raw-migrated-files/cloud/cloud/ec-getting-started-python.md @@ -333,7 +333,7 @@ es = Elasticsearch( ) ``` -Check [Create API key API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-create-api-key.html) to learn more about API Keys and [Security privileges](../../../deploy-manage/users-roles/cluster-or-deployment-auth/elasticsearch-privileges.md) to understand which privileges are needed. If you are not sure what the right combination of privileges for your custom application is, you can enable [audit logging](../../../deploy-manage/monitor/logging-configuration/enabling-elasticsearch-audit-logs.md) on {{es}} to find out what privileges are being used. To learn more about how logging works on Elasticsearch Service, check [Monitoring Elastic Cloud deployment logs and metrics](https://www.elastic.co/blog/monitoring-elastic-cloud-deployment-logs-and-metrics). +Check [Create API key API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-create-api-key) to learn more about API Keys and [Security privileges](../../../deploy-manage/users-roles/cluster-or-deployment-auth/elasticsearch-privileges.md) to understand which privileges are needed. If you are not sure what the right combination of privileges for your custom application is, you can enable [audit logging](../../../deploy-manage/monitor/logging-configuration/enabling-elasticsearch-audit-logs.md) on {{es}} to find out what privileges are being used. To learn more about how logging works on Elasticsearch Service, check [Monitoring Elastic Cloud deployment logs and metrics](https://www.elastic.co/blog/monitoring-elastic-cloud-deployment-logs-and-metrics). For more information on refreshing an index, searching, updating, and deleting, check the [elasticsearch-py examples](https://www.elastic.co/guide/en/elasticsearch/client/python-api/current/examples.html). diff --git a/raw-migrated-files/cloud/cloud/ec-monitoring-setup.md b/raw-migrated-files/cloud/cloud/ec-monitoring-setup.md index 2f2b330936..2ffe411c2a 100644 --- a/raw-migrated-files/cloud/cloud/ec-monitoring-setup.md +++ b/raw-migrated-files/cloud/cloud/ec-monitoring-setup.md @@ -137,7 +137,7 @@ As a managed service, {{ecloud}} is here to help you manage the maintenance and * Review the deployment logs * Act on automated alerts -When issues come up that you need to troubleshoot, you’ll frequently start with the same queries to determine which rabbit hole to investigate further, such as [`_cluster/health`](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html) to determine overall deployment health. +When issues come up that you need to troubleshoot, you’ll frequently start with the same queries to determine which rabbit hole to investigate further, such as [`_cluster/health`](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-health) to determine overall deployment health. :::{image} ../../../images/cloud-ec-ce-monitoring-ongoing.png :alt: Elasticsearch API console showing queries useful for monitoring diff --git a/raw-migrated-files/cloud/cloud/ec-saas-metrics-accessing.md b/raw-migrated-files/cloud/cloud/ec-saas-metrics-accessing.md index 8b5743c35e..b6a2562c52 100644 --- a/raw-migrated-files/cloud/cloud/ec-saas-metrics-accessing.md +++ b/raw-migrated-files/cloud/cloud/ec-saas-metrics-accessing.md @@ -90,7 +90,7 @@ Performance correlates directly with resources assigned to your cluster, and man It is not uncommon for performance issues on Elasticsearch Service to be caused by an undersized cluster that cannot cope with the workload it is being asked to handle. If your cluster performance metrics often shows high CPU usage or excessive memory pressure, consider increasing the size of your cluster soon to improve performance. This is especially true for clusters that regularly reach 100% of CPU usage or that suffer out-of-memory failures; it is better to resize your cluster early when it is not yet maxed out than to have to resize a cluster that is already overwhelmed. [Changing the configuration of your cluster](../../../deploy-manage/deploy/elastic-cloud/ec-customize-deployment.md) may add some overhead if data needs to be migrated to the new nodes, which can increase the load on a cluster further and delay configuration changes. -To help diagnose high CPU usage you can also use the Elasticsearch [nodes hot threads API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-nodes-hot-threads.html), which identifies the threads on each node that have the highest CPU usage or that have been executing for a longer than normal period of time. +To help diagnose high CPU usage you can also use the Elasticsearch [nodes hot threads API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-nodes-hot-threads), which identifies the threads on each node that have the highest CPU usage or that have been executing for a longer than normal period of time. ::::{tip} Got an overwhelmed cluster that needs to be upsized? [Try enabling maintenance mode first](../../../deploy-manage/maintenance/ece/start-stop-routing-requests.md). It will likely help with configuration changes. diff --git a/raw-migrated-files/cloud/cloud/ec-scenario_why_are_shards_unavailable.md b/raw-migrated-files/cloud/cloud/ec-scenario_why_are_shards_unavailable.md index 33421363ba..a085c09501 100644 --- a/raw-migrated-files/cloud/cloud/ec-scenario_why_are_shards_unavailable.md +++ b/raw-migrated-files/cloud/cloud/ec-scenario_why_are_shards_unavailable.md @@ -37,7 +37,7 @@ You can retrieve information about the status of your cluster, indices, and shar #### Check cluster health [ec-check-cluster-health] -Use the [Cluster health API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html): +Use the [Cluster health API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-health): ```json GET /_cluster/health/ @@ -68,7 +68,7 @@ This command returns the cluster status (green, yellow, or red) and shows the nu #### Check unhealthy indices [ec-check-unhealthy-indices] -Use the [cat indices API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cat-indices.html) to get the status of individual indices. Specify the `health` parameter to limit the results to a particular status, for example `?v&health=red` or `?v&health=yellow`. +Use the [cat indices API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cat-indices) to get the status of individual indices. Specify the `health` parameter to limit the results to a particular status, for example `?v&health=red` or `?v&health=yellow`. ```json GET /_cat/indices?v&health=red @@ -86,7 +86,7 @@ For more information, refer to [Fix a red or yellow cluster status](../../../tro #### Check which shards are unassigned [ec-check-which-unassigned-shards] -Use the [cat shards API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cat-shards.html): +Use the [cat shards API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cat-shards): ```json GET /_cat/shards/?v @@ -103,7 +103,7 @@ filebeat-7.9.3-2022.01.07-000015 2 r UNASSIGNED #### Check why shards are unassigned [ec-check-why-unassigned-shards] -To understand why shards are unassigned, run the [Cluster allocation explain API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-allocation-explain.html). +To understand why shards are unassigned, run the [Cluster allocation explain API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-allocation-explain). Running the API call `GET _cluster/allocation/explain` retrieves an allocation explanation for unassigned primary shards, or replica shards. @@ -227,7 +227,7 @@ During the routine system maintenance performed by Elastic, it might happen that Configure an [highly available cluster](../../../deploy-manage/production-guidance/plan-for-production-elastic-cloud.md) to keep your service running. Also, consider taking the following actions to bring your deployment back to health and recover your data from the snapshot. -* [Close the red indices](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-close.html) +* [Close the red indices](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-close) * [Restore the indices](../../../deploy-manage/tools/snapshot-and-restore.md) from the last successful snapshot For more information, check also [Designing for resilience](../../../deploy-manage/production-guidance/availability-and-resilience.md). @@ -252,7 +252,7 @@ When shards cannot be assigned, due to [data tier allocation](../../../manage-da **Resolutions** * Make sure nodes are available in each data tier and have sufficient disk space. -* [Check the index settings](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices.html#index-settings) and ensure shards can be allocated to the expected data tier. +* [Check the index settings](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-indices) and ensure shards can be allocated to the expected data tier. * Check the [ILM policy](../../../manage-data/lifecycle/index-lifecycle-management.md) and check for issues with the [allocate action](https://www.elastic.co/guide/en/elasticsearch/reference/current/ilm-allocate.html). * Inspect the [index templates](../../../manage-data/data-store/templates.md) and check for issues with the index settings. @@ -266,7 +266,7 @@ Unassigned replica shards are often caused by there being fewer eligible data no **Resolutions** * Add more [eligible data nodes or more availability zones](../../../deploy-manage/deploy/elastic-cloud/ec-customize-deployment-components.md) to ensure resiliency. -* Adjust the `number_of_replicas` [setting](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-update-settings.html) for your indices to the number of eligible data nodes -1. +* Adjust the `number_of_replicas` [setting](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-put-settings) for your indices to the number of eligible data nodes -1. ### A snapshot issue prevents searchable snapshot indices from being allocated [ec-searchable-snapshot-indices-not-allocated] @@ -300,7 +300,7 @@ The parameter [`cluster.max_shards_per_node`](https://www.elastic.co/guide/en/el **Resolutions** -Delete unnecessary indices, add more data nodes, and [avoid oversharding](../../../deploy-manage/production-guidance/optimize-performance/size-shards.md) as too many shards can overwhelm your cluster. If you cannot take these actions, and you’re confident your changes won’t destabilize the cluster, you can temporarily increase the limit using the [cluster update settings API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-update-settings.html) and retry the action. For more details, check [Troubleshoot shard-related errors](../../../deploy-manage/production-guidance/optimize-performance/size-shards.md#troubleshoot-shard-related-errors). +Delete unnecessary indices, add more data nodes, and [avoid oversharding](../../../deploy-manage/production-guidance/optimize-performance/size-shards.md) as too many shards can overwhelm your cluster. If you cannot take these actions, and you’re confident your changes won’t destabilize the cluster, you can temporarily increase the limit using the [cluster update settings API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-put-settings) and retry the action. For more details, check [Troubleshoot shard-related errors](../../../deploy-manage/production-guidance/optimize-performance/size-shards.md#troubleshoot-shard-related-errors). ### Maximum retry times exceeded [ec-max-retry-exceeded] @@ -313,7 +313,7 @@ The cluster will attempt to allocate a shard a few times, before giving up and l **Resolutions** -Run [`POST /_cluster/reroute?retry_failed=true`](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-reroute.html) API to retry. If it still fails, rerun the [Cluster allocation explain](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-allocation-explain.html) API to diagnose the problem. +Run [`POST /_cluster/reroute?retry_failed=true`](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-reroute) API to retry. If it still fails, rerun the [Cluster allocation explain](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-allocation-explain) API to diagnose the problem. diff --git a/raw-migrated-files/cloud/cloud/ec-scenario_why_is_my_node_unavailable.md b/raw-migrated-files/cloud/cloud/ec-scenario_why_is_my_node_unavailable.md index 8bba3ccba5..44248cbbbb 100644 --- a/raw-migrated-files/cloud/cloud/ec-scenario_why_is_my_node_unavailable.md +++ b/raw-migrated-files/cloud/cloud/ec-scenario_why_is_my_node_unavailable.md @@ -49,7 +49,7 @@ If your issue is not addressed here, then [contact Elastic support for help](../ **Resolution** -* [Delete unused data](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-delete-index.html). +* [Delete unused data](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-delete). * Increase the disk size on your Hot data and Content tier (scale up). ::::{note} @@ -96,7 +96,7 @@ If your {{es}} cluster is unhealthy and reports a status of red, then increasing **Resolution** -* [Delete unused data](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-delete-index.html). +* [Delete unused data](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-delete). * Increase the disk size (scale up). ::::{note} @@ -177,7 +177,7 @@ If your {{es}} cluster is unhealthy and reports a status of red, the scale up co * If the master node is overwhelmed by internal tasks initiated by users: - * Check [cluster-level pending tasks](https://www.elastic.co/guide/en/elasticsearch/reference/current/cat-pending-tasks.html). + * Check [cluster-level pending tasks](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cat-pending-tasks). * Reduce the number of Machine Learning jobs or watches. * Change the number of ingest pipelines or processors to use less memory. @@ -260,7 +260,7 @@ Stack Monitoring comes with out-of-the-box rules, but you need to enable them wh * If the master node is overwhelmed by internal tasks initiated by users: - * Check [cluster-level pending tasks](https://www.elastic.co/guide/en/elasticsearch/reference/current/cat-pending-tasks.html). + * Check [cluster-level pending tasks](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cat-pending-tasks). * Reduce the number of Machine Learning jobs or watches. * Change the number of ingest pipelines or processors to use less memory. @@ -298,7 +298,7 @@ Stack Monitoring comes with out-of-the-box rules, but you need to enable them wh * Routing stopped: A failed {{es}} configuration might stop the nodes routing. Restart the routing manually to bring the node back to health. * Disk/memory/CPU saturated: - * [Delete unused data](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-delete-index.html). + * [Delete unused data](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-delete). * Increase disk size. * [Enable autoscaling](../../../deploy-manage/autoscaling.md). * Configuration of [ILM](../../../manage-data/lifecycle/index-lifecycle-management.md) policies. diff --git a/raw-migrated-files/cloud/cloud/ec-working-with-elasticsearch.md b/raw-migrated-files/cloud/cloud/ec-working-with-elasticsearch.md index f21e0d276b..f34a11e3f5 100644 --- a/raw-migrated-files/cloud/cloud/ec-working-with-elasticsearch.md +++ b/raw-migrated-files/cloud/cloud/ec-working-with-elasticsearch.md @@ -97,7 +97,7 @@ Either a `GET` or a `POST` request with some URI search parameters works, or omi curl -u USER:PASSWORD https://ELASTICSEARCH_URL/my_index/_doc/_search?q=title:T* ``` -For an explanation of the allowed parameters, check [URI Search](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-search.html). +For an explanation of the allowed parameters, check [URI Search](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-search). To make {{es}} return a more human readable JSON response, add `?pretty=true` to the request: @@ -111,7 +111,7 @@ curl -u USER:PASSWORD https://ELASTICSEARCH_URL/my_index/_doc/_search?pretty=tru For performance reasons, `?pretty=true` is not recommended in production. You can verify the performance difference yourself by checking the `took` field in the JSON response which tells you how long Elasticsearch took to evaluate the search in milliseconds. When we tested these examples ourselves, the difference was `"took" : 4` against `"took" : 18`, a substantial difference. -For a full explanation of how the request body is structured, check [Elasticsearch Request Body documentation](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-request-body.html). You can also execute multiple queries in one request with the [Multi Search API](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-multi-search.html). +For a full explanation of how the request body is structured, check [Elasticsearch Request Body documentation](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-request-body.html). You can also execute multiple queries in one request with the [Multi Search API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-msearch). ## Deleting [ec_deleting] diff --git a/raw-migrated-files/docs-content/serverless/general-ml-nlp-auto-scale.md b/raw-migrated-files/docs-content/serverless/general-ml-nlp-auto-scale.md index ee0114ab48..e0f4f363f9 100644 --- a/raw-migrated-files/docs-content/serverless/general-ml-nlp-auto-scale.md +++ b/raw-migrated-files/docs-content/serverless/general-ml-nlp-auto-scale.md @@ -29,9 +29,9 @@ If you set the minimum number of allocations to 1, you will be charged even if t You can enable adaptive allocations by using: * the create inference endpoint API for [ELSER](../../../solutions/search/inference-api/elser-inference-integration.md), [E5 and models uploaded through Eland](../../../solutions/search/inference-api/elasticsearch-inference-integration.md) that are used as inference services. -* the [start trained model deployment](https://www.elastic.co/guide/en/elasticsearch/reference/current/start-trained-model-deployment.html) or [update trained model deployment](https://www.elastic.co/guide/en/elasticsearch/reference/current/update-trained-model-deployment.html) APIs for trained models that are deployed on machine learning nodes. +* the [start trained model deployment](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-ml-start-trained-model-deployment) or [update trained model deployment](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-ml-update-trained-model-deployment) APIs for trained models that are deployed on machine learning nodes. -If the new allocations fit on the current machine learning nodes, they are immediately started. If more resource capacity is needed for creating new model allocations, then your machine learning node will be scaled up if machine learning autoscaling is enabled to provide enough resources for the new allocation. The number of model allocations can be scaled down to 0. They cannot be scaled up to more than 32 allocations, unless you explicitly set the maximum number of allocations to more. Adaptive allocations must be set up independently for each deployment and [inference endpoint](https://www.elastic.co/guide/en/elasticsearch/reference/current/put-inference-api.html). +If the new allocations fit on the current machine learning nodes, they are immediately started. If more resource capacity is needed for creating new model allocations, then your machine learning node will be scaled up if machine learning autoscaling is enabled to provide enough resources for the new allocation. The number of model allocations can be scaled down to 0. They cannot be scaled up to more than 32 allocations, unless you explicitly set the maximum number of allocations to more. Adaptive allocations must be set up independently for each deployment and [inference endpoint](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-inference-put). When you create inference endpoints on Serverless using Kibana, adaptive allocations are automatically turned on, and there is no option to disable them. diff --git a/raw-migrated-files/docs-content/serverless/observability-ai-assistant.md b/raw-migrated-files/docs-content/serverless/observability-ai-assistant.md index 5f8dfcb773..2c6b403699 100644 --- a/raw-migrated-files/docs-content/serverless/observability-ai-assistant.md +++ b/raw-migrated-files/docs-content/serverless/observability-ai-assistant.md @@ -125,7 +125,7 @@ To add external data to the knowledge base in the Project Settings UI: ### Use the {{es}} Index API [observability-ai-assistant-use-the-es-index-api] -1. Ingest external data (GitHub issues, Markdown files, Jira tickets, text files, etc.) into {{es}} using the {{es}} [Index API](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-index_.html). +1. Ingest external data (GitHub issues, Markdown files, Jira tickets, text files, etc.) into {{es}} using the {{es}} [Index API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-create). 