From 3b99364c8a2b8269ac7539b9dc22760c976c06dd Mon Sep 17 00:00:00 2001 From: Florent Le Borgne Date: Thu, 13 Mar 2025 18:40:55 +0100 Subject: [PATCH] clean up raw files for explore & analyze --- explore-analyze/ai-assistant.md | 13 - explore-analyze/find-and-organize.md | 8 - .../find-and-organize/data-views.md | 10 - .../find-and-organize/saved-objects.md | 10 - explore-analyze/find-and-organize/tags.md | 7 - explore-analyze/index.md | 9 - explore-analyze/query-filter/filtering.md | 9 - .../query-filter/languages/esql.md | 12 - .../query-filter/languages/querydsl.md | 12 - explore-analyze/query-filter/tools/console.md | 11 - .../query-filter/tools/saved-queries.md | 7 - explore-analyze/report-and-share.md | 10 - explore-analyze/visualize/maps.md | 8 - .../cloud/cloud-enterprise/ece-api-console.md | 33 --- .../elasticsearch-explore-your-data.md | 46 ---- .../docs-content/serverless/spaces.md | 56 ----- .../elasticsearch-reference/search-analyze.md | 89 ------- .../kibana/kibana/console-kibana.md | 224 ------------------ raw-migrated-files/kibana/kibana/esql.md | 42 ---- .../kibana/kibana/search-ai-assistant.md | 141 ----------- .../kibana/kibana/set-time-filter.md | 25 -- raw-migrated-files/toc.yml | 8 - 22 files changed, 790 deletions(-) delete mode 100644 raw-migrated-files/cloud/cloud-enterprise/ece-api-console.md delete mode 100644 raw-migrated-files/docs-content/serverless/elasticsearch-explore-your-data.md delete mode 100644 raw-migrated-files/docs-content/serverless/spaces.md delete mode 100644 raw-migrated-files/elasticsearch/elasticsearch-reference/search-analyze.md delete mode 100644 raw-migrated-files/kibana/kibana/console-kibana.md delete mode 100644 raw-migrated-files/kibana/kibana/esql.md delete mode 100644 raw-migrated-files/kibana/kibana/search-ai-assistant.md delete mode 100644 raw-migrated-files/kibana/kibana/set-time-filter.md diff --git a/explore-analyze/ai-assistant.md b/explore-analyze/ai-assistant.md index f8f610fd0e..8612ba6fb1 100644 --- a/explore-analyze/ai-assistant.md +++ b/explore-analyze/ai-assistant.md @@ -13,19 +13,6 @@ mapped_urls: # AI assistant -% What needs to be done: Write from scratch - -% Scope notes: explain concept and link out to specific docs & config - -% Use migrated content from existing pages that map to this page: - -% - [ ] ./raw-migrated-files/kibana/kibana/search-ai-assistant.md -% - [ ] ./raw-migrated-files/observability-docs/observability/obs-ai-assistant.md -% - [ ] ./raw-migrated-files/docs-content/serverless/security-ai-for-security.md -% - [ ] ./raw-migrated-files/docs-content/serverless/observability-ai-assistant.md -% - [ ] ./raw-migrated-files/docs-content/serverless/security-ai-assistant.md -% - [ ] ./raw-migrated-files/docs-content/serverless/ai-assistant-knowledge-base.md - $$$token-limits$$$ **AI Assistant** is a chat-based interactive tool that uses generative AI and ELSER, Elastic’s proprietary semantic search model, to help you with a variety of tasks related to Elasticsearch and Kibana, including: diff --git a/explore-analyze/find-and-organize.md b/explore-analyze/find-and-organize.md index 0a726ad201..5941ed228b 100644 --- a/explore-analyze/find-and-organize.md +++ b/explore-analyze/find-and-organize.md @@ -8,14 +8,6 @@ mapped_urls: # Find and organize content -% What needs to be done: Refine - -% Scope notes: could be rebranded as "saving and labeling" / "organize content" consider references to spaces + saved queries here? - -% Use migrated content from existing pages that map to this page: - -% - [ ] ./raw-migrated-files/docs-content/serverless/saved-objects.md -% - [ ] ./raw-migrated-files/docs-content/serverless/project-settings-content.md $$$saved-objects-copy-to-other-spaces$$$ diff --git a/explore-analyze/find-and-organize/data-views.md b/explore-analyze/find-and-organize/data-views.md index b3133aef82..fdd81d3f7c 100644 --- a/explore-analyze/find-and-organize/data-views.md +++ b/explore-analyze/find-and-organize/data-views.md @@ -10,16 +10,6 @@ mapped_urls: # Data views [data-views] -% What needs to be done: Align serverless/stateful - -% Use migrated content from existing pages that map to this page: - -% - [ ] ./raw-migrated-files/kibana/kibana/data-views.md -% - [ ] ./raw-migrated-files/docs-content/serverless/data-views.md -% - [ ] ./raw-migrated-files/kibana/kibana/managing-data-views.md - -% Internal links rely on the following IDs being on this page (e.g. as a heading ID, paragraph ID, etc): - $$$field-formatters-numeric$$$ $$$managing-fields$$$ diff --git a/explore-analyze/find-and-organize/saved-objects.md b/explore-analyze/find-and-organize/saved-objects.md index 8786d93446..85fb795ae5 100644 --- a/explore-analyze/find-and-organize/saved-objects.md +++ b/explore-analyze/find-and-organize/saved-objects.md @@ -10,16 +10,6 @@ mapped_urls: # Saved objects [saved-objects] -% What needs to be done: Refine - -% Use migrated content from existing pages that map to this page: - -% - [ ] ./raw-migrated-files/docs-content/serverless/saved-objects.md -% - [ ] ./raw-migrated-files/kibana/kibana/managing-saved-objects.md -% - [ ] ./raw-migrated-files/kibana/kibana/saved-object-ids.md - -% Internal links rely on the following IDs being on this page (e.g. as a heading ID, paragraph ID, etc): - $$$managing-saved-objects-copy-to-space$$$ $$$managing-saved-objects-export-objects$$$ diff --git a/explore-analyze/find-and-organize/tags.md b/explore-analyze/find-and-organize/tags.md index 65ea3e9848..11482f7a01 100644 --- a/explore-analyze/find-and-organize/tags.md +++ b/explore-analyze/find-and-organize/tags.md @@ -9,13 +9,6 @@ mapped_urls: # Tags [managing-tags] -% What needs to be done: Refine - -% Use migrated content from existing pages that map to this page: - -% - [ ] ./raw-migrated-files/docs-content/serverless/tags.md -% - [ ] ./raw-migrated-files/kibana/kibana/managing-tags.md - Use tags to categorize your saved objects, then filter for related objects based on shared tags. diff --git a/explore-analyze/index.md b/explore-analyze/index.md index 54676f7898..a1bbd914dc 100644 --- a/explore-analyze/index.md +++ b/explore-analyze/index.md @@ -12,15 +12,6 @@ mapped_urls: # Explore and analyze -% What needs to be done: Write from scratch - -% Use migrated content from existing pages that map to this page: - -% - [ ] ./raw-migrated-files/docs-content/serverless/elasticsearch-explore-your-data.md -% - [ ] ./raw-migrated-files/kibana/kibana/introduction.md - -% Internal links rely on the following IDs being on this page (e.g. as a heading ID, paragraph ID, etc): - $$$elasticsearch-explore-your-data-visualizations-save-to-the-visualize-library$$$ The Elasticsearch platform and its UI, also known as Kibana, provide a comprehensive suite of tools to help you search, interact with, explore, and analyze your data effectively. These features empower you to gain deep insights, uncover trends, and take actionable steps based on your findings. This page is an overview of the key capabilities. diff --git a/explore-analyze/query-filter/filtering.md b/explore-analyze/query-filter/filtering.md index 93c1ea0abe..240fcd3944 100644 --- a/explore-analyze/query-filter/filtering.md +++ b/explore-analyze/query-filter/filtering.md @@ -9,15 +9,6 @@ mapped_urls: # Filtering in Kibana -% What needs to be done: Write from scratch - -% Use migrated content from existing pages that map to this page: - -% - [ ] ./raw-migrated-files/kibana/kibana/kibana-concepts-analysts.md -% - [ ] ./raw-migrated-files/kibana/kibana/set-time-filter.md - -% Internal links rely on the following IDs being on this page (e.g. as a heading ID, paragraph ID, etc): - $$$_finding_your_apps_and_objects$$$ This page describes the common ways Kibana offers in most apps for filtering data and refining your initial search queries. diff --git a/explore-analyze/query-filter/languages/esql.md b/explore-analyze/query-filter/languages/esql.md index 18607a061e..974f585285 100644 --- a/explore-analyze/query-filter/languages/esql.md +++ b/explore-analyze/query-filter/languages/esql.md @@ -12,18 +12,6 @@ mapped_urls: # ES|QL [esql] -% What needs to be done: Refine - -% Scope notes: everything but language reference. Merge the pages about Kibana. Add links to reference's new location - -% Use migrated content from existing pages that map to this page: - -% - [ ] ./raw-migrated-files/elasticsearch/elasticsearch-reference/esql.md -% - [ ] ./raw-migrated-files/elasticsearch/elasticsearch-reference/esql-getting-started.md -% - [ ] ./raw-migrated-files/elasticsearch/elasticsearch-reference/esql-using.md -% - [ ] ./raw-migrated-files/elasticsearch/elasticsearch-reference/esql-examples.md -% - [ ] ./raw-migrated-files/kibana/kibana/esql.md - ## What's {{esql}}? [_the_esql_compute_engine] **Elasticsearch Query Language ({{esql}})** is a piped query language for filtering, transforming, and analyzing data. diff --git a/explore-analyze/query-filter/languages/querydsl.md b/explore-analyze/query-filter/languages/querydsl.md index d8fdac4b23..efbcc4c5a9 100644 --- a/explore-analyze/query-filter/languages/querydsl.md +++ b/explore-analyze/query-filter/languages/querydsl.md @@ -9,18 +9,6 @@ mapped_urls: # QueryDSL -% What needs to be done: Refine - -% Scope notes: everything but language reference. Add links to reference's new location. Merge those 2 pages together - -% Use migrated content from existing pages that map to this page: - -% - [ ] ./raw-migrated-files/elasticsearch/elasticsearch-reference/query-dsl.md -% - [ ] ./raw-migrated-files/elasticsearch/elasticsearch-reference/query-filter-context.md -% Notes: maybe - -% Internal links rely on the following IDs being on this page (e.g. as a heading ID, paragraph ID, etc): - $$$filter-context$$$ $$$query-dsl-allow-expensive-queries$$$ diff --git a/explore-analyze/query-filter/tools/console.md b/explore-analyze/query-filter/tools/console.md index 6d8aab9640..db48e5d388 100644 --- a/explore-analyze/query-filter/tools/console.md +++ b/explore-analyze/query-filter/tools/console.md @@ -10,17 +10,6 @@ mapped_urls: # Run API requests with Console [console-kibana] -% What needs to be done: Refine - -% Scope notes: Add mentions of query tools (search profiler...) - -% Use migrated content from existing pages that map to this page: - -% - [ ] ./raw-migrated-files/kibana/kibana/console-kibana.md -% - [ ] ./raw-migrated-files/cloud/cloud-enterprise/ece-api-console.md - -% Internal links rely on the following IDs being on this page (e.g. as a heading ID, paragraph ID, etc): - $$$configuring-console$$$ $$$import-export-console-requests$$$ diff --git a/explore-analyze/query-filter/tools/saved-queries.md b/explore-analyze/query-filter/tools/saved-queries.md index 292ff44c00..86ed72b98b 100644 --- a/explore-analyze/query-filter/tools/saved-queries.md +++ b/explore-analyze/query-filter/tools/saved-queries.md @@ -8,13 +8,6 @@ mapped_urls: # Saved queries [save-load-delete-query] -% What needs to be done: Refine - -% Use migrated content from existing pages that map to this page: - -% - [ ] ./raw-migrated-files/elasticsearch/elasticsearch-reference/search-analyze.md -% - [ ] ./raw-migrated-files/kibana/kibana/save-load-delete-query.md - Have you ever built a query that you wanted to reuse? With saved queries, you can save your query text, filters, and time range for reuse anywhere a query bar is present. For example, suppose you’re in **Discover**, and you’ve put time into building a query that includes query input text, multiple filters, and a specific time range. Save this query, and you can embed the search results in dashboards, use them as a foundation for building a visualization, and share them in a link or CVS form. diff --git a/explore-analyze/report-and-share.md b/explore-analyze/report-and-share.md index cfdf94c0d3..14dc97f63f 100644 --- a/explore-analyze/report-and-share.md +++ b/explore-analyze/report-and-share.md @@ -8,16 +8,6 @@ mapped_urls: # Reporting and sharing [reporting-getting-started] -% What needs to be done: Refine - -% Scope notes: reference prod considerations - -% Use migrated content from existing pages that map to this page: - -% - [ ] ./raw-migrated-files/kibana/kibana/reporting-getting-started.md - -% Internal links rely on the following IDs being on this page (e.g. as a heading ID, paragraph ID, etc): - $$$install-reporting-packages$$$ $$$set-reporting-server-host$$$ diff --git a/explore-analyze/visualize/maps.md b/explore-analyze/visualize/maps.md index ddf24ad845..f371c2f504 100644 --- a/explore-analyze/visualize/maps.md +++ b/explore-analyze/visualize/maps.md @@ -9,14 +9,6 @@ mapped_urls: # Maps [maps] -% What needs to be done: Align serverless/stateful - -% Use migrated content from existing pages that map to this page: - -% - [ ] ./raw-migrated-files/kibana/kibana/maps.md -% - [ ] ./raw-migrated-files/docs-content/serverless/maps.md - - Create beautiful maps from your geographical data. With **Maps**, you can: * Build maps with multiple layers and indices. diff --git a/raw-migrated-files/cloud/cloud-enterprise/ece-api-console.md b/raw-migrated-files/cloud/cloud-enterprise/ece-api-console.md deleted file mode 100644 index c0d20fa1c5..0000000000 --- a/raw-migrated-files/cloud/cloud-enterprise/ece-api-console.md +++ /dev/null @@ -1,33 +0,0 @@ -# Access the Elasticsearch API console [ece-api-console] - -Interact with a specific Elasticsearch cluster directly from the Cloud UI without having to authenticate again. This RESTful API access is limited to the specific cluster and works only for Elasticsearch API calls. - -::::{note} -API console is intended for admin purposes. Avoid running normal workload like indexing or search request. -:::: - - -You are unable to make Elastic Cloud Enterprise platform changes from the Elasticsearch API. If you want to work with the platform, check the [Elastic Cloud Enterprise RESTful API](asciidocalypse://docs/cloud/docs/reference/cloud-enterprise/restful-api.md). - -1. [Log into the Cloud UI](../../../deploy-manage/deploy/cloud-enterprise/log-into-cloud-ui.md). -2. On the **Deployments** page, select your deployment. - - Narrow the list by name, ID, or choose from several other filters. To further define the list, use a combination of filters. - -3. From the Elasticsearch menu, go to the **API Console** page. -4. Make a selection from the operation drop-down list and complete the path. - - For example, select `GET`, then use the `_cluster/health?pretty=true` path for cluster status and other pertinent details. - -5. If needed, add the body information. - - ::::{tip} - To display the body area, select PUT, POST, or DELETE from the drop-down list. - :::: - -6. Select **Submit**. - -The results of the API operation are displayed, along with the time it took to complete the operation. - -To learn more about what kinds of Elasticsearch API calls you can make from the Cloud UI, check the [Elasticsearch Reference](https://www.elastic.co/guide/en/elasticsearch/reference/current). - diff --git a/raw-migrated-files/docs-content/serverless/elasticsearch-explore-your-data.md b/raw-migrated-files/docs-content/serverless/elasticsearch-explore-your-data.md deleted file mode 100644 index 4a1b1439b3..0000000000 --- a/raw-migrated-files/docs-content/serverless/elasticsearch-explore-your-data.md +++ /dev/null @@ -1,46 +0,0 @@ -# Explore your data [elasticsearch-explore-your-data] - -In addition to search, {{es3}} offers several options for analyzing and visualizing your data. - -::::{note} -These features are available on all Elastic deployment types: self-managed clusters, Elastic Cloud Hosted deployments, and {{es-serverless}} projects. They are documented in the {{es}} and {{kib}} core documentation. - -:::: - - - -## Data analysis [_data_analysis] - -[Aggregations](../../../explore-analyze/query-filter/aggregations.md) -: Use aggregations in your [`_search` API](https://www.elastic.co/docs/api/doc/elasticsearch-serverless/operation/operation-search#operation-search-body-application-json-aggregations) requests to summarize your data as metrics, statistics, or other analytics. - -$$$elasticsearch-explore-your-data-discover-your-data$$$ - -[Discover](../../../explore-analyze/discover.md) -: Use the **Discover** UI to quickly search and filter your data, get information about the structure of the fields, and display your findings in a visualization. - - 🔍 Find **Discover** in your {{es-serverless}} project’s UI under **Analyze / Discover**. - - - -## Visualization [elasticsearch-explore-your-data-visualizations-save-to-the-visualize-library] - -[Dashboards](../../../explore-analyze/dashboards.md) -: Build dynamic dashboards that visualize your data as charts, graphs, maps, and more. - - 🔍 Find **Dashboards** in your {{es-serverless}} project’s UI under **Analyze / Dashboard**. - - -[Maps](../../../explore-analyze/visualize/maps.md) -: Visualize your geospatial data on a map. - - 🔍 Find **Maps** in your {{es-serverless}} project’s UI under **Other tools / Maps**. - - - -## Monitoring [_monitoring] - -[Rules](../../../explore-analyze/alerts-cases.md) -: Create rules that trigger notifications when certain conditions are met in your data. - - 🔍 Find **Rules** in your {{es-serverless}} project’s UI under **Project settings > Alerts and insights > Rules**. diff --git a/raw-migrated-files/docs-content/serverless/spaces.md b/raw-migrated-files/docs-content/serverless/spaces.md deleted file mode 100644 index c02dbc4d96..0000000000 --- a/raw-migrated-files/docs-content/serverless/spaces.md +++ /dev/null @@ -1,56 +0,0 @@ -# Spaces [spaces] - -This content applies to: [![Elasticsearch](../../../images/serverless-es-badge.svg "")](../../../solutions/search.md) [![Observability](../../../images/serverless-obs-badge.svg "")](../../../solutions/observability.md) [![Security](../../../images/serverless-sec-badge.svg "")](../../../solutions/security/elastic-security-serverless.md) - -Spaces enable you to organize your dashboards and other saved objects into meaningful categories. Once inside a space, you see only the dashboards and saved objects that belong to that space. - -When you create and enter a new project, you’re using the default space of that project. - -You can identify the space you’re in or switch to a different space from the header. - -:::{image} ../../../images/serverless-space-breadcrumb.png -:alt: Space breadcrumb -:screenshot: -::: - -You can view and manage the spaces of a project from the **Spaces** page in **Management**. - - -## Required permissions [spaces-required-permissions] - -You must have an admin role on the project to manage its **Spaces**. - - -## Create or edit a space [spaces-create-or-edit-a-space] - -You can have up to 100 spaces in a project. - -1. Click **Create space** or select the space you want to edit. -2. Provide: - - * A meaningful name and description for the space. - * A URL identifier. The URL identifier is a short text string that becomes part of the {{kib}} URL. {{kib}} suggests a URL identifier based on the name of your space, but you can customize the identifier to your liking. You cannot change the space identifier later. - -3. Customize the avatar of the space to your liking. -4. Save the space. - -{{kib}} also has an [API](https://www.elastic.co/docs/api/doc/serverless/group/endpoint-spaces) if you prefer to create spaces programmatically. - - -## Customize access to space [spaces-customize-access-to-space] - -Customizing access to a space is available for the following project types only: [![Elasticsearch](../../../images/serverless-es-badge.svg "")](../../../solutions/search.md) [![Security](../../../images/serverless-sec-badge.svg "")](../../../solutions/security/elastic-security-serverless.md) - -As an administrator, you can define custom roles with specific access to certain spaces and features in a project. Refer to [Custom roles](../../../deploy-manage/users-roles/cloud-organization/user-roles.md). - - -## Delete a space [spaces-delete-a-space] - -Deleting a space permanently removes the space and all of its contents. Find the space on the *Spaces