2. Reindex your data into the AI Assistant’s knowledge base index by completing the following query in **Developer Tools** → **Console**. Update the following fields before reindexing: * `InternalDocsIndex`: Name of the index where your internal documents are stored. diff --git a/raw-migrated-files/docs-content/serverless/observability-parse-log-data.md b/raw-migrated-files/docs-content/serverless/observability-parse-log-data.md index 120cc51a74..4ec08736e4 100644 --- a/raw-migrated-files/docs-content/serverless/observability-parse-log-data.md +++ b/raw-migrated-files/docs-content/serverless/observability-parse-log-data.md @@ -154,7 +154,7 @@ The previous command sets the following values for your ingest pipeline: #### Test the pipeline with the simulate pipeline API [observability-parse-log-data-test-the-pipeline-with-the-simulate-pipeline-api] -The [simulate pipeline API](https://www.elastic.co/guide/en/elasticsearch/reference/current/simulate-pipeline-api.html#ingest-verbose-param) runs the ingest pipeline without storing any documents. This lets you verify your pipeline works using multiple documents. +The [simulate pipeline API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-ingest-simulate) runs the ingest pipeline without storing any documents. This lets you verify your pipeline works using multiple documents. Run the following command to test your ingest pipeline with the simulate pipeline API. @@ -347,7 +347,7 @@ In addition to setting an ingest pipeline, you need to set an index template. Us #### Test the pipeline with the simulate API [observability-parse-log-data-test-the-pipeline-with-the-simulate-api] -Test that your ingest pipeline works as expected with the [simulate pipeline API](https://www.elastic.co/guide/en/elasticsearch/reference/current/simulate-pipeline-api.html#ingest-verbose-param): +Test that your ingest pipeline works as expected with the [simulate pipeline API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-ingest-simulate): ```console POST _ingest/pipeline/logs-example-default/_simulate @@ -519,7 +519,7 @@ In addition to setting an ingest pipeline, you need to set an index template. Us #### Test the pipeline with the simulate API [observability-parse-log-data-test-the-pipeline-with-the-simulate-api-1] -Test that your ingest pipeline works as expected with the [simulate pipeline API](https://www.elastic.co/guide/en/elasticsearch/reference/current/simulate-pipeline-api.html#ingest-verbose-param): +Test that your ingest pipeline works as expected with the [simulate pipeline API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-ingest-simulate): ```console POST _ingest/pipeline/logs-example-default/_simulate diff --git a/raw-migrated-files/docs-content/serverless/observability-troubleshoot-logs.md b/raw-migrated-files/docs-content/serverless/observability-troubleshoot-logs.md index 7c87384a98..814007c939 100644 --- a/raw-migrated-files/docs-content/serverless/observability-troubleshoot-logs.md +++ b/raw-migrated-files/docs-content/serverless/observability-troubleshoot-logs.md @@ -142,7 +142,7 @@ Aggregations on this field would no longer be supported, but the contents would To convert the `keyword` field to a `text` field: 1. Create a new index with the `text` field data type. -2. Reindex from the `_source` field of the source index using the [`_reindex` API](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-reindex.html). +2. Reindex from the `_source` field of the source index using the [`_reindex` API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex). ### Date format mismatch [logs-mapping-troubleshooting-date-mismatch] diff --git a/raw-migrated-files/docs-content/serverless/security-about-rules.md b/raw-migrated-files/docs-content/serverless/security-about-rules.md index be6fa47141..6f84970cf1 100644 --- a/raw-migrated-files/docs-content/serverless/security-about-rules.md +++ b/raw-migrated-files/docs-content/serverless/security-about-rules.md @@ -25,7 +25,7 @@ You can create the following types of rules: For example, if the threshold `field` is `source.ip` and its `value` is `10`, an alert is generated for every source IP address that appears in at least 10 of the rule’s search results. * [**Event correlation**](../../../solutions/security/detect-and-alert/create-detection-rule.md#create-eql-rule): Searches the defined indices and creates an alert when results match an [Event Query Language (EQL)](../../../explore-analyze/query-filter/languages/eql.md) query. -* [**Indicator match**](../../../solutions/security/detect-and-alert/create-detection-rule.md#create-indicator-rule): Creates an alert when {{elastic-sec}} index field values match field values defined in the specified indicator index patterns. For example, you can create an indicator index for IP addresses and use this index to create an alert whenever an event’s `destination.ip` equals a value in the index. Indicator index field mappings should be [ECS-compliant](https://www.elastic.co/guide/en/ecs/{{ecs_version}}). For information on creating {{es}} indices and field types, see [Index some documents](https://www.elastic.co/guide/en/starting-with-the-elasticsearch-platform-and-its-solutions/current/getting-started-general-purpose.html#gp-gs-add-data), [Create index API](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-create-index.html), and [Field data types](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-types.html). If you have indicators in a standard file format, such as CSV or JSON, you can also use the Machine Learning Data Visualizer to import your indicators into an indicator index. See [Explore the data in {{kib}}](../../../explore-analyze/machine-learning/anomaly-detection/ml-getting-started.md#sample-data-visualizer) and use the **Import Data** option to import your indicators. +* [**Indicator match**](../../../solutions/security/detect-and-alert/create-detection-rule.md#create-indicator-rule): Creates an alert when {{elastic-sec}} index field values match field values defined in the specified indicator index patterns. For example, you can create an indicator index for IP addresses and use this index to create an alert whenever an event’s `destination.ip` equals a value in the index. Indicator index field mappings should be [ECS-compliant](https://www.elastic.co/guide/en/ecs/{{ecs_version}}). For information on creating {{es}} indices and field types, see [Index some documents](https://www.elastic.co/guide/en/starting-with-the-elasticsearch-platform-and-its-solutions/current/getting-started-general-purpose.html#gp-gs-add-data), [Create index API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-create), and [Field data types](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-types.html). If you have indicators in a standard file format, such as CSV or JSON, you can also use the Machine Learning Data Visualizer to import your indicators into an indicator index. See [Explore the data in {{kib}}](../../../explore-analyze/machine-learning/anomaly-detection/ml-getting-started.md#sample-data-visualizer) and use the **Import Data** option to import your indicators. ::::{tip} You can also use value lists as the indicator match index. See [Use value lists with indicator match rules](../../../solutions/security/detect-and-alert/create-detection-rule.md#indicator-value-lists) at the end of this topic for more information. diff --git a/raw-migrated-files/docs-content/serverless/security-data-quality-dash.md b/raw-migrated-files/docs-content/serverless/security-data-quality-dash.md index fe51130ede..da07179596 100644 --- a/raw-migrated-files/docs-content/serverless/security-data-quality-dash.md +++ b/raw-migrated-files/docs-content/serverless/security-data-quality-dash.md @@ -25,8 +25,8 @@ Use the Data Quality dashboard to: To use the Data Quality dashboard, you need the appropriate user role with the following privileges for each index you want to check: * `monitor` or `manage` -* `view_index_metadata` or `manage` (required for the [Get mapping API](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-get-mapping.html)) -* `read` (required for the [Search API](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-search.html)) +* `view_index_metadata` or `manage` (required for the [Get mapping API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-get-mapping)) +* `read` (required for the [Search API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-search)) :::: diff --git a/raw-migrated-files/docs-content/serverless/security-detection-engine-overview.md b/raw-migrated-files/docs-content/serverless/security-detection-engine-overview.md index 0071d4bd93..07fd480096 100644 --- a/raw-migrated-files/docs-content/serverless/security-detection-engine-overview.md +++ b/raw-migrated-files/docs-content/serverless/security-detection-engine-overview.md @@ -19,7 +19,7 @@ If you want to receive notifications via external systems, such as Slack or emai After rules have started running, you can monitor their executions to verify they are functioning correctly, as well as view, manage, and troubleshoot alerts (see [Manage detection alerts](../../../solutions/security/detect-and-alert/manage-detection-alerts.md) and [Monitor and troubleshoot rule executions](../../../troubleshoot/security/detection-rules.md)). -You can create and manage rules and alerts via the UI or the [Detections API](https://www.elastic.co/guide/en/security/current/rule-api-overview.html). +You can create and manage rules and alerts via the UI or the [Detections API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-detections-api). ::::{important} To make sure you can access Detections and manage rules, see [Detections prerequisites and requirements](../../../solutions/security/detect-and-alert/detections-requirements.md). diff --git a/raw-migrated-files/docs-content/serverless/security-rules-create.md b/raw-migrated-files/docs-content/serverless/security-rules-create.md index 524cbf7209..e1a0a22e12 100644 --- a/raw-migrated-files/docs-content/serverless/security-rules-create.md +++ b/raw-migrated-files/docs-content/serverless/security-rules-create.md @@ -758,7 +758,7 @@ The following variables can only be passed if the rule’s action frequency is f #### Alert placeholder examples [placeholder-examples] -To understand which fields to parse, see the [Detections API](https://www.elastic.co/guide/en/security/current/rule-api-overview.html) to view the JSON representation of rules. +To understand which fields to parse, see the [Detections API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-detections-api) to view the JSON representation of rules. Example using `{{context.rule.filters}}` to output a list of filters: diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/active-directory-realm.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/active-directory-realm.md index 7709840c5c..34287fde10 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/active-directory-realm.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/active-directory-realm.md @@ -124,7 +124,7 @@ To integrate with Active Directory, you configure an `active_directory` realm an Since with the `active_directory` realm the users are managed externally in the Active Directory server, the expectation is that their roles are managed there as well. In fact, Active Directory supports the notion of groups, which often represent user roles for different systems in the organization. - The `active_directory` realm enables you to map Active Directory users to roles via their Active Directory groups or other metadata. This role mapping can be configured via the [role-mapping APIs](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api.html#security-role-mapping-apis) or by using a file stored on each node. When a user authenticates against an Active Directory realm, the privileges for that user are the union of all privileges defined by the roles to which the user is mapped. + The `active_directory` realm enables you to map Active Directory users to roles via their Active Directory groups or other metadata. This role mapping can be configured via the [role-mapping APIs](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-security) or by using a file stored on each node. When a user authenticates against an Active Directory realm, the privileges for that user are the union of all privileges defined by the roles to which the user is mapped. Within a mapping definition, you specify groups using their distinguished names. For example, the following mapping configuration maps the Active Directory `admins` group to both the `monitoring` and `user` roles, maps the `users` group to the `user` role and maps the `John Doe` user to the `user` role. @@ -199,7 +199,7 @@ When a user is authenticated via an Active Directory realm, the following proper | `ldap_dn` | The distinguished name of the user. | | `ldap_groups` | The distinguished name of each of the groups that were resolved for the user (regardless of whether those groups were mapped to a role). | -This metadata is returned in the [authenticate API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-authenticate.html) and can be used with [templated queries](../../../deploy-manage/users-roles/cluster-or-deployment-auth/controlling-access-at-document-field-level.md#templating-role-query) in roles. +This metadata is returned in the [authenticate API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-authenticate) and can be used with [templated queries](../../../deploy-manage/users-roles/cluster-or-deployment-auth/controlling-access-at-document-field-level.md#templating-role-query) in roles. Additional metadata can be extracted from the Active Directory server by configuring the `metadata` setting on the Active Directory realm. diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/built-in-users.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/built-in-users.md index 2fc1dea898..3a3e50c9d1 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/built-in-users.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/built-in-users.md @@ -42,7 +42,7 @@ On {{ecloud}}, [operator privileges](../../../deploy-manage/users-roles/cluster- These built-in users are stored in a special `.security` index, which is managed by {{es}}. If a built-in user is disabled or its password changes, the change is automatically reflected on each node in the cluster. If your `.security` index is deleted or restored from a snapshot, however, any changes you have applied are lost. -Although they share the same API, the built-in users are separate and distinct from users managed by the [native realm](../../../deploy-manage/users-roles/cluster-or-deployment-auth/native.md). Disabling the native realm will not have any effect on the built-in users. The built-in users can be disabled individually, using the [disable users API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-disable-user.html). +Although they share the same API, the built-in users are separate and distinct from users managed by the [native realm](../../../deploy-manage/users-roles/cluster-or-deployment-auth/native.md). Disabling the native realm will not have any effect on the built-in users. The built-in users can be disabled individually, using the [disable users API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-disable-user). ## The Elastic bootstrap password [bootstrap-elastic-passwords] @@ -74,7 +74,7 @@ After you set a password for the `elastic` user, the bootstrap password is no lo :::: -Alternatively, you can set the initial passwords for the built-in users by using the **Management > Users** page in {{kib}} or the [change password API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-change-password.html). These methods are more complex. You must supply the `elastic` user and its bootstrap password to log in to {{kib}} or run the API. This requirement means that you cannot use the default bootstrap password that is derived from the `keystore.seed` setting. Instead, you must explicitly set a `bootstrap.password` setting in the keystore before you start {{es}}. For example, the following command prompts you to enter a new bootstrap password: +Alternatively, you can set the initial passwords for the built-in users by using the **Management > Users** page in {{kib}} or the [change password API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-change-password). These methods are more complex. You must supply the `elastic` user and its bootstrap password to log in to {{kib}} or run the API. This requirement means that you cannot use the default bootstrap password that is derived from the `keystore.seed` setting. Instead, you must explicitly set a `bootstrap.password` setting in the keystore before you start {{es}}. For example, the following command prompts you to enter a new bootstrap password: ```shell bin/elasticsearch-keystore add "bootstrap.password" @@ -128,7 +128,7 @@ For example, see [Monitoring {{metricbeat}}](https://www.elastic.co/guide/en/bea The `remote_monitoring_user` is used when {{metricbeat}} collects and stores monitoring data for the {{stack}}. See [*Monitoring in a production environment*](../../../deploy-manage/monitor/stack-monitoring/elasticsearch-monitoring-self-managed.md). -If you have upgraded from an older version of {{es}}, then you may not have set a password for the `beats_system` or `remote_monitoring_user` users. If this is the case, then you should use the **Management > Users** page in {{kib}} or the [change password API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-change-password.html) to set a password for these users. +If you have upgraded from an older version of {{es}}, then you may not have set a password for the `beats_system` or `remote_monitoring_user` users. If this is the case, then you should use the **Management > Users** page in {{kib}} or the [change password API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-change-password) to set a password for these users. ## Adding built-in user passwords to APM [add-built-in-user-apm] @@ -142,7 +142,7 @@ xpack.monitoring.elasticsearch.username: apm_system xpack.monitoring.elasticsearch.password: apmserverpassword ``` -If you have upgraded from an older version of {{es}}, then you may not have set a password for the `apm_system` user. If this is the case, then you should use the **Management > Users** page in {{kib}} or the [change password API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-change-password.html) to set a password for these users. +If you have upgraded from an older version of {{es}}, then you may not have set a password for the `apm_system` user. If this is the case, then you should use the **Management > Users** page in {{kib}} or the [change password API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-change-password) to set a password for these users. ## Disabling default password functionality [disabling-default-password] diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/change-passwords-native-users.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/change-passwords-native-users.md index 0a6b77e0d1..21888904b1 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/change-passwords-native-users.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/change-passwords-native-users.md @@ -1,6 +1,6 @@ # Setting passwords for native and built-in users [change-passwords-native-users] -After you implement security, you might need or want to change passwords for different users. You can use the [`elasticsearch-reset-password`](https://www.elastic.co/guide/en/elasticsearch/reference/current/reset-password.html) tool or the [change passwords API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-change-password.html) to change passwords for native users and [built-in users](../../../deploy-manage/users-roles/cluster-or-deployment-auth/built-in-users.md), such as the `elastic` or `kibana_system` users. +After you implement security, you might need or want to change passwords for different users. You can use the [`elasticsearch-reset-password`](https://www.elastic.co/guide/en/elasticsearch/reference/current/reset-password.html) tool or the [change passwords API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-change-password) to change passwords for native users and [built-in users](../../../deploy-manage/users-roles/cluster-or-deployment-auth/built-in-users.md), such as the `elastic` or `kibana_system` users. For example, the following command changes the password for a user with the username `user1` to an auto-generated value, and prints the new password to the terminal: diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/data-streams.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/data-streams.md index 88a494817d..befa980ff7 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/data-streams.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/data-streams.md @@ -61,15 +61,15 @@ You cannot add new documents to other backing indices, even by sending requests You also cannot perform operations on a write index that may hinder indexing, such as: -* [Clone](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-clone-index.html) -* [Delete](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-delete-index.html) -* [Shrink](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-shrink-index.html) -* [Split](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-split-index.html) +* [Clone](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-clone) +* [Delete](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-delete) +* [Shrink](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-shrink) +* [Split](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-split) ## Rollover [data-streams-rollover] -A [rollover](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-rollover-index.html) creates a new backing index that becomes the stream’s new write index. +A [rollover](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-rollover) creates a new backing index that becomes the stream’s new write index. We recommend using [{{ilm-init}}](../../../manage-data/lifecycle/index-lifecycle-management.md) to automatically roll over data streams when the write index reaches a specified age or size. If needed, you can also [manually roll over](../../../manage-data/data-store/index-types/use-data-stream.md#manually-roll-over-a-data-stream) a data stream. @@ -86,7 +86,7 @@ When a backing index is created, the index is named using the following conventi `` is the backing index’s creation date. Backing indices with a higher generation contain more recent data. For example, the `web-server-logs` data stream has a generation of `34`. The stream’s most recent backing index, created on 7 March 2099, is named `.ds-web-server-logs-2099.03.07-000034`. -Some operations, such as a [shrink](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-shrink-index.html) or [restore](../../../deploy-manage/tools/snapshot-and-restore/restore-snapshot.md), can change a backing index’s name. These name changes do not remove a backing index from its data stream. +Some operations, such as a [shrink](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-shrink) or [restore](../../../deploy-manage/tools/snapshot-and-restore/restore-snapshot.md), can change a backing index’s name. These name changes do not remove a backing index from its data stream. The generation of the data stream can change without a new index being added to the data stream (e.g. when an existing backing index is shrunk). This means the backing indices for some generations will never exist. You should not derive any intelligence from the backing indices names. diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/defining-roles.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/defining-roles.md index ca42b0b463..750aadf534 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/defining-roles.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/defining-roles.md @@ -116,14 +116,14 @@ The following describes the structure of an application privileges entry: 3. The resources to which those privileges apply. These are handled in the same way as index name pattern in `indices` permissions. These resources do not have any special meaning to the {{es}} {security-features}. -For details about the validation rules for these fields, see the [add application privileges API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-privileges.html). +For details about the validation rules for these fields, see the [add application privileges API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-put-privileges). -A role may refer to application privileges that do not exist - that is, they have not yet been defined through the add application privileges API (or they were defined, but have since been deleted). In this case, the privilege has no effect, and will not grant any actions in the [has privileges API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-has-privileges.html). +A role may refer to application privileges that do not exist - that is, they have not yet been defined through the add application privileges API (or they were defined, but have since been deleted). In this case, the privilege has no effect, and will not grant any actions in the [has privileges API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-has-privileges). ## Remote indices privileges [roles-remote-indices-priv] -For [remote clusters configured with the API key based model](../../../deploy-manage/remote-clusters/remote-clusters-api-key.md), remote indices privileges can be used to specify desired indices privileges for matching remote clusters. The final effective index privileges will be an intersection of the remote indices privileges and the [cross-cluster API key](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-create-cross-cluster-api-key.html)'s indices privileges. +For [remote clusters configured with the API key based model](../../../deploy-manage/remote-clusters/remote-clusters-api-key.md), remote indices privileges can be used to specify desired indices privileges for matching remote clusters. The final effective index privileges will be an intersection of the remote indices privileges and the [cross-cluster API key](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-create-cross-cluster-api-key)'s indices privileges. ::::{note} Remote indices are effective for remote clusters configured with the API key based model. They have no effect for remote clusters configured with the certificate based model. @@ -171,7 +171,7 @@ The following describes the structure of a remote cluster permissions entry: ``` 1. A list of remote cluster aliases. It supports literal strings as well as [wildcards](https://www.elastic.co/guide/en/elasticsearch/reference/current/api-conventions.html#api-multi-index) and [regular expressions](https://www.elastic.co/guide/en/elasticsearch/reference/current/regexp-syntax.html). This field is required. -2. The cluster level privileges for the remote cluster. The allowed values here are a subset of the [cluster privileges](../../../deploy-manage/users-roles/cluster-or-deployment-auth/elasticsearch-privileges.md#privileges-list-cluster). The [builtin privileges API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-builtin-privileges.html#security-api-get-builtin-privileges-request) can be used to determine which privileges are allowed here. This field is required. +2. The cluster level privileges for the remote cluster. The allowed values here are a subset of the [cluster privileges](../../../deploy-manage/users-roles/cluster-or-deployment-auth/elasticsearch-privileges.md#privileges-list-cluster). The [builtin privileges API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-get-builtin-privileges) can be used to determine which privileges are allowed here. This field is required. @@ -220,7 +220,7 @@ You can manage users and roles easily in {{kib}}. To manage roles, log in to {{k ## Role management API [roles-management-api] -The *Role Management APIs* enable you to add, update, remove and retrieve roles dynamically. When you use the APIs to manage roles in the `native` realm, the roles are stored in an internal {{es}} index. For more information and examples, see [Roles](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api.html#security-role-apis). +The *Role Management APIs* enable you to add, update, remove and retrieve roles dynamically. When you use the APIs to manage roles in the `native` realm, the roles are stored in an internal {{es}} index. For more information and examples, see [Roles](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-security). ## File-based role management [roles-management-file] diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/es-security-principles.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/es-security-principles.md index 868e461df2..94438a8429 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/es-security-principles.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/es-security-principles.md @@ -15,7 +15,7 @@ Never try to run {{es}} as the `root` user, which would invalidate any defense s ## Protect {{es}} from public internet traffic [security-protect-cluster-traffic] -Even with security enabled, never expose {{es}} to public internet traffic. Using an application to sanitize requests to {{es}} still poses risks, such as a malicious user writing [`_search`](https://www.elastic.co/guide/en/elasticsearch/reference/current/search.html) requests that could overwhelm an {{es}} cluster and bring it down. Keep {{es}} as isolated as possible, preferably behind a firewall and a VPN. Any internet-facing applications should run pre-canned aggregations, or not run aggregations at all. +Even with security enabled, never expose {{es}} to public internet traffic. Using an application to sanitize requests to {{es}} still poses risks, such as a malicious user writing [`_search`](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-search) requests that could overwhelm an {{es}} cluster and bring it down. Keep {{es}} as isolated as possible, preferably behind a firewall and a VPN. Any internet-facing applications should run pre-canned aggregations, or not run aggregations at all. While you absolutely shouldn’t expose {{es}} directly to the internet, you also shouldn’t expose {{es}} directly to users. Instead, use an intermediary application to make requests on behalf of users. This implementation allows you to track user behaviors, such as can submit requests, and to which specific nodes in the cluster. For example, you can implement an application that accepts a search term from a user and funnels it through a [`simple_query_string`](https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-simple-query-string-query.html) query. diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/esql-using.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/esql-using.md index 99f4193f75..eeb08fc705 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/esql-using.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/esql-using.md @@ -1,7 +1,7 @@ # Using {{esql}} [esql-using] [REST API](../../../explore-analyze/query-filter/languages/esql-rest.md) -: Information about using the [{{esql}} query APIs](https://www.elastic.co/guide/en/elasticsearch/reference/current/esql-apis.html). +: Information about using the [{{esql}} query APIs](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-esql). [Using {{esql}} in {{kib}}](../../../explore-analyze/query-filter/languages/esql-kibana.md) : Using {{esql}} in {{kib}} to query and aggregate your data, create visualizations, and set up alerts. @@ -16,7 +16,7 @@ : Using {{esql}} to query across multiple clusters. [Task management](../../../explore-analyze/query-filter/languages/esql-task-management.md) -: Using the [task management API](https://www.elastic.co/guide/en/elasticsearch/reference/current/tasks.html) to list and cancel {{esql}} queries. +: Using the [task management API](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-tasks) to list and cancel {{esql}} queries. diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/field-and-document-access-control.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/field-and-document-access-control.md index 763520a86b..2ee35aad2f 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/field-and-document-access-control.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/field-and-document-access-control.md @@ -124,7 +124,7 @@ For more information see [Ingest pipelines](../../../manage-data/ingest/transfor ## Field and document level security with Cross-cluster API keys [ccx-apikeys-dls-fls] -[Cross-Cluster API keys](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-create-cross-cluster-api-key.html) can be used to authenticate requests to a remote cluster. The `search` parameter defines permissions for cross-cluster search. The `replication` parameter defines permissions for cross-cluster replication. +[Cross-Cluster API keys](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-create-cross-cluster-api-key) can be used to authenticate requests to a remote cluster. The `search` parameter defines permissions for cross-cluster search. The `replication` parameter defines permissions for cross-cluster replication. `replication` does not support any field or document level security. `search` supports field and document level security. diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/file-realm.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/file-realm.md index 2c0b27ee9e..60dd7abdd7 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/file-realm.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/file-realm.md @@ -3,7 +3,7 @@ You can manage and authenticate users with the built-in `file` realm. With the `file` realm, users are defined in local files on each node in the cluster. ::::{important} -As the administrator of the cluster, it is your responsibility to ensure the same users are defined on every node in the cluster. The {{stack}} {security-features} do not deliver any mechanism to guarantee this. You should also be aware that you cannot add or manage users in the `file` realm via the [user APIs](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api.html#security-user-apis) and you cannot add or manage them in {{kib}} on the **Management / Security / Users** page +As the administrator of the cluster, it is your responsibility to ensure the same users are defined on every node in the cluster. The {{stack}} {security-features} do not deliver any mechanism to guarantee this. You should also be aware that you cannot add or manage users in the `file` realm via the [user APIs](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-security) and you cannot add or manage them in {{kib}} on the **Management / Security / Users** page :::: diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/fips-140-compliance.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/fips-140-compliance.md index 2fe3bf781e..42a5002d43 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/fips-140-compliance.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/fips-140-compliance.md @@ -92,7 +92,7 @@ You can still use one of the plain `pbkdf2` options instead of `pbkdf2_stretch` You must set the `xpack.security.authc.password_hashing.algorithm` setting to one of the available `pbkdf_stretch_*` values. When FIPS-140 mode is enabled, the default value for `xpack.security.authc.password_hashing.algorithm` is `pbkdf2_stretch`. See [User cache and password hash algorithms](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-settings.html#hashing-settings). -Password hashing configuration changes are not retroactive so the stored hashed credentials of existing users of the reserved, native, and file realms are not updated on disk. To ensure FIPS 140-2 compliance, recreate users or change their password using the [elasticsearch-user](https://www.elastic.co/guide/en/elasticsearch/reference/current/users-command.html) CLI tool for the file realm and the [create users](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-user.html) and [change password](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-change-password.html) APIs for the native and reserved realms. Other types of realms are not affected and do not require any changes. +Password hashing configuration changes are not retroactive so the stored hashed credentials of existing users of the reserved, native, and file realms are not updated on disk. To ensure FIPS 140-2 compliance, recreate users or change their password using the [elasticsearch-user](https://www.elastic.co/guide/en/elasticsearch/reference/current/users-command.html) CLI tool for the file realm and the [create users](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-put-user) and [change password](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-change-password) APIs for the native and reserved realms. Other types of realms are not affected and do not require any changes. ### Cached password hashing [_cached_password_hashing] diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/index-lifecycle-management.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/index-lifecycle-management.md index 77e3ff5c8f..d848815140 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/index-lifecycle-management.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/index-lifecycle-management.md @@ -26,6 +26,6 @@ To automatically back up your indices and manage snapshots, use [snapshot lifecy * [*Manage existing indices*](../../../manage-data/lifecycle/index-lifecycle-management/manage-existing-indices.md) * [*Skip rollover*](../../../manage-data/lifecycle/index-lifecycle-management/skip-rollover.md) * [*Restore a managed data stream or index*](../../../manage-data/lifecycle/index-lifecycle-management/restore-managed-data-stream-index.md) -* [*{{ilm-cap}} APIs*](https://www.elastic.co/guide/en/elasticsearch/reference/current/index-lifecycle-management-api.html) +* [*{{ilm-cap}} APIs*](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-ilm) * [*Index lifecycle actions*](https://www.elastic.co/guide/en/elasticsearch/reference/current/ilm-actions.html) diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/index-mgmt.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/index-mgmt.md index 78c06fccf2..30187999a2 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/index-mgmt.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/index-mgmt.md @@ -13,7 +13,7 @@ If you use {{es}} {security-features}, the following [security privileges](../.. * The `view_index_metadata` and `manage` index privileges to view a data stream or index’s data. * The `manage_index_templates` cluster privilege to manage index templates. -To add these privileges, go to **Stack Management > Security > Roles** or use the [Create or update roles API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-role.html). +To add these privileges, go to **Stack Management > Security > Roles** or use the [Create or update roles API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-put-role). ## Manage indices [view-edit-indices] @@ -25,8 +25,8 @@ Investigate your indices and perform operations from the **Indices** view. :class: screenshot ::: -* To show details and perform operations such as close, forcemerge, and flush, click the index name. To perform operations on multiple indices, select their checkboxes and then open the **Manage** menu. For more information on managing indices, refer to [Index APIs](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices.html). -* To filter the list of indices, use the search bar or click a badge. Badges indicate if an index is a [follower index](https://www.elastic.co/guide/en/elasticsearch/reference/current/ccr-put-follow.html), a [rollup index](https://www.elastic.co/guide/en/elasticsearch/reference/current/rollup-get-rollup-index-caps.html), or [frozen](https://www.elastic.co/guide/en/elasticsearch/reference/current/unfreeze-index-api.html). +* To show details and perform operations such as close, forcemerge, and flush, click the index name. To perform operations on multiple indices, select their checkboxes and then open the **Manage** menu. For more information on managing indices, refer to [Index APIs](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-indices). +* To filter the list of indices, use the search bar or click a badge. Badges indicate if an index is a [follower index](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-ccr-follow), a [rollup index](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-rollup-get-rollup-index-caps), or [frozen](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-unfreeze). * To drill down into the index [mappings](../../../manage-data/data-store/mapping.md), [settings](https://www.elastic.co/guide/en/elasticsearch/reference/current/index-modules.html#index-modules-settings), and statistics, click an index name. From this view, you can navigate to **Discover** to further explore the documents in the index. :::{image} ../../../images/elasticsearch-reference-management_index_details.png @@ -82,7 +82,7 @@ In this tutorial, you’ll create an index template and use it to configure two **Step 2. Add settings, mappings, and aliases** -1. Add [component templates](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-component-template.html) to your index template. +1. Add [component templates](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-put-component-template) to your index template. Component templates are pre-configured sets of mappings, index settings, and aliases you can reuse across multiple index templates. Badges indicate whether a component template contains mappings (**M**), index settings (**S**), aliases (**A**), or a combination of the three. @@ -168,7 +168,7 @@ You’re now ready to create new indices using your index template. } ``` -2. Use the [get index API](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-get-index.html) to view the configurations for the new indices. The indices were configured using the index template you created earlier. +2. Use the [get index API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-get) to view the configurations for the new indices. The indices were configured using the index template you created earlier. ```console GET /my-index-000001,my-index-000002 diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/ingest-enriching-data.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/ingest-enriching-data.md index 240dca1384..93d9d84f03 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/ingest-enriching-data.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/ingest-enriching-data.md @@ -36,7 +36,7 @@ An enrich policy contains: * A *match field* from the source indices used to match incoming documents * *Enrich fields* containing enrich data from the source indices you want to add to incoming documents -Before it can be used with an enrich processor, an enrich policy must be [executed](https://www.elastic.co/guide/en/elasticsearch/reference/current/execute-enrich-policy-api.html). When executed, an enrich policy uses enrich data from the policy’s source indices to create a streamlined system index called the *enrich index*. The processor uses this index to match and enrich incoming documents. +Before it can be used with an enrich processor, an enrich policy must be [executed](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-enrich-execute-policy). When executed, an enrich policy uses enrich data from the policy’s source indices to create a streamlined system index called the *enrich index*. The processor uses this index to match and enrich incoming documents. $$$source-index$$$ @@ -56,7 +56,7 @@ Enrich indices contain enrich data from source indices but have a few special pr * They are system indices, meaning they’re managed internally by {{es}} and only intended for use with enrich processors and the {{esql}} `ENRICH` command. * They always begin with `.enrich-*`. * They are read-only, meaning you can’t directly change them. -* They are [force merged](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-forcemerge.html) for fast retrieval. +* They are [force merged](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-forcemerge) for fast retrieval. diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/jwt-auth-realm.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/jwt-auth-realm.md index 80c9e6663e..d2a26a7f2b 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/jwt-auth-realm.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/jwt-auth-realm.md @@ -287,7 +287,7 @@ You cannot map roles in the JWT realm using the `role_mapping.yml` file. ### Authorizing with the role mapping API [jwt-authorization-role-mapping] -You can use the [create or update role mappings API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-role-mapping.html) to define role mappings that determine which roles should be assigned to each user based on their username, groups, or other metadata. +You can use the [create or update role mappings API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-put-role-mapping) to define role mappings that determine which roles should be assigned to each user based on their username, groups, or other metadata. ```console PUT /_security/role_mapping/jwt1_users?refresh=true @@ -329,7 +329,7 @@ The following example shows how you define delegation authorization in the `elas xpack.security.authc.realms.jwt.jwt2.authorization_realms: file1,native1,ldap1,ad1 ``` -You can then use the [create or update role mappings API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-role-mapping.html) to map roles to the authorizing realm. The following example maps roles in the `native1` realm for the `principalname1` JWT principal. +You can then use the [create or update role mappings API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-put-role-mapping) to map roles to the authorizing realm. The following example maps roles in the `native1` realm for the `principalname1` JWT principal. ```console PUT /_security/role_mapping/native1_users?refresh=true @@ -377,7 +377,7 @@ POST /_security/role_mapping/jwt_user1?refresh=true } ``` -After mapping the roles, you can make an [authenticated call](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-authenticate.html) to {{es}} using a JWT and include the `ES-Client-Authentication` header: +After mapping the roles, you can make an [authenticated call](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-authenticate) to {{es}} using a JWT and include the `ES-Client-Authentication` header: $$$jwt-auth-shared-secret-scheme-example$$$ diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/kerberos-realm.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/kerberos-realm.md index ae2f4671c0..aaf8440581 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/kerberos-realm.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/kerberos-realm.md @@ -146,7 +146,7 @@ To configure a Kerberos realm in {{es}}: 5. Restart {es} 6. Map Kerberos users to roles. - The `kerberos` realm enables you to map Kerberos users to roles. You can configure these role mappings by using the [create or update role mappings API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-role-mapping.html). You identify users by their `username` field. + The `kerberos` realm enables you to map Kerberos users to roles. You can configure these role mappings by using the [create or update role mappings API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-put-role-mapping). You identify users by their `username` field. The following example uses the role mapping API to map `user@REALM` to the roles `monitoring` and `user`: diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/ldap-realm.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/ldap-realm.md index 1494bc6453..5ce21a3def 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/ldap-realm.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/ldap-realm.md @@ -14,7 +14,7 @@ An integral part of a realm authentication process is to resolve the roles assoc Since with the `ldap` realm the users are managed externally in the LDAP server, the expectation is that their roles are managed there as well. In fact, LDAP supports the notion of groups, which often represent user roles for different systems in the organization. -The `ldap` realm enables you to map LDAP users to roles via their LDAP groups or other metadata. This role mapping can be configured via the [add role mapping API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-role-mapping.html) or by using a file stored on each node. When a user authenticates with LDAP, the privileges for that user are the union of all privileges defined by the roles to which the user is mapped. +The `ldap` realm enables you to map LDAP users to roles via their LDAP groups or other metadata. This role mapping can be configured via the [add role mapping API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-put-role-mapping) or by using a file stored on each node. When a user authenticates with LDAP, the privileges for that user are the union of all privileges defined by the roles to which the user is mapped. ## Configuring an LDAP realm [ldap-realm-configuration] @@ -101,7 +101,7 @@ To integrate with LDAP, you configure an `ldap` realm and map LDAP groups to use 6. Restart {{es}}. 7. Map LDAP groups to roles. - The `ldap` realm enables you to map LDAP users to roles via their LDAP groups, or other metadata. This role mapping can be configured via the [add role mapping API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-role-mapping.html) or by using a file stored on each node. When a user authenticates with LDAP, the privileges for that user are the union of all privileges defined by the roles to which the user is mapped. + The `ldap` realm enables you to map LDAP users to roles via their LDAP groups, or other metadata. This role mapping can be configured via the [add role mapping API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-put-role-mapping) or by using a file stored on each node. When a user authenticates with LDAP, the privileges for that user are the union of all privileges defined by the roles to which the user is mapped. Within a mapping definition, you specify groups using their distinguished names. For example, the following mapping configuration maps the LDAP `admins` group to both the `monitoring` and `user` roles, and maps the `users` group to the `user` role. @@ -186,7 +186,7 @@ When a user is authenticated via an LDAP realm, the following properties are pop | `ldap_dn` | The distinguished name of the user. | | `ldap_groups` | The distinguished name of each of the groups that were resolved for the user (regardless of whether those groups were mapped to a role). | -This metadata is returned in the [authenticate API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-authenticate.html), and can be used with [templated queries](../../../deploy-manage/users-roles/cluster-or-deployment-auth/controlling-access-at-document-field-level.md#templating-role-query) in roles. +This metadata is returned in the [authenticate API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-authenticate), and can be used with [templated queries](../../../deploy-manage/users-roles/cluster-or-deployment-auth/controlling-access-at-document-field-level.md#templating-role-query) in roles. Additional fields can be included in the user’s metadata by configuring the `metadata` setting on the LDAP realm. This metadata is available for use with the [role mapping API](../../../deploy-manage/users-roles/cluster-or-deployment-auth/mapping-users-groups-to-roles.md#mapping-roles-api) or in [templated role queries](../../../deploy-manage/users-roles/cluster-or-deployment-auth/controlling-access-at-document-field-level.md#templating-role-query). diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/mapping-roles.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/mapping-roles.md index 7dbd3afde8..f0b8ff1369 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/mapping-roles.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/mapping-roles.md @@ -24,11 +24,11 @@ Users with no roles assigned will be unauthorized for any action. In other words :::: -When you use role mappings to assign roles to users, the roles must exist. There are two sources of roles. The available roles should either be added using the [role management APIs](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api.html#security-role-apis) or defined in the [roles file](../../../deploy-manage/users-roles/cluster-or-deployment-auth/defining-roles.md#roles-management-file). Either role-mapping method can use either role management method. For example, when you use the role mapping API, you are able to map users to both API-managed roles and file-managed roles (and likewise for file-based role-mappings). +When you use role mappings to assign roles to users, the roles must exist. There are two sources of roles. The available roles should either be added using the [role management APIs](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-security) or defined in the [roles file](../../../deploy-manage/users-roles/cluster-or-deployment-auth/defining-roles.md#roles-management-file). Either role-mapping method can use either role management method. For example, when you use the role mapping API, you are able to map users to both API-managed roles and file-managed roles (and likewise for file-based role-mappings). ## Using the role mapping API [mapping-roles-api] -You can define role-mappings through the [add role mapping API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-role-mapping.html). +You can define role-mappings through the [add role mapping API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-put-role-mapping). ## Using role mapping files [mapping-roles-file] diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/native-realm.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/native-realm.md index 6010f7080e..b9abe321b4 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/native-realm.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/native-realm.md @@ -38,6 +38,6 @@ You can configure a `native` realm in the `xpack.security.authc.realms.native` n The {{stack}} {security-features} enable you to easily manage users in {{kib}} on the **Management / Security / Users** page. -Alternatively, you can manage users through the `user` API. For more information and examples, see [Users](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api.html#security-user-apis). +Alternatively, you can manage users through the `user` API. For more information and examples, see [Users](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-security). diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/oidc-guide.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/oidc-guide.md index c7903932ea..a1037cc554 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/oidc-guide.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/oidc-guide.md @@ -268,7 +268,7 @@ xpack.security.authc.realms.oidc.oidc1: When a user authenticates using OpenID Connect, they are identified to the Elastic Stack, but this does not automatically grant them access to perform any actions or access any data. -Your OpenID Connect users cannot do anything until they are assigned roles. This can be done through either the [add role mapping API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-role-mapping.html) or with [authorization realms](../../../deploy-manage/users-roles/cluster-or-deployment-auth/realm-chains.md#authorization_realms). +Your OpenID Connect users cannot do anything until they are assigned roles. This can be done through either the [add role mapping API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-put-role-mapping) or with [authorization realms](../../../deploy-manage/users-roles/cluster-or-deployment-auth/realm-chains.md#authorization_realms). ::::{note} You cannot use [role mapping files](../../../deploy-manage/users-roles/cluster-or-deployment-auth/mapping-users-groups-to-roles.md#mapping-roles-file) to grant roles to users authenticating via OpenID Connect. @@ -300,7 +300,7 @@ The user fields that are provided to the role mapping are derived from the OpenI * `groups`: The `groups` user property * `metadata`: See [User metadata](../../../deploy-manage/users-roles/cluster-or-deployment-auth/openid-connect.md#oidc-user-metadata) -For more information, see [Mapping users and groups to roles](../../../deploy-manage/users-roles/cluster-or-deployment-auth/mapping-users-groups-to-roles.md) and [Role mappings](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api.html#security-role-mapping-apis). +For more information, see [Mapping users and groups to roles](../../../deploy-manage/users-roles/cluster-or-deployment-auth/mapping-users-groups-to-roles.md) and [Role mappings](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-security). If your OP has the ability to provide groups or roles to RPs via tha use of an OpenID Claim, then you should map this claim to the `claims.groups` setting in the {{es}} realm (see [Mapping claims to user properties](../../../deploy-manage/users-roles/cluster-or-deployment-auth/openid-connect.md#oidc-claim-to-property)), and then make use of it in a role mapping as per the example below. @@ -421,7 +421,7 @@ POST /_security/user/facilitator On a high level, the custom web application would need to perform the following steps in order to authenticate a user with OpenID Connect: -1. Make an HTTP POST request to `_security/oidc/prepare`, authenticating as the `facilitator` user, using the name of the OpenID Connect realm in the {{es}} configuration in the request body. For more details, see [OpenID Connect prepare authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-oidc-prepare-authentication.html). +1. Make an HTTP POST request to `_security/oidc/prepare`, authenticating as the `facilitator` user, using the name of the OpenID Connect realm in the {{es}} configuration in the request body. For more details, see [OpenID Connect prepare authentication](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-oidc-prepare-authentication). ```console POST /_security/oidc/prepare @@ -431,7 +431,7 @@ On a high level, the custom web application would need to perform the following ``` 2. Handle the response to `/_security/oidc/prepare`. The response from {{es}} will contain 3 parameters: `redirect`, `state`, `nonce`. The custom web application would need to store the values for `state` and `nonce` in the user’s session (client side in a cookie or server side if session information is persisted this way) and redirect the user’s browser to the URL that will be contained in the `redirect` value. -3. Handle a subsequent response from the OP. After the user is successfully authenticated with the OpenID Connect Provider, they will be redirected back to the callback/redirect URI. Upon receiving this HTTP GET request, the custom web app will need to make an HTTP POST request to `_security/oidc/authenticate`, again - authenticating as the `facilitator` user - passing the URL where the user’s browser was redirected to, as a parameter, along with the values for `nonce` and `state` it had saved in the user’s session previously. If more than one OpenID Connect realms are configured, the custom web app can specify the name of the realm to be used for handling this, but this parameter is optional. For more details, see [OpenID Connect authenticate](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-oidc-authenticate.html). +3. Handle a subsequent response from the OP. After the user is successfully authenticated with the OpenID Connect Provider, they will be redirected back to the callback/redirect URI. Upon receiving this HTTP GET request, the custom web app will need to make an HTTP POST request to `_security/oidc/authenticate`, again - authenticating as the `facilitator` user - passing the URL where the user’s browser was redirected to, as a parameter, along with the values for `nonce` and `state` it had saved in the user’s session previously. If more than one OpenID Connect realms are configured, the custom web app can specify the name of the realm to be used for handling this, but this parameter is optional. For more details, see [OpenID Connect authenticate](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-oidc-authenticate). ```console POST /_security/oidc/authenticate @@ -443,9 +443,9 @@ On a high level, the custom web application would need to perform the following } ``` - Elasticsearch will validate this and if all is correct will respond with an access token that can be used as a `Bearer` token for subsequent requests and a refresh token that can be later used to refresh the given access token as described in [Get token](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-token.html). + Elasticsearch will validate this and if all is correct will respond with an access token that can be used as a `Bearer` token for subsequent requests and a refresh token that can be later used to refresh the given access token as described in [Get token](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-get-token). -4. At some point, if necessary, the custom web application can log the user out by using the [OIDC logout API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-oidc-logout.html) passing the access token and refresh token as parameters. For example: +4. At some point, if necessary, the custom web application can log the user out by using the [OIDC logout API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-oidc-logout) passing the access token and refresh token as parameters. For example: ```console POST /_security/oidc/logout diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/overview-index-lifecycle-management.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/overview-index-lifecycle-management.md index d2b420b374..8ca368ac68 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/overview-index-lifecycle-management.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/overview-index-lifecycle-management.md @@ -11,7 +11,7 @@ Index lifecycle policies can trigger actions such as: * **Rollover**: Creates a new write index when the current one reaches a certain size, number of docs, or age. * **Shrink**: Reduces the number of primary shards in an index. -* **Force merge**: Triggers a [force merge](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-forcemerge.html) to reduce the number of segments in an index’s shards. +* **Force merge**: Triggers a [force merge](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-forcemerge) to reduce the number of segments in an index’s shards. * **Delete**: Permanently remove an index, including all of its data and metadata. {{ilm-init}} makes it easier to manage indices in hot-warm-cold architectures, which are common when you’re working with time series data such as logs and metrics. diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/recovery-prioritization.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/recovery-prioritization.md index 95cd40bf4d..3a3194338a 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/recovery-prioritization.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/recovery-prioritization.md @@ -37,7 +37,7 @@ In the above example: * `index_2` will be recovered next because it was created more recently. * `index_1` will be recovered last. -This setting accepts an integer, and can be updated on a live index with the [update index settings API](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-update-settings.html): +This setting accepts an integer, and can be updated on a live index with the [update index settings API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-put-settings): ```console PUT index_4/_settings diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/rollup-overview.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/rollup-overview.md index fd7fb7c8a5..5a2b5fb0da 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/rollup-overview.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/rollup-overview.md @@ -29,7 +29,7 @@ For example, consider the system that’s generating 43 million documents every If we compress the 43 million documents into hourly summaries, we can save vast amounts of space. The Rollup feature automates this process of summarizing historical data. -Details about setting up and configuring Rollup are covered in [Create Job API](https://www.elastic.co/guide/en/elasticsearch/reference/current/rollup-put-job.html). +Details about setting up and configuring Rollup are covered in [Create Job API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-rollup-put-job). ## Rollup uses standard Query DSL [_rollup_uses_standard_query_dsl] diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/saml-guide-stack.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/saml-guide-stack.md index bd435624f0..30c1e51f9b 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/saml-guide-stack.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/saml-guide-stack.md @@ -6,7 +6,7 @@ The other component that is needed to enable SAML single-sign-on is the *Identit If you are interested in configuring SSO into {{kib}}, then you will need to provide {{es}} with information about your *Identity Provider*, and you will need to register the Elastic Stack as a known *Service Provider* within that Identity Provider. There are also a few configuration changes that are required in {{kib}} to activate the SAML authentication provider. -::::{note} +::::{note} The SAML support in {{kib}} is designed on the expectation that it will be the primary (or sole) authentication method for users of that {{kib}} instance. Once you enable SAML authentication in {{kib}} it will affect all users who try to login. The [Configuring {{kib}}](../../../deploy-manage/users-roles/cluster-or-deployment-auth/saml.md#saml-configure-kibana) section provides more detail about how this works. :::: @@ -80,7 +80,7 @@ xpack.security.authc.realms.saml.saml1: attributes.groups: "urn:oid:1.3.6.1.4.1.5923.1.5.1." ``` -::::{important} +::::{important} SAML is used when authenticating via {{kib}}, but it is not an effective means of authenticating directly to the {{es}} REST API. For this reason we recommend that you include at least one additional realm such as the [native realm](../../../deploy-manage/users-roles/cluster-or-deployment-auth/native.md) in your authentication chain for use by API clients. :::: @@ -150,7 +150,7 @@ In general, {{es}} expects that the configured value for an attribute will be a `nameid:persistent` : This uses the SAML `NameID` value (all leading and trailing whitespace removed), but only if the NameID format is `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent`. A SAML `NameID` element has an optional `Format` attribute that indicates the semantics of the provided name. It is common for IdPs to be configured with "transient" NameIDs that present a new identifier for each session. Since it is rarely useful to use a transient NameID as part of an attribute mapping, the "nameid:persistent" attribute name can be used as a safety mechanism that will cause an error if you attempt to map from a `NameID` that does not have a persistent value. -::::{note} +::::{note} Identity Providers can be either statically configured to release a `NameID` with a specific format, or they can be configured to try to conform with the requirements of the SP. The SP declares its requirements as part of the Authentication Request, using an element which is called the `NameIDPolicy`. If this is needed, you can set the relevant [settings](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-settings.html#ref-saml-settings) named `nameid_format` in order to request that the IdP releases a `NameID` with a specific format. :::: @@ -183,7 +183,7 @@ principal groups : *(Recommended)* If you wish to use your IdP’s concept of groups or roles as the basis for a user’s {{es}} privileges, you should map them with this attribute. The `groups` are passed directly to your [role mapping rules](../../../deploy-manage/users-roles/cluster-or-deployment-auth/saml.md#saml-role-mapping). - ::::{note} + ::::{note} Some IdPs are configured to send the `groups` list as a single value, comma-separated string. To map this SAML attribute to the `attributes.groups` setting in the {{es}} realm, you can configure a string delimiter using the `attribute_delimiters.group` setting. For example, splitting the SAML attribute value `engineering,elasticsearch-admins,employees` on a delimiter value of `,` will result in `engineering`, `elasticsearch-admins`, and `employees` as the list of groups for the user. @@ -222,7 +222,7 @@ In this case, the user’s `principal` is mapped from an email attribute, but a In this example, the email address must belong to the `staff.example.com` domain, and then the local-part (anything before the `@`) is used as the principal. Any users who try to login using a different email domain will fail because the regular expression will not match against their email address, and thus their principal attribute - which is mandatory - will not be populated. -::::{important} +::::{important} Small mistakes in these regular expressions can have significant security consequences. For example, if we accidentally left off the trailing `$` from the example above, then we would match any email address where the domain starts with `staff.example.com`, and this would accept an email address such as `admin@staff.example.com.attacker.net`. It is important that you make sure your regular expressions are as precise as possible so that you do not inadvertently open an avenue for user impersonation attacks. :::: @@ -266,7 +266,7 @@ The {{es}} realm setting `sp.logout` specifies a URL in {{kib}} to which the IdP If you do not configure a value for `sp.logout`, {{es}} will refuse all `` messages. -::::{note} +::::{note} It is common for IdPs to require that `LogoutRequest` messages be signed, so you may need to configure [signing credentials](../../../deploy-manage/users-roles/cluster-or-deployment-auth/saml.md#saml-enc-sign). :::: @@ -400,7 +400,7 @@ If you wish to use **PKCS#12 formatted** files or a **Java Keystore** for SAML e Some Identity Providers support importing a metadata file from the Service Provider. This will automatically configure many of the integration options between the IdP and the SP. -The {{stack}} supports generating such a metadata file using the [`bin/elasticsearch-saml-metadata` command](https://www.elastic.co/guide/en/elasticsearch/reference/current/saml-metadata.html) or the [SAML service provider metadata API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-saml-sp-metadata.html). +The {{stack}} supports generating such a metadata file using the [`bin/elasticsearch-saml-metadata` command](https://www.elastic.co/guide/en/elasticsearch/reference/current/saml-metadata.html) or the [SAML service provider metadata API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-saml-service-provider-metadata). You can generate the SAML metadata by issuing the API request to {{es}} and store it as an XML file using tools like `jq`. For example, the following command generates the metadata for the SAML realm `realm1` and saves it to a `metadata.xml` file: @@ -413,9 +413,9 @@ curl -u user_name:password -X GET http://localhost:9200/_security/saml/metadata When a user authenticates using SAML, they are identified to the Elastic Stack, but this does not automatically grant them access to perform any actions or access any data. -Your SAML users cannot do anything until they are assigned roles. This can be done through either the [add role mapping API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-role-mapping.html) or with [authorization realms](../../../deploy-manage/users-roles/cluster-or-deployment-auth/realm-chains.md#authorization_realms). +Your SAML users cannot do anything until they are assigned roles. This can be done through either the [add role mapping API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-put-role-mapping) or with [authorization realms](../../../deploy-manage/users-roles/cluster-or-deployment-auth/realm-chains.md#authorization_realms). -::::{note} +::::{note} You cannot use [role mapping files](../../../deploy-manage/users-roles/cluster-or-deployment-auth/mapping-users-groups-to-roles.md#mapping-roles-file) to grant roles to users authenticating via SAML. :::: @@ -445,7 +445,7 @@ The user fields that are provided to the role mapping are derived from the SAML * `groups`: The `groups` attribute * `metadata`: See [User metadata](../../../deploy-manage/users-roles/cluster-or-deployment-auth/saml.md#saml-user-metadata) -For more information, see [Mapping users and groups to roles](../../../deploy-manage/users-roles/cluster-or-deployment-auth/mapping-users-groups-to-roles.md) and [Role mappings](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api.html#security-role-mapping-apis). +For more information, see [Mapping users and groups to roles](../../../deploy-manage/users-roles/cluster-or-deployment-auth/mapping-users-groups-to-roles.md) and [Role mappings](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-security). If your IdP has the ability to provide groups or roles to Service Providers, then you should map this SAML attribute to the `attributes.groups` setting in the {{es}} realm, and then make use of it in a role mapping as per the example below. @@ -463,7 +463,7 @@ PUT /_security/role_mapping/saml-finance } ``` -1. The `groups` attribute supports using wildcards (`*`). Refer to the [create or update role mappings API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-role-mapping.html#security-api-put-role-mapping-example) for more information. +1. The `groups` attribute supports using wildcards (`*`). Refer to the [create or update role mappings API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-put-role-mapping) for more information. If your users also exist in a repository that can be directly accessed by {{es}} (such as an LDAP directory) then you can use [authorization realms](../../../deploy-manage/users-roles/cluster-or-deployment-auth/realm-chains.md#authorization_realms) instead of role mappings. @@ -583,7 +583,7 @@ The SAML 2.0 specification offers a lot of options and flexibility for the imple The SAML realm in {{es}} is designed to allow users to authenticate to {{kib}} and as such, most of the parts of the guide above make the assumption that {{kib}} is used. This section describes how a custom web application could use the relevant SAML REST APIs in order to authenticate the users to {{es}} with SAML. -::::{note} +::::{note} This section assumes that the reader is familiar with the SAML 2.0 standard and more specifically with the SAML 2.0 Web Browser Single Sign On profile. :::: @@ -619,7 +619,7 @@ POST /_security/user/saml-service-user On a high level, the custom web application would need to perform the following steps in order to authenticate a user with SAML against {{es}}: -1. Make an HTTP POST request to `_security/saml/prepare`, authenticating as the `saml-service-user` user. Use either the name of the SAML realm in the {{es}} configuration or the value for the Assertion Consumer Service URL in the request body. See the [SAML prepare authentication API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-saml-prepare-authentication.html) for more details. +1. Make an HTTP POST request to `_security/saml/prepare`, authenticating as the `saml-service-user` user. Use either the name of the SAML realm in the {{es}} configuration or the value for the Assertion Consumer Service URL in the request body. See the [SAML prepare authentication API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-saml-prepare-authentication) for more details. ```console POST /_security/saml/prepare @@ -631,7 +631,7 @@ On a high level, the custom web application would need to perform the following 2. Handle the response from `/_security/saml/prepare`. The response from {{es}} will contain 3 parameters: `redirect`, `realm` and `id`. The custom web application would need to store the value for `id` in the user’s session (client side in a cookie or server side if session information is persisted this way). It must also redirect the user’s browser to the URL that was returned in the `redirect` parameter. The `id` value should not be disregarded as it is used as a nonce in SAML in order to mitigate against replay attacks. 3. Handle a subsequent response from the SAML IdP. After the user is successfully authenticated with the Identity Provider they will be redirected back to the Assertion Consumer Service URL. This `sp.acs` needs to be defined as a URL which the custom web application handles. When it receives this HTTP POST request, the custom web application must parse it and make an HTTP POST request itself to the `_security/saml/authenticate` API. It must authenticate as the `saml-service-user` user and pass the Base64 encoded SAML Response that was sent as the body of the request. It must also pass the value for `id` that it had saved in the user’s session previously. - See [SAML authenticate API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-saml-authenticate.html) for more details. + See [SAML authenticate API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-saml-authenticate) for more details. ```console POST /_security/saml/authenticate @@ -641,7 +641,7 @@ On a high level, the custom web application would need to perform the following } ``` - Elasticsearch will validate this and if all is correct will respond with an access token that can be used as a `Bearer` token for subsequent requests. It also supplies a refresh token that can be later used to refresh the given access token as described in [get token API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-token.html). + Elasticsearch will validate this and if all is correct will respond with an access token that can be used as a `Bearer` token for subsequent requests. It also supplies a refresh token that can be later used to refresh the given access token as described in [get token API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-get-token). 4. The response to calling `/_security/saml/authenticate` will contain only the username of the authenticated user. If you need to get the values for the SAML Attributes that were contained in the SAML Response for that user, you can call the Authenticate API `/_security/_authenticate/` using the access token as a `Bearer` token and the SAML attribute values will be contained in the response as part of the [User metadata](../../../deploy-manage/users-roles/cluster-or-deployment-auth/saml.md#saml-user-metadata). @@ -661,7 +661,7 @@ POST /_security/saml/authenticate ### Handling the logout flow [saml-no-kibana-slo] -1. At some point, if necessary, the custom web application can log the user out by using the [SAML logout API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-saml-logout.html) and passing the access token and refresh token as parameters. For example: +1. At some point, if necessary, the custom web application can log the user out by using the [SAML logout API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-saml-logout) and passing the access token and refresh token as parameters. For example: ```console POST /_security/saml/logout @@ -673,7 +673,7 @@ POST /_security/saml/authenticate If the SAML realm is configured accordingly and the IdP supports it (see [SAML logout](../../../deploy-manage/users-roles/cluster-or-deployment-auth/saml.md#saml-logout)), this request will trigger a SAML SP-initiated Single Logout. In this case, the response will include a `redirect` parameter indicating where the user needs to be redirected at the IdP in order to complete the logout. -2. Alternatively, the IdP might initiate the Single Logout flow at some point. In order to handle this, the Logout URL (`sp.logout`) needs to be handled by the custom web app. The query part of the URL that the user will be redirected to will contain a SAML Logout request and this query part needs to be relayed to {{es}} using the [SAML invalidate API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-saml-invalidate.html) +2. Alternatively, the IdP might initiate the Single Logout flow at some point. In order to handle this, the Logout URL (`sp.logout`) needs to be handled by the custom web app. The query part of the URL that the user will be redirected to will contain a SAML Logout request and this query part needs to be relayed to {{es}} using the [SAML invalidate API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-saml-invalidate) ```console POST /_security/saml/invalidate @@ -686,7 +686,7 @@ POST /_security/saml/authenticate The custom web application will then need to also handle the response, which will include a `redirect` parameter with a URL in the IdP that contains the SAML Logout response. The application should redirect the user there to complete the logout. -For SP-initiated Single Logout, the IdP may send back a logout response which can be verified by {{es}} using the [SAML complete logout API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-saml-complete-logout.html). +For SP-initiated Single Logout, the IdP may send back a logout response which can be verified by {{es}} using the [SAML complete logout API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-saml-complete-logout). diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/search-analyze.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/search-analyze.md index 4aef5dec99..7b0130447a 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/search-analyze.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/search-analyze.md @@ -59,7 +59,7 @@ The folowing aggregation types are available: * [Bucket](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-aggregations-bucket.html): Group documents into buckets based on field values, ranges, or other criteria. * [Pipeline](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-aggregations-pipeline.html): Run aggregations on the results of other aggregations. -Run aggregations by specifying the [search API](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-search.html)'s `aggs` parameter. Learn more in [Run an aggregation](../../../explore-analyze/query-filter/aggregations.md#run-an-agg). +Run aggregations by specifying the [search API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-search)'s `aggs` parameter. Learn more in [Run an aggregation](../../../explore-analyze/query-filter/aggregations.md#run-an-agg). ### {{esql}} [search-analyze-data-esql] @@ -81,9 +81,9 @@ The following table summarizes all available {{es}} query languages, to help you | Name | Description | Use cases | API endpoint | | --- | --- | --- | --- | -| [Query DSL](../../../explore-analyze/query-filter/languages/querydsl.md) | The primary query language for {{es}}. A powerful and flexible JSON-style language that enables complex queries. | Full-text search, semantic search, keyword search, filtering, aggregations, and more. | [`_search`](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-search.html) | +| [Query DSL](../../../explore-analyze/query-filter/languages/querydsl.md) | The primary query language for {{es}}. A powerful and flexible JSON-style language that enables complex queries. | Full-text search, semantic search, keyword search, filtering, aggregations, and more. | [`_search`](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-search) | | [{{esql}}](../../../explore-analyze/query-filter/languages/esql.md) | Introduced in **8.11**, the Elasticsearch Query Language ({{esql}}) is a piped query language language for filtering, transforming, and analyzing data. | Initially tailored towards working with time series data like logs and metrics.Robust integration with {{kib}} for querying, visualizing, and analyzing data.Does not yet support full-text search. | [`_query`](../../../explore-analyze/query-filter/languages/esql-rest.md) | -| [EQL](../../../explore-analyze/query-filter/languages/eql.md) | Event Query Language (EQL) is a query language for event-based time series data. Data must contain the `@timestamp` field to use EQL. | Designed for the threat hunting security use case. | [`_eql`](https://www.elastic.co/guide/en/elasticsearch/reference/current/eql-apis.html) | -| [Elasticsearch SQL](../../../explore-analyze/query-filter/languages/sql.md) | Allows native, real-time SQL-like querying against {{es}} data. JDBC and ODBC drivers are available for integration with business intelligence (BI) tools. | Enables users familiar with SQL to query {{es}} data using familiar syntax for BI and reporting. | [`_sql`](https://www.elastic.co/guide/en/elasticsearch/reference/current/sql-apis.html) | +| [EQL](../../../explore-analyze/query-filter/languages/eql.md) | Event Query Language (EQL) is a query language for event-based time series data. Data must contain the `@timestamp` field to use EQL. | Designed for the threat hunting security use case. | [`_eql`](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-eql) | +| [Elasticsearch SQL](../../../explore-analyze/query-filter/languages/sql.md) | Allows native, real-time SQL-like querying against {{es}} data. JDBC and ODBC drivers are available for integration with business intelligence (BI) tools. | Enables users familiar with SQL to query {{es}} data using familiar syntax for BI and reporting. | [`_sql`](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-sql) | | [Kibana Query Language (KQL)](../../../explore-analyze/query-filter/languages/kql.md) | {{kib}} Query Language (KQL) is a text-based query language for filtering data when you access it through the {{kib}} UI. | Use KQL to filter documents where a value for a field exists, matches a given value, or is within a given range. | N/A | diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/search-with-synonyms.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/search-with-synonyms.md index 22d786b354..db4e592f47 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/search-with-synonyms.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/search-with-synonyms.md @@ -23,7 +23,7 @@ Your synonyms sets need to be stored in {{es}} so your analyzers can refer to th ### Synonyms API [synonyms-store-synonyms-api] -You can use the [synonyms APIs](https://www.elastic.co/guide/en/elasticsearch/reference/current/synonyms-apis.html) to manage synonyms sets. This is the most flexible approach, as it allows to dynamically define and modify synonyms sets. +You can use the [synonyms APIs](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-synonyms) to manage synonyms sets. This is the most flexible approach, as it allows to dynamically define and modify synonyms sets. Changes in your synonyms sets will automatically reload the associated analyzers. @@ -72,7 +72,7 @@ foo => foo bar, baz To update an existing synonyms set, upload new files to your cluster. Synonyms set files must be kept in sync on every cluster node. -When a synonyms set is updated, search analyzers that use it need to be refreshed using the [reload search analyzers API](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-reload-analyzers.html) +When a synonyms set is updated, search analyzers that use it need to be refreshed using the [reload search analyzers API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-reload-search-analyzers) This manual syncing and reloading makes this approach less flexible than using the [synonyms API](../../../solutions/search/full-text/search-with-synonyms.md#synonyms-store-synonyms-api). @@ -120,7 +120,7 @@ Check each synonym token filter documentation for configuration details and inst ### Test your analyzer [synonyms-test-analyzer] -You can test an analyzer configuration without modifying your index settings. Use the [analyze API](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-analyze.html) to test your analyzer chain: +You can test an analyzer configuration without modifying your index settings. Use the [analyze API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-analyze) to test your analyzer chain: ```console GET /_analyze @@ -144,8 +144,8 @@ Analyzers can be applied at [index time or search time](../../../manage-data/dat You need to decide when to apply your synonyms: -* Index time: Synonyms are applied when the documents are indexed into {{es}}. This is a less flexible alternative, as changes to your synonyms require [reindexing](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-reindex.html). -* Search time: Synonyms are applied when a search is executed. This is a more flexible approach, which doesn’t require reindexing. If token filters are configured with `"updateable": true`, search analyzers can be [reloaded](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-reload-analyzers.html) when you make changes to your synonyms. +* Index time: Synonyms are applied when the documents are indexed into {{es}}. This is a less flexible alternative, as changes to your synonyms require [reindexing](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex). +* Search time: Synonyms are applied when a search is executed. This is a more flexible approach, which doesn’t require reindexing. If token filters are configured with `"updateable": true`, search analyzers can be [reloaded](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-reload-search-analyzers) when you make changes to your synonyms. Synonyms sets created using the [synonyms API](../../../solutions/search/full-text/search-with-synonyms.md#synonyms-store-synonyms-api) can only be used at search time. diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/secure-settings.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/secure-settings.md index 53cfb344c7..7fa4566355 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/secure-settings.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/secure-settings.md @@ -16,7 +16,7 @@ These settings, just like the regular ones in the `elasticsearch.yml` config fil Just like the settings values in `elasticsearch.yml`, changes to the keystore contents are not automatically applied to the running {{es}} node. Re-reading settings requires a node restart. However, certain secure settings are marked as **reloadable**. Such settings can be re-read and applied on a running node. -You can define these settings before the node is started, or call the [Nodes reload secure settings API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-nodes-reload-secure-settings.html) after the settings are defined to apply them to a running node. +You can define these settings before the node is started, or call the [Nodes reload secure settings API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-nodes-reload-secure-settings) after the settings are defined to apply them to a running node. The values of all secure settings, **reloadable** or not, must be identical across all cluster nodes. After making the desired secure settings changes, using the `bin/elasticsearch-keystore add` command, call: @@ -32,7 +32,7 @@ POST _nodes/reload_secure_settings This API decrypts, re-reads the entire keystore and validates all settings on every cluster node, but only the **reloadable** secure settings are applied. Changes to other settings do not go into effect until the next restart. Once the call returns, the reload has been completed, meaning that all internal data structures dependent on these settings have been changed. Everything should look as if the settings had the new value from the start. -When changing multiple **reloadable** secure settings, modify all of them on each cluster node, then issue a [`reload_secure_settings`](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-nodes-reload-secure-settings.html) call instead of reloading after each modification. +When changing multiple **reloadable** secure settings, modify all of them on each cluster node, then issue a [`reload_secure_settings`](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-nodes-reload-secure-settings) call instead of reloading after each modification. There are reloadable secure settings for: diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/security-limitations.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/security-limitations.md index 3ebbe32494..d643410410 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/security-limitations.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/security-limitations.md @@ -37,10 +37,10 @@ When a user’s role enables document or [field level security](../../../deploy- * The user cannot perform operations that effectively make contents accessible under another name, including actions from the following APIs: - * [Clone index API](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-clone-index.html) - * [Shrink index API](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-shrink-index.html) - * [Split index API](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-split-index.html) - * [Aliases API](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-aliases.html) + * [Clone index API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-clone) + * [Shrink index API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-shrink) + * [Split index API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-split) + * [Aliases API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-update-aliases) * The request cache is disabled for search requests if either of the following are true: @@ -61,7 +61,7 @@ When a user’s role enables [document level security](../../../deploy-manage/us * If suggesters are specified and document level security is enabled, the specified suggesters are ignored. * A search request cannot be profiled if document level security is enabled. -* The [terms enum API](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-terms-enum.html) does not return terms if document level security is enabled. +* The [terms enum API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-terms-enum) does not return terms if document level security is enabled. * The [`multi_match`](https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-multi-match-query.html) query does not support specifying fields using wildcards. ::::{note} @@ -84,7 +84,7 @@ The [LDAP Realm](../../../deploy-manage/users-roles/cluster-or-deployment-auth/l ## Resource sharing check for users and API keys [can-access-resources-check] -The result of [async search](https://www.elastic.co/guide/en/elasticsearch/reference/current/async-search.html) and [scroll](https://www.elastic.co/guide/en/elasticsearch/reference/current/scroll-api.html) requests can be retrieved later by the same user or API key that submitted the initial request. The verification process involves comparing the username, authentication realm type, and (for realms other than file or native) realm name. If you used an API key to submit the request, only that key can retrieve the results. This logic also has a few limitations: +The result of [async search](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-async-search-submit) and [scroll](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-scroll) requests can be retrieved later by the same user or API key that submitted the initial request. The verification process involves comparing the username, authentication realm type, and (for realms other than file or native) realm name. If you used an API key to submit the request, only that key can retrieve the results. This logic also has a few limitations: * Two different realms can have the same name on different nodes. This is not a recommended way to configure realms, therefore the resource sharing check does not attempt to detect this inconsistency. * Realms can be renamed. This can cause inconsistency for the resource sharing check when you submit an async search or scroll then rename the realm and try to retrieve the results. Hence, changing realm names should be handled with care since it can cause complications for more than just the resource sharing check. diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/semantic-search-inference.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/semantic-search-inference.md index 96c7d64357..1486e3d7bb 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/semantic-search-inference.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/semantic-search-inference.md @@ -87,7 +87,7 @@ An [OpenAI account](https://openai.com/) is required to use the {{infer}} API wi ## Create an inference endpoint [infer-text-embedding-task] -Create an {{infer}} endpoint by using the [Create {{infer}} API](https://www.elastic.co/guide/en/elasticsearch/reference/current/put-inference-api.html): +Create an {{infer}} endpoint by using the [Create {{infer}} API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-inference-put): :::::::{tab-set} @@ -105,7 +105,7 @@ PUT _inference/text_embedding/cohere_embeddings <1> ``` 1. The task type is `text_embedding` in the path and the `inference_id` which is the unique identifier of the {{infer}} endpoint is `cohere_embeddings`. -2. The API key of your Cohere account. You can find your API keys in your Cohere dashboard under the [API keys section](https://dashboard.cohere.com/api-keys). You need to provide your API key only once. The [Get {{infer}} API](https://www.elastic.co/guide/en/elasticsearch/reference/current/get-inference-api.html) does not return your API key. +2. The API key of your Cohere account. You can find your API keys in your Cohere dashboard under the [API keys section](https://dashboard.cohere.com/api-keys). You need to provide your API key only once. The [Get {{infer}} API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-inference-get) does not return your API key. 3. The name of the embedding model to use. You can find the list of Cohere embedding models [here](https://docs.cohere.com/reference/embed). @@ -169,7 +169,7 @@ PUT _inference/text_embedding/openai_embeddings <1> ``` 1. The task type is `text_embedding` in the path and the `inference_id` which is the unique identifier of the {{infer}} endpoint is `openai_embeddings`. -2. The API key of your OpenAI account. You can find your OpenAI API keys in your OpenAI account under the [API keys section](https://platform.openai.com/api-keys). You need to provide your API key only once. The [Get {{infer}} API](https://www.elastic.co/guide/en/elasticsearch/reference/current/get-inference-api.html) does not return your API key. +2. The API key of your OpenAI account. You can find your OpenAI API keys in your OpenAI account under the [API keys section](https://platform.openai.com/api-keys). You need to provide your API key only once. The [Get {{infer}} API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-inference-get) does not return your API key. 3. The name of the embedding model to use. You can find the list of OpenAI embedding models [here](https://platform.openai.com/docs/guides/embeddings/embedding-models). @@ -193,7 +193,7 @@ PUT _inference/text_embedding/azure_openai_embeddings <1> ``` 1. The task type is `text_embedding` in the path and the `inference_id` which is the unique identifier of the {{infer}} endpoint is `azure_openai_embeddings`. -2. The API key for accessing your Azure OpenAI services. Alternately, you can provide an `entra_id` instead of an `api_key` here. The [Get {{infer}} API](https://www.elastic.co/guide/en/elasticsearch/reference/current/get-inference-api.html) does not return this information. +2. The API key for accessing your Azure OpenAI services. Alternately, you can provide an `entra_id` instead of an `api_key` here. The [Get {{infer}} API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-inference-get) does not return this information. 3. The name our your Azure resource. 4. The id of your deployed model. @@ -305,7 +305,7 @@ PUT _inference/text_embedding/alibabacloud_ai_search_embeddings <1> ``` 1. The task type is `text_embedding` in the path and the `inference_id` which is the unique identifier of the {{infer}} endpoint is `alibabacloud_ai_search_embeddings`. -2. The API key for accessing the AlibabaCloud AI Search API. You can find your API keys in your AlibabaCloud account under the [API keys section](https://opensearch.console.aliyun.com/cn-shanghai/rag/api-key). You need to provide your API key only once. The [Get {{infer}} API](https://www.elastic.co/guide/en/elasticsearch/reference/current/get-inference-api.html) does not return your API key. +2. The API key for accessing the AlibabaCloud AI Search API. You can find your API keys in your AlibabaCloud account under the [API keys section](https://opensearch.console.aliyun.com/cn-shanghai/rag/api-key). You need to provide your API key only once. The [Get {{infer}} API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-inference-get) does not return your API key. 3. The AlibabaCloud AI Search embeddings model name, for example `ops-text-embedding-zh-001`. 4. The name our your AlibabaCloud AI Search host address. 5. The name our your AlibabaCloud AI Search workspace. @@ -614,7 +614,7 @@ PUT _ingest/pipeline/cohere_embeddings_pipeline } ``` -1. The name of the inference endpoint you created by using the [Create {{infer}} API](https://www.elastic.co/guide/en/elasticsearch/reference/current/put-inference-api.html), it’s referred to as `inference_id` in that step. +1. The name of the inference endpoint you created by using the [Create {{infer}} API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-inference-put), it’s referred to as `inference_id` in that step. 2. Configuration object that defines the `input_field` for the {{infer}} process and the `output_field` that will contain the {{infer}} results. :::::: @@ -636,7 +636,7 @@ PUT _ingest/pipeline/elser_embeddings_pipeline } ``` -1. The name of the inference endpoint you created by using the [Create {{infer}} API](https://www.elastic.co/guide/en/elasticsearch/reference/current/put-inference-api.html), it’s referred to as `inference_id` in that step. +1. The name of the inference endpoint you created by using the [Create {{infer}} API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-inference-put), it’s referred to as `inference_id` in that step. 2. Configuration object that defines the `input_field` for the {{infer}} process and the `output_field` that will contain the {{infer}} results. :::::: @@ -658,7 +658,7 @@ PUT _ingest/pipeline/hugging_face_embeddings_pipeline } ``` -1. The name of the inference endpoint you created by using the [Create {{infer}} API](https://www.elastic.co/guide/en/elasticsearch/reference/current/put-inference-api.html), it’s referred to as `inference_id` in that step. +1. The name of the inference endpoint you created by using the [Create {{infer}} API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-inference-put), it’s referred to as `inference_id` in that step. 2. Configuration object that defines the `input_field` for the {{infer}} process and the `output_field` that will contain the {{infer}} results. :::::: @@ -680,7 +680,7 @@ PUT _ingest/pipeline/openai_embeddings_pipeline } ``` -1. The name of the inference endpoint you created by using the [Create {{infer}} API](https://www.elastic.co/guide/en/elasticsearch/reference/current/put-inference-api.html), it’s referred to as `inference_id` in that step. +1. The name of the inference endpoint you created by using the [Create {{infer}} API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-inference-put), it’s referred to as `inference_id` in that step. 2. Configuration object that defines the `input_field` for the {{infer}} process and the `output_field` that will contain the {{infer}} results. :::::: @@ -702,7 +702,7 @@ PUT _ingest/pipeline/azure_openai_embeddings_pipeline } ``` -1. The name of the inference endpoint you created by using the [Create {{infer}} API](https://www.elastic.co/guide/en/elasticsearch/reference/current/put-inference-api.html), it’s referred to as `inference_id` in that step. +1. The name of the inference endpoint you created by using the [Create {{infer}} API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-inference-put), it’s referred to as `inference_id` in that step. 2. Configuration object that defines the `input_field` for the {{infer}} process and the `output_field` that will contain the {{infer}} results. :::::: @@ -724,7 +724,7 @@ PUT _ingest/pipeline/azure_ai_studio_embeddings_pipeline } ``` -1. The name of the inference endpoint you created by using the [Create {{infer}} API](https://www.elastic.co/guide/en/elasticsearch/reference/current/put-inference-api.html), it’s referred to as `inference_id` in that step. +1. The name of the inference endpoint you created by using the [Create {{infer}} API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-inference-put), it’s referred to as `inference_id` in that step. 2. Configuration object that defines the `input_field` for the {{infer}} process and the `output_field` that will contain the {{infer}} results. :::::: @@ -746,7 +746,7 @@ PUT _ingest/pipeline/google_vertex_ai_embeddings_pipeline } ``` -1. The name of the inference endpoint you created by using the [Create {{infer}} API](https://www.elastic.co/guide/en/elasticsearch/reference/current/put-inference-api.html), it’s referred to as `inference_id` in that step. +1. The name of the inference endpoint you created by using the [Create {{infer}} API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-inference-put), it’s referred to as `inference_id` in that step. 2. Configuration object that defines the `input_field` for the {{infer}} process and the `output_field` that will contain the {{infer}} results. :::::: @@ -768,7 +768,7 @@ PUT _ingest/pipeline/mistral_embeddings_pipeline } ``` -1. The name of the inference endpoint you created by using the [Create {{infer}} API](https://www.elastic.co/guide/en/elasticsearch/reference/current/put-inference-api.html), it’s referred to as `inference_id` in that step. +1. The name of the inference endpoint you created by using the [Create {{infer}} API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-inference-put), it’s referred to as `inference_id` in that step. 2. Configuration object that defines the `input_field` for the {{infer}} process and the `output_field` that will contain the {{infer}} results. :::::: @@ -790,7 +790,7 @@ PUT _ingest/pipeline/amazon_bedrock_embeddings_pipeline } ``` -1. The name of the inference endpoint you created by using the [Create {{infer}} API](https://www.elastic.co/guide/en/elasticsearch/reference/current/put-inference-api.html), it’s referred to as `inference_id` in that step. +1. The name of the inference endpoint you created by using the [Create {{infer}} API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-inference-put), it’s referred to as `inference_id` in that step. 2. Configuration object that defines the `input_field` for the {{infer}} process and the `output_field` that will contain the {{infer}} results. :::::: @@ -812,7 +812,7 @@ PUT _ingest/pipeline/alibabacloud_ai_search_embeddings_pipeline } ``` -1. The name of the inference endpoint you created by using the [Create {{infer}} API](https://www.elastic.co/guide/en/elasticsearch/reference/current/put-inference-api.html), it’s referred to as `inference_id` in that step. +1. The name of the inference endpoint you created by using the [Create {{infer}} API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-inference-put), it’s referred to as `inference_id` in that step. 2. Configuration object that defines the `input_field` for the {{infer}} process and the `output_field` that will contain the {{infer}} results. :::::: @@ -829,7 +829,7 @@ Download the file and upload it to your cluster using the [Data Visualizer](../. ## Ingest the data through the {{infer}} ingest pipeline [reindexing-data-infer] -Create embeddings from the text by reindexing the data through the {{infer}} pipeline that uses your chosen model. This step uses the [reindex API](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-reindex.html) to simulate data ingestion through a pipeline. +Create embeddings from the text by reindexing the data through the {{infer}} pipeline that uses your chosen model. This step uses the [reindex API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex) to simulate data ingestion through a pipeline. :::::::{tab-set} diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/shard-request-cache.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/shard-request-cache.md index d85c8854c1..748b18c34b 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/shard-request-cache.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/shard-request-cache.md @@ -25,7 +25,7 @@ Cached results are invalidated automatically whenever the shard refreshes to pic The longer the refresh interval, the longer that cached entries will remain valid even if there are changes to the documents. If the cache is full, the least recently used cache keys will be evicted. -The cache can be expired manually with the [`clear-cache` API](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-clearcache.html): +The cache can be expired manually with the [`clear-cache` API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-clear-cache): ```console POST /my-index-000001,my-index-000002/_cache/clear?request=true @@ -45,7 +45,7 @@ PUT /my-index-000001 } ``` -It can also be enabled or disabled dynamically on an existing index with the [`update-settings`](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-update-settings.html) API: +It can also be enabled or disabled dynamically on an existing index with the [`update-settings`](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-put-settings) API: ```console PUT /my-index-000001/_settings @@ -86,13 +86,13 @@ Most JSON libraries support a *canonical* mode which ensures that JSON keys are ## Monitoring cache usage [_monitoring_cache_usage] -The size of the cache (in bytes) and the number of evictions can be viewed by index, with the [`indices-stats`](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-stats.html) API: +The size of the cache (in bytes) and the number of evictions can be viewed by index, with the [`indices-stats`](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-stats) API: ```console GET /_stats/request_cache?human ``` -or by node with the [`nodes-stats`](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-nodes-stats.html) API: +or by node with the [`nodes-stats`](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-nodes-stats) API: ```console GET /_nodes/stats/indices/request_cache?human diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/snapshot-restore.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/snapshot-restore.md index 12d419a75c..7377e32448 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/snapshot-restore.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/snapshot-restore.md @@ -25,7 +25,7 @@ By default, a snapshot of a cluster contains the cluster state, all regular data * [Persistent cluster settings](../../../deploy-manage/deploy/self-managed/configure-elasticsearch.md#cluster-setting-types) * [Index templates](../../../manage-data/data-store/templates.md) -* [Legacy index templates](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-templates-v1.html) +* [Legacy index templates](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-put-template) * [Ingest pipelines](../../../manage-data/ingest/transform-enrich/ingest-pipelines.md) * [{{ilm-init}} policies](../../../manage-data/lifecycle/index-lifecycle-management.md) * [Stored scripts](../../../explore-analyze/scripting/modules-scripting-using.md#script-stored-scripts) @@ -51,7 +51,7 @@ When restoring a data stream, if the target cluster does not have an index templ A feature state contains the indices and data streams used to store configurations, history, and other data for an Elastic feature, such as {{es}} security or {{kib}}. ::::{tip} -To retrieve a list of feature states, use the [Features API](https://www.elastic.co/guide/en/elasticsearch/reference/current/get-features-api.html). +To retrieve a list of feature states, use the [Features API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-features-get-features). :::: @@ -118,7 +118,7 @@ You can’t restore an index to an earlier version of {{es}}. For example, you c A compatible snapshot can contain indices created in an older incompatible version. For example, a snapshot of a 8.17 cluster can contain an index created in 6.8. Restoring the 6.8 index to an 9.0 cluster fails unless you can use the [archive functionality](../../../deploy-manage/upgrade/deployment-or-cluster/reading-indices-from-older-elasticsearch-versions.md). Keep this in mind if you take a snapshot before upgrading a cluster. -As a workaround, you can first restore the index to another cluster running the latest version of {{es}} that’s compatible with both the index and your current cluster. You can then use [reindex-from-remote](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-reindex.html#reindex-from-remote) to rebuild the index on your current cluster. Reindex from remote is only possible if the index’s [`_source`](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-source-field.html) is enabled. +As a workaround, you can first restore the index to another cluster running the latest version of {{es}} that’s compatible with both the index and your current cluster. You can then use [reindex-from-remote](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex) to rebuild the index on your current cluster. Reindex from remote is only possible if the index’s [`_source`](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-source-field.html) is enabled. Reindexing from remote can take significantly longer than restoring a snapshot. Before you start, test the reindex from remote process with a subset of the data to estimate your time requirements. diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/snapshots-restore-snapshot.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/snapshots-restore-snapshot.md index 2c3a8056aa..11afec04aa 100644 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/snapshots-restore-snapshot.md +++ b/raw-migrated-files/elasticsearch/elasticsearch-reference/snapshots-restore-snapshot.md @@ -24,7 +24,7 @@ This guide also provides tips for [restoring to another cluster](../../../deploy * You can only restore a snapshot to a running cluster with an elected [master node](../../../deploy-manage/distributed-architecture/clusters-nodes-shards/node-roles.md#master-node-role). The snapshot’s repository must be [registered](../../../deploy-manage/tools/snapshot-and-restore/self-managed.md) and available to the cluster. * The snapshot and cluster versions must be compatible. See [Snapshot compatibility](../../../deploy-manage/tools/snapshot-and-restore.md#snapshot-restore-version-compatibility). * To restore a snapshot, the cluster’s global metadata must be writable. Ensure there aren’t any [cluster blocks](https://www.elastic.co/guide/en/elasticsearch/reference/current/misc-cluster-settings.html#cluster-read-only) that prevent writes. The restore operation ignores [index blocks](https://www.elastic.co/guide/en/elasticsearch/reference/current/index-modules-blocks.html). -* Before you restore a data stream, ensure the cluster contains a [matching index template](../../../manage-data/data-store/index-types/set-up-data-stream.md#create-index-template) with data stream enabled. To check, use {{kib}}'s [**Index Management**](../../../manage-data/lifecycle/index-lifecycle-management/index-management-in-kibana.md#manage-index-templates) feature or the [get index template API](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-get-template.html): +* Before you restore a data stream, ensure the cluster contains a [matching index template](../../../manage-data/data-store/index-types/set-up-data-stream.md#create-index-template) with data stream enabled. To check, use {{kib}}'s [**Index Management**](../../../manage-data/lifecycle/index-lifecycle-management/index-management-in-kibana.md#manage-index-templates) feature or the [get index template API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-get-index-template): ```console GET _index_template/*?filter_path=index_templates.name,index_templates.index_template.index_patterns,index_templates.index_template.data_stream @@ -40,7 +40,7 @@ This guide also provides tips for [restoring to another cluster](../../../deploy When restoring data from a snapshot, keep the following in mind: * If you restore a data stream, you also restore its backing indices. -* You can only restore an existing index if it’s [closed](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-close.html) and the index in the snapshot has the same number of primary shards. +* You can only restore an existing index if it’s [closed](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-close) and the index in the snapshot has the same number of primary shards. * You can’t restore an existing open index. This includes backing indices for a data stream. * The restore operation automatically opens restored indices, including backing indices. * You can restore only a specific backing index from a data stream. However, the restore operation doesn’t add the restored backing index to any existing data stream. @@ -50,7 +50,7 @@ When restoring data from a snapshot, keep the following in mind: To view a list of available snapshots in {{kib}}, go to the main menu and click **Stack Management > Snapshot and Restore**. -You can also use the [get repository API](https://www.elastic.co/guide/en/elasticsearch/reference/current/get-snapshot-repo-api.html) and the [get snapshot API](https://www.elastic.co/guide/en/elasticsearch/reference/current/get-snapshot-api.html) to find snapshots that are available to restore. First, use the get repository API to fetch a list of registered snapshot repositories. +You can also use the [get repository API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-snapshot-get-repository) and the [get snapshot API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-snapshot-get) to find snapshots that are available to restore. First, use the get repository API to fetch a list of registered snapshot repositories. ```console GET _snapshot @@ -65,7 +65,7 @@ GET _snapshot/my_repository/*?verbose=false ## Restore an index or data stream [restore-index-data-stream] -You can restore a snapshot using {{kib}}'s **Snapshot and Restore** feature or the [restore snapshot API](https://www.elastic.co/guide/en/elasticsearch/reference/current/restore-snapshot-api.html). +You can restore a snapshot using {{kib}}'s **Snapshot and Restore** feature or the [restore snapshot API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-snapshot-restore). By default, a restore request attempts to restore all regular indices and regular data streams in a snapshot. In most cases, you only need to restore a specific index or data stream from a snapshot. However, you can’t restore an existing open index. @@ -80,7 +80,7 @@ If you’re restoring data to a pre-existing cluster, use one of the following m The simplest way to avoid conflicts is to delete an existing index or data stream before restoring it. To prevent the accidental re-creation of the index or data stream, we recommend you temporarily stop all indexing until the restore operation is complete. ::::{warning} -If the [`action.destructive_requires_name`](https://www.elastic.co/guide/en/elasticsearch/reference/current/index-management-settings.html#action-destructive-requires-name) cluster setting is `false`, don’t use the [delete index API](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-delete-index.html) to target the `*` or `.*` wildcard pattern. If you use {{es}}'s security features, this will delete system indices required for authentication. Instead, target the `*,-.*` wildcard pattern to exclude these system indices and other index names that begin with a dot (`.`). +If the [`action.destructive_requires_name`](https://www.elastic.co/guide/en/elasticsearch/reference/current/index-management-settings.html#action-destructive-requires-name) cluster setting is `false`, don’t use the [delete index API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-delete) to target the `*` or `.*` wildcard pattern. If you use {{es}}'s security features, this will delete system indices required for authentication. Instead, target the `*,-.*` wildcard pattern to exclude these system indices and other index names that begin with a dot (`.`). :::: @@ -123,7 +123,7 @@ If the rename options produce two or more indices or data streams with the same If you rename a data stream, its backing indices are also renamed. For example, if you rename the `logs-my_app-default` data stream to `restored-logs-my_app-default`, the backing index `.ds-logs-my_app-default-2099.03.09-000005` is renamed to `.ds-restored-logs-my_app-default-2099.03.09-000005`. -When the restore operation is complete, you can compare the original and restored data. If you no longer need an original index or data stream, you can delete it and use a [reindex](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-reindex.html) to rename the restored one. +When the restore operation is complete, you can compare the original and restored data. If you no longer need an original index or data stream, you can delete it and use a [reindex](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex) to rename the restored one. ```console # Delete the original index @@ -171,7 +171,7 @@ GET _snapshot/my_repository/my_snapshot_2099.05.06 The response’s `feature_states` property contains a list of features in the snapshot as well as each feature’s indices. -To restore a specific feature state from the snapshot, specify the `feature_name` from the response in the restore snapshot API’s [`feature_states`](https://www.elastic.co/guide/en/elasticsearch/reference/current/restore-snapshot-api.html#restore-snapshot-api-feature-states) parameter. +To restore a specific feature state from the snapshot, specify the `feature_name` from the response in the restore snapshot API’s [`feature_states`](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-snapshot-restore) parameter. ::::{note} When you restore a feature state, {{es}} closes and overwrites the feature’s existing indices. @@ -286,7 +286,7 @@ If you’re restoring to a different cluster, see [Restore to a different cluste Use this file realm user to authenticate requests until the restore operation is complete. -4. Use the [cluster update settings API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-update-settings.html) to set [`action.destructive_requires_name`](https://www.elastic.co/guide/en/elasticsearch/reference/current/index-management-settings.html#action-destructive-requires-name) to `false`. This lets you delete data streams and indices using wildcards. +4. Use the [cluster update settings API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-put-settings) to set [`action.destructive_requires_name`](https://www.elastic.co/guide/en/elasticsearch/reference/current/index-management-settings.html#action-destructive-requires-name) to `false`. This lets you delete data streams and indices using wildcards. ```console PUT _cluster/settings @@ -322,7 +322,7 @@ If you’re restoring to a different cluster, see [Restore to a different cluste 8. When the restore operation is complete, resume indexing and restart any features you stopped: ::::{note} - When the snapshot is restored, the license that was in use at the time the snapshot was taken will be restored as well. If your license has expired since the snapshot was taken, you will need to use the [Update License API](https://www.elastic.co/guide/en/elasticsearch/reference/current/update-license.html) to install a current license. + When the snapshot is restored, the license that was in use at the time the snapshot was taken will be restored as well. If your license has expired since the snapshot was taken, you will need to use the [Update License API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-license-post) to install a current license. :::: @@ -396,25 +396,25 @@ If you’re restoring to a different cluster, see [Restore to a different cluste ## Monitor a restore [monitor-restore] -The restore operation uses the [shard recovery process](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-recovery.html) to restore an index’s primary shards from a snapshot. While the restore operation recovers primary shards, the cluster will have a `yellow` [health status](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html). +The restore operation uses the [shard recovery process](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-recovery) to restore an index’s primary shards from a snapshot. While the restore operation recovers primary shards, the cluster will have a `yellow` [health status](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-health). After all primary shards are recovered, the replication process creates and distributes replicas across eligible data nodes. When replication is complete, the cluster health status typically becomes `green`. Once you start a restore in {{kib}}, you’re navigated to the **Restore Status** page. You can use this page to track the current state for each shard in the snapshot. -You can also monitor snapshot recover using {{es}} APIs. To monitor the cluster health status, use the [cluster health API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html). +You can also monitor snapshot recover using {{es}} APIs. To monitor the cluster health status, use the [cluster health API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-health). ```console GET _cluster/health ``` -To get detailed information about ongoing shard recoveries, use the [index recovery API](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-recovery.html). +To get detailed information about ongoing shard recoveries, use the [index recovery API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-recovery). ```console GET my-index/_recovery ``` -To view any unassigned shards, use the [cat shards API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cat-shards.html). +To view any unassigned shards, use the [cat shards API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cat-shards). ```console GET _cat/shards?v=true&h=index,shard,prirep,state,node,unassigned.reason&s=state @@ -422,7 +422,7 @@ GET _cat/shards?v=true&h=index,shard,prirep,state,node,unassigned.reason&s=state Unassigned shards have a `state` of `UNASSIGNED`. The `prirep` value is `p` for primary shards and `r` for replicas. The `unassigned.reason` describes why the shard remains unassigned. -To get a more in-depth explanation of an unassigned shard’s allocation status, use the [cluster allocation explanation API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-allocation-explain.html). +To get a more in-depth explanation of an unassigned shard’s allocation status, use the [cluster allocation explanation API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-allocation-explain). ```console GET _cluster/allocation/explain @@ -480,7 +480,7 @@ Before you start a restore operation, ensure the new cluster has enough capacity If indices or backing indices in the original cluster were assigned to particular nodes using [shard allocation filtering](../../../deploy-manage/distributed-architecture/shard-allocation-relocation-recovery/index-level-shard-allocation.md), the same rules will be enforced in the new cluster. If the new cluster does not contain nodes with appropriate attributes that a restored index can be allocated on, the index will not be successfully restored unless these index allocation settings are changed during the restore operation. -The restore operation also checks that restored persistent settings are compatible with the current cluster to avoid accidentally restoring incompatible settings. If you need to restore a snapshot with incompatible persistent settings, try restoring it without the [global cluster state](https://www.elastic.co/guide/en/elasticsearch/reference/current/restore-snapshot-api.html#restore-snapshot-api-include-global-state). +The restore operation also checks that restored persistent settings are compatible with the current cluster to avoid accidentally restoring incompatible settings. If you need to restore a snapshot with incompatible persistent settings, try restoring it without the [global cluster state](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-snapshot-restore). ## Troubleshoot restore errors [troubleshoot-restore] diff --git a/raw-migrated-files/kibana/kibana/data-rollups.md b/raw-migrated-files/kibana/kibana/data-rollups.md index bfa454b541..3713a71b00 100644 --- a/raw-migrated-files/kibana/kibana/data-rollups.md +++ b/raw-migrated-files/kibana/kibana/data-rollups.md @@ -47,7 +47,7 @@ Once you’ve saved a rollup job, you’ll see it the **Rollup Jobs** overview p :class: screenshot ::: -You can’t change a rollup job after you’ve created it. To select additional fields or redefine terms, you must delete the existing job, and then create a new one with the updated specifications. Be sure to use a different name for the new rollup job—reusing the same name can lead to problems with mismatched job configurations. Refer to [rollup job configuration](https://www.elastic.co/guide/en/elasticsearch/reference/current/rollup-put-job.html#rollup-put-job-api-request-body). +You can’t change a rollup job after you’ve created it. To select additional fields or redefine terms, you must delete the existing job, and then create a new one with the updated specifications. Be sure to use a different name for the new rollup job—reusing the same name can lead to problems with mismatched job configurations. Refer to [rollup job configuration](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-rollup-put-job). ## Try it: Create and visualize rolled up data [rollup-data-tutorial] diff --git a/raw-migrated-files/kibana/kibana/kibana-authentication.md b/raw-migrated-files/kibana/kibana/kibana-authentication.md index 880fce660f..0c4ef33b83 100644 --- a/raw-migrated-files/kibana/kibana/kibana-authentication.md +++ b/raw-migrated-files/kibana/kibana/kibana-authentication.md @@ -90,7 +90,7 @@ For more information about basic authentication and built-in users, see [User au Token authentication is a [subscription feature](https://www.elastic.co/subscriptions). This allows users to log in using the same {{kib}} provided login form as basic authentication, and is based on the Native security realm or LDAP security realm that is provided by {{es}}. The token authentication provider is built on {{es}} token APIs. -Prior to configuring {{kib}}, ensure token support is enabled in {{es}}. See the [{{es}} token API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-token.html) documentation for more information. +Prior to configuring {{kib}}, ensure token support is enabled in {{es}}. See the [{{es}} token API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-get-token) documentation for more information. To enable the token authentication provider in {{kib}}, set the following value in your `kibana.yml`: @@ -105,7 +105,7 @@ xpack.security.authc.providers: order: 0 ``` -Switching to the token authentication provider from basic one will make {{kib}} to reject requests from applications like `curl` that usually use `Authorization` request header with the `Basic` scheme for authentication. If you still want to support such applications you’ll have to either switch to using `Bearer` scheme with the tokens [created by {{es}} token API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-token.html) or add `Basic` scheme to the list of supported schemes for the [HTTP authentication](../../../deploy-manage/users-roles/cluster-or-deployment-auth/user-authentication.md#http-authentication). +Switching to the token authentication provider from basic one will make {{kib}} to reject requests from applications like `curl` that usually use `Authorization` request header with the `Basic` scheme for authentication. If you still want to support such applications you’ll have to either switch to using `Bearer` scheme with the tokens [created by {{es}} token API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-get-token) or add `Basic` scheme to the list of supported schemes for the [HTTP authentication](../../../deploy-manage/users-roles/cluster-or-deployment-auth/user-authentication.md#http-authentication). ## Public key infrastructure (PKI) authentication [pki-authentication] @@ -116,7 +116,7 @@ PKI authentication will not work if {{kib}} is hosted behind a TLS termination r :::: -PKI authentication is a [subscription feature](https://www.elastic.co/subscriptions). This allows users to log into {{kib}} using X.509 client certificates that must be presented while connecting to {{kib}}. The certificates must first be accepted for authentication on the {{kib}} TLS layer, and then they are further validated by an {{es}} PKI realm. The PKI authentication provider relies on the {{es}} [Delegate PKI authentication API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-delegate-pki-authentication.html) to exchange X.509 client certificates to access tokens. All subsequent requests to {{es}} APIs on behalf of users will be authenticated using these access tokens. +PKI authentication is a [subscription feature](https://www.elastic.co/subscriptions). This allows users to log into {{kib}} using X.509 client certificates that must be presented while connecting to {{kib}}. The certificates must first be accepted for authentication on the {{kib}} TLS layer, and then they are further validated by an {{es}} PKI realm. The PKI authentication provider relies on the {{es}} [Delegate PKI authentication API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-delegate-pki) to exchange X.509 client certificates to access tokens. All subsequent requests to {{es}} APIs on behalf of users will be authenticated using these access tokens. Prior to configuring {{kib}}, ensure that the PKI realm is enabled in {{es}} and configured to permit delegation. See [Configuring a PKI realm](https://www.elastic.co/guide/en/elasticsearch/reference/current/pki-realm.html) for more information. diff --git a/raw-migrated-files/kibana/kibana/role-mappings.md b/raw-migrated-files/kibana/kibana/role-mappings.md index 46ba044a17..90f1cb502a 100644 --- a/raw-migrated-files/kibana/kibana/role-mappings.md +++ b/raw-migrated-files/kibana/kibana/role-mappings.md @@ -25,7 +25,7 @@ The `manage_security` cluster privilege is required to manage Role Mappings. 2. Click **Create role mapping**. 3. Give your role mapping a unique name, and choose which roles you wish to assign to your users. - If you need more flexibility, you can use [role templates](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-role-mapping.html#_role_templates) instead. + If you need more flexibility, you can use [role templates](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-put-role-mapping) instead. 4. Define the rules describing which users should receive the roles you defined. Rules can optionally grouped and nested, allowing for sophisticated logic to suite complex requirements. 5. View the [role mapping resources for an overview of the allowed rule types](../../../deploy-manage/users-roles/cluster-or-deployment-auth/mapping-users-groups-to-roles.md). diff --git a/raw-migrated-files/kibana/kibana/secure-reporting.md b/raw-migrated-files/kibana/kibana/secure-reporting.md index e235ff07ef..b9ddc70a16 100644 --- a/raw-migrated-files/kibana/kibana/secure-reporting.md +++ b/raw-migrated-files/kibana/kibana/secure-reporting.md @@ -136,7 +136,7 @@ With a Basic license, you can grant users access with custom roles to {{report-f :class: screenshot ::: -With a Basic license, sub-feature application privileges are unavailable, but you can use the [role API](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-role.html) to grant access to CSV {{report-features}}: +With a Basic license, sub-feature application privileges are unavailable, but you can use the [role API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-put-role) to grant access to CSV {{report-features}}: ```console PUT localhost:5601/api/security/role/custom_reporting_user diff --git a/raw-migrated-files/kibana/kibana/using-kibana-with-security.md b/raw-migrated-files/kibana/kibana/using-kibana-with-security.md index 2cdaa7e7c0..53bf94a9c3 100644 --- a/raw-migrated-files/kibana/kibana/using-kibana-with-security.md +++ b/raw-migrated-files/kibana/kibana/using-kibana-with-security.md @@ -46,7 +46,7 @@ Configure roles for your {{kib}} users to control what data those users can acce To manage privileges in {{kib}}, go to the **Roles** management page using the navigation menu or the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md). The built-in `kibana_admin` role will grant access to {{kib}} with administrator privileges. Alternatively, you can create additional roles that grant limited access to {{kib}}. - If you’re using the default native realm with Basic Authentication, go to the **Users** management page using the navigation menu or the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md) to create users and assign roles, or use the {{es}} [user management APIs](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api.html#security-user-apis). For example, the following creates a user named `jacknich` and assigns it the `kibana_admin` role: + If you’re using the default native realm with Basic Authentication, go to the **Users** management page using the navigation menu or the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md) to create users and assign roles, or use the {{es}} [user management APIs](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-security). For example, the following creates a user named `jacknich` and assigns it the `kibana_admin` role: ```console POST /_security/user/jacknich diff --git a/raw-migrated-files/kibana/kibana/xpack-security.md b/raw-migrated-files/kibana/kibana/xpack-security.md index 95cd75f2d3..f77c81858a 100644 --- a/raw-migrated-files/kibana/kibana/xpack-security.md +++ b/raw-migrated-files/kibana/kibana/xpack-security.md @@ -25,7 +25,7 @@ To manage roles, go to the **Roles** management page using the navigation menu o For a more holistic overview of configuring roles for the entire stack, see [User authorization](../../../deploy-manage/users-roles/cluster-or-deployment-auth/user-roles.md). ::::{note} -Managing roles that grant [{{kib}} privileges](../../../deploy-manage/users-roles/cluster-or-deployment-auth/kibana-privileges.md) using the {{es}} [role management APIs](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api.html#security-role-apis) is not supported. Doing so will likely cause Kibana’s authorization to behave unexpectedly. +Managing roles that grant [{{kib}} privileges](../../../deploy-manage/users-roles/cluster-or-deployment-auth/kibana-privileges.md) using the {{es}} [role management APIs](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-security) is not supported. Doing so will likely cause Kibana’s authorization to behave unexpectedly. :::: diff --git a/raw-migrated-files/logstash/logstash/ts-logstash.md b/raw-migrated-files/logstash/logstash/ts-logstash.md index 5b1dea8a27..04074dd595 100644 --- a/raw-migrated-files/logstash/logstash/ts-logstash.md +++ b/raw-migrated-files/logstash/logstash/ts-logstash.md @@ -179,7 +179,7 @@ A `429` message indicates that an application is busy handling other requests. F Check {{es}} to see if it needs attention. -* [Cluster stats API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-stats.html) +* [Cluster stats API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-stats) * [Monitor a cluster](../../../deploy-manage/monitor.md) **Sample error** diff --git a/raw-migrated-files/observability-docs/observability/apm-common-problems.md b/raw-migrated-files/observability-docs/observability/apm-common-problems.md index 20d18876e1..2c1ba10d2a 100644 --- a/raw-migrated-files/observability-docs/observability/apm-common-problems.md +++ b/raw-migrated-files/observability-docs/observability/apm-common-problems.md @@ -68,7 +68,7 @@ If you see requests coming through the APM Server but they are not accepted (res Another reason for data not showing up is that the agent is not auto-instrumenting something you were expecting, check the [agent documentation](https://www.elastic.co/guide/en/apm/agent/index.html) for details on what is automatically instrumented. -APM Server currently relies on {{es}} to create indices that do not exist. As a result, {{es}} must be configured to allow [automatic index creation](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-index_.html#index-creation) for APM indices. +APM Server currently relies on {{es}} to create indices that do not exist. As a result, {{es}} must be configured to allow [automatic index creation](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-create) for APM indices. :::::: ::::::: diff --git a/raw-migrated-files/observability-docs/observability/apm-reduce-apm-storage.md b/raw-migrated-files/observability-docs/observability/apm-reduce-apm-storage.md index 978e96cb7b..5e946eddfc 100644 --- a/raw-migrated-files/observability-docs/observability/apm-reduce-apm-storage.md +++ b/raw-migrated-files/observability-docs/observability/apm-reduce-apm-storage.md @@ -46,7 +46,7 @@ Index lifecycle management enables you to automate how you want to manage your i ### Delete data matching a query [apm-delete-data-query] -You can delete all APM documents matching a specific query with the [Delete By Query API](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-delete-by-query.html). For example, to delete all documents with a given `service.name`, use the following request: +You can delete all APM documents matching a specific query with the [Delete By Query API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-delete-by-query). For example, to delete all documents with a given `service.name`, use the following request: ```console POST /.ds-*-apm*/_delete_by_query @@ -73,7 +73,7 @@ To open **Index Management**, find **Stack Management*** in the main menu or use You might want to update documents that are already indexed. For example, if you your service name was set incorrectly. -To do this, you can use the [Update By Query API](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-update-by-query.html). To rename a service, send the following request: +To do this, you can use the [Update By Query API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-update-by-query). To rename a service, send the following request: ```console POST /.ds-*-apm*/_update_by_query?expand_wildcards=all diff --git a/raw-migrated-files/observability-docs/observability/logs-parse.md b/raw-migrated-files/observability-docs/observability/logs-parse.md index 4d0254f3d5..82d9dce659 100644 --- a/raw-migrated-files/observability-docs/observability/logs-parse.md +++ b/raw-migrated-files/observability-docs/observability/logs-parse.md @@ -144,7 +144,7 @@ PUT _ingest/pipeline/logs-example-default<1> #### Test the pipeline with the simulate pipeline API [logs-stream-simulate-api] -The [simulate pipeline API](https://www.elastic.co/guide/en/elasticsearch/reference/current/simulate-pipeline-api.html#ingest-verbose-param) runs the ingest pipeline without storing any documents. This lets you verify your pipeline works using multiple documents. Run the following command to test your ingest pipeline with the simulate pipeline API. +The [simulate pipeline API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-ingest-simulate) runs the ingest pipeline without storing any documents. This lets you verify your pipeline works using multiple documents. Run the following command to test your ingest pipeline with the simulate pipeline API. ```console POST _ingest/pipeline/logs-example-default/_simulate @@ -332,7 +332,7 @@ In addition to setting an ingest pipeline, you need to set an index template. Yo #### Test the pipeline with the simulate API [logs-stream-log-level-simulate] -Test that your ingest pipeline works as expected with the [simulate pipeline API](https://www.elastic.co/guide/en/elasticsearch/reference/current/simulate-pipeline-api.html#ingest-verbose-param): +Test that your ingest pipeline works as expected with the [simulate pipeline API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-ingest-simulate): ```console POST _ingest/pipeline/logs-example-default/_simulate @@ -504,7 +504,7 @@ In addition to setting an ingest pipeline, you need to set an index template. Yo #### Test the pipeline with the simulate API [logs-stream-host-ip-simulate] -Test that your ingest pipeline works as expected with the [simulate pipeline API](https://www.elastic.co/guide/en/elasticsearch/reference/current/simulate-pipeline-api.html#ingest-verbose-param): +Test that your ingest pipeline works as expected with the [simulate pipeline API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-ingest-simulate): ```console POST _ingest/pipeline/logs-example-default/_simulate diff --git a/raw-migrated-files/observability-docs/observability/logs-troubleshooting.md b/raw-migrated-files/observability-docs/observability/logs-troubleshooting.md index c5e78a39b5..898f92aaab 100644 --- a/raw-migrated-files/observability-docs/observability/logs-troubleshooting.md +++ b/raw-migrated-files/observability-docs/observability/logs-troubleshooting.md @@ -162,7 +162,7 @@ Aggregations on this field would no longer be supported, but the contents would To convert the `keyword` field to a `text` field: 1. Create a new index with the `text` field data type. -2. Reindex from the `_source` field of the source index using the [`_reindex` API](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-reindex.html). +2. Reindex from the `_source` field of the source index using the [`_reindex` API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex). ### Date format mismatch [logs-mapping-troubleshooting-date-mismatch] diff --git a/raw-migrated-files/observability-docs/observability/obs-ai-assistant.md b/raw-migrated-files/observability-docs/observability/obs-ai-assistant.md index 2796747238..fd48d19e8b 100644 --- a/raw-migrated-files/observability-docs/observability/obs-ai-assistant.md +++ b/raw-migrated-files/observability-docs/observability/obs-ai-assistant.md @@ -149,7 +149,7 @@ The [search connectors](https://www.elastic.co/guide/en/elasticsearch/reference/ [Connectors](https://www.elastic.co/guide/en/elasticsearch/reference/current/es-connectors.html) allow you to index content from external sources thereby making it available for the AI Assistant. This can greatly improve the relevance of the AI Assistant’s responses. Data can be integrated from sources such as GitHub, Confluence, Google Drive, Jira, AWS S3, Microsoft Teams, Slack, and more. -UI affordances for creating and managing search connectors are available in the Search Solution in {{kib}}. You can also use the {{es}} [Connector APIs](https://www.elastic.co/guide/en/elasticsearch/reference/current/connector-apis.html) to create and manage search connectors. +UI affordances for creating and managing search connectors are available in the Search Solution in {{kib}}. You can also use the {{es}} [Connector APIs](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-connector) to create and manage search connectors. The infrastructure for deploying connectors can be managed by Elastic or self-managed. Managed connectors require an [Enterprise Search](https://www.elastic.co/guide/en/enterprise-search/current/server.html) server connected to the Elastic Stack. Self-managed connectors are run on your own infrastructure and don’t require the Enterprise Search service. diff --git a/raw-migrated-files/security-docs/security/about-rules.md b/raw-migrated-files/security-docs/security/about-rules.md index b36cb925b7..39568df2bd 100644 --- a/raw-migrated-files/security-docs/security/about-rules.md +++ b/raw-migrated-files/security-docs/security/about-rules.md @@ -20,7 +20,7 @@ You can create the following types of rules: For example, if the threshold `field` is `source.ip` and its `value` is `10`, an alert is generated for every source IP address that appears in at least 10 of the rule’s search results. * [**Event correlation**](../../../solutions/security/detect-and-alert/create-detection-rule.md#create-eql-rule): Searches the defined indices and creates an alert when results match an [Event Query Language (EQL)](../../../explore-analyze/query-filter/languages/eql.md) query. -* [**Indicator match**](../../../solutions/security/detect-and-alert/create-detection-rule.md#create-indicator-rule): Creates an alert when {{elastic-sec}} index field values match field values defined in the specified indicator index patterns. For example, you can create an indicator index for IP addresses and use this index to create an alert whenever an event’s `destination.ip` equals a value in the index. Indicator index field mappings should be [ECS-compliant](https://www.elastic.co/guide/en/ecs/{{ecs_version}}). For information on creating {{es}} indices and field types, see [Index some documents](https://www.elastic.co/guide/en/starting-with-the-elasticsearch-platform-and-its-solutions/current/getting-started-general-purpose.html#gp-gs-add-data), [Create index API](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-create-index.html), and [Field data types](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-types.html). If you have indicators in a standard file format, such as CSV or JSON, you can also use the Machine Learning Data Visualizer to import your indicators into an indicator index. See [Explore the data in {{kib}}](../../../explore-analyze/machine-learning/anomaly-detection/ml-getting-started.md#sample-data-visualizer) and use the **Import Data** option to import your indicators. +* [**Indicator match**](../../../solutions/security/detect-and-alert/create-detection-rule.md#create-indicator-rule): Creates an alert when {{elastic-sec}} index field values match field values defined in the specified indicator index patterns. For example, you can create an indicator index for IP addresses and use this index to create an alert whenever an event’s `destination.ip` equals a value in the index. Indicator index field mappings should be [ECS-compliant](https://www.elastic.co/guide/en/ecs/{{ecs_version}}). For information on creating {{es}} indices and field types, see [Index some documents](https://www.elastic.co/guide/en/starting-with-the-elasticsearch-platform-and-its-solutions/current/getting-started-general-purpose.html#gp-gs-add-data), [Create index API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-create), and [Field data types](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-types.html). If you have indicators in a standard file format, such as CSV or JSON, you can also use the Machine Learning Data Visualizer to import your indicators into an indicator index. See [Explore the data in {{kib}}](../../../explore-analyze/machine-learning/anomaly-detection/ml-getting-started.md#sample-data-visualizer) and use the **Import Data** option to import your indicators. ::::{tip} You can also use value lists as the indicator match index. See [Use value lists with indicator match rules](../../../solutions/security/detect-and-alert/create-detection-rule.md#indicator-value-lists) at the end of this topic for more information. diff --git a/raw-migrated-files/security-docs/security/data-quality-dash.md b/raw-migrated-files/security-docs/security/data-quality-dash.md index b21cb70f7c..c9214a0f79 100644 --- a/raw-migrated-files/security-docs/security/data-quality-dash.md +++ b/raw-migrated-files/security-docs/security/data-quality-dash.md @@ -22,10 +22,10 @@ The Data Quality dashboard doesn’t show data from cold or frozen [data tiers]( ::::{admonition} Requirements To use the Data Quality dashboard, you need at least the following [privileges](../../../deploy-manage/users-roles/cluster-or-deployment-auth/elasticsearch-privileges.md#privileges-list-indices) for each index you want to check: -* `monitor` or `manage` (required for the [Index stats API](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-stats.html)) -* `view_index_metadata` or `manage_ilm` (required for the [Explain lifecycle API](https://www.elastic.co/guide/en/elasticsearch/reference/current/ilm-explain-lifecycle.html)) -* `view_index_metadata` or `manage` (required for the [Get mapping API](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-get-mapping.html)) -* `read` (required for the [Search API](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-search.html)) +* `monitor` or `manage` (required for the [Index stats API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-stats)) +* `view_index_metadata` or `manage_ilm` (required for the [Explain lifecycle API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-ilm-explain-lifecycle)) +* `view_index_metadata` or `manage` (required for the [Get mapping API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-get-mapping)) +* `read` (required for the [Search API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-search)) :::: diff --git a/raw-migrated-files/security-docs/security/detection-engine-overview.md b/raw-migrated-files/security-docs/security/detection-engine-overview.md index cf485283dc..4c4e9a864d 100644 --- a/raw-migrated-files/security-docs/security/detection-engine-overview.md +++ b/raw-migrated-files/security-docs/security/detection-engine-overview.md @@ -23,7 +23,7 @@ To use {{kib}} Alerting for detection alert notifications, you need the [appropr After rules have started running, you can monitor their executions to verify they are functioning correctly, as well as view, manage, and troubleshoot alerts (see [*Manage detection alerts*](../../../solutions/security/detect-and-alert/manage-detection-alerts.md) and [*Monitor and troubleshoot rule executions*](../../../troubleshoot/security/detection-rules.md)). -You can create and manage rules and alerts via the UI or the [Detections API](https://www.elastic.co/guide/en/security/current/rule-api-overview.html). +You can create and manage rules and alerts via the UI or the [Detections API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-detections-api). ::::{important} To make sure you can access Detections and manage rules, see [*Detections requirements*](../../../solutions/security/detect-and-alert/detections-requirements.md). diff --git a/raw-migrated-files/security-docs/security/rules-ui-create.md b/raw-migrated-files/security-docs/security/rules-ui-create.md index 3f600dbeb9..4d9a83190d 100644 --- a/raw-migrated-files/security-docs/security/rules-ui-create.md +++ b/raw-migrated-files/security-docs/security/rules-ui-create.md @@ -748,7 +748,7 @@ The following variables can only be passed if the rule’s action frequency is f #### Alert placeholder examples [placeholder-examples] -To understand which fields to parse, see the [*Detections API*](https://www.elastic.co/guide/en/security/current/rule-api-overview.html) to view the JSON representation of rules. +To understand which fields to parse, see the [*Detections API*](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-detections-api) to view the JSON representation of rules. Example using `{{context.rule.filters}}` to output a list of filters: diff --git a/raw-migrated-files/stack-docs/elastic-stack/upgrade-elastic-stack-for-elastic-cloud.md b/raw-migrated-files/stack-docs/elastic-stack/upgrade-elastic-stack-for-elastic-cloud.md index 62fe191dff..34f9db5484 100644 --- a/raw-migrated-files/stack-docs/elastic-stack/upgrade-elastic-stack-for-elastic-cloud.md +++ b/raw-migrated-files/stack-docs/elastic-stack/upgrade-elastic-stack-for-elastic-cloud.md @@ -253,7 +253,7 @@ If you are running a pre-8.x version, you might need to perform multiple upgrade Alternatively, you can create a new 9.0.0-beta1 deployment and reindex from remote: 1. Provision an additional deployment running 9.0.0-beta1. -2. Reindex your data into the new {{es}} cluster using [reindex from remote](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-reindex.html#reindex-from-remote) and temporarily send new index requests to both clusters. +2. Reindex your data into the new {{es}} cluster using [reindex from remote](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex) and temporarily send new index requests to both clusters. 3. Verify that the new cluster performs as expected, fix any problems, and then permanently swap in the new cluster. 4. Delete the old deployment. On Elastic Cloud, you are billed only for the time that the new deployment runs in parallel with your old deployment. Usage is billed on an hourly basis. diff --git a/raw-migrated-files/stack-docs/elastic-stack/upgrading-elasticsearch.md b/raw-migrated-files/stack-docs/elastic-stack/upgrading-elasticsearch.md index 2691a8923b..a09b9cf212 100644 --- a/raw-migrated-files/stack-docs/elastic-stack/upgrading-elasticsearch.md +++ b/raw-migrated-files/stack-docs/elastic-stack/upgrading-elasticsearch.md @@ -27,7 +27,7 @@ To upgrade a cluster: 2. **Stop non-essential indexing and perform a flush.** (Optional) - While you can continue indexing during the upgrade, shard recovery is much faster if you temporarily stop non-essential indexing and perform a [flush](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-flush.html). + While you can continue indexing during the upgrade, shard recovery is much faster if you temporarily stop non-essential indexing and perform a [flush](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-indices-flush). ```console POST /_flush @@ -42,7 +42,7 @@ To upgrade a cluster: :::: - * Temporarily halt the tasks associated with your {{ml}} jobs and {{dfeeds}} and prevent new jobs from opening by using the [set upgrade mode API](https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-set-upgrade-mode.html): + * Temporarily halt the tasks associated with your {{ml}} jobs and {{dfeeds}} and prevent new jobs from opening by using the [set upgrade mode API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-ml-set-upgrade-mode): ```console POST _ml/set_upgrade_mode?enabled=true @@ -176,7 +176,7 @@ To upgrade a cluster: POST _ml/set_upgrade_mode?enabled=false ``` - If you closed all {{ml}} jobs before the upgrade, open the jobs and start the datafeeds from {{kib}} or with the [open jobs](https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-open-job.html) and [start datafeed](https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-start-datafeed.html) APIs. + If you closed all {{ml}} jobs before the upgrade, open the jobs and start the datafeeds from {{kib}} or with the [open jobs](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-ml-open-job) and [start datafeed](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-ml-start-datafeed) APIs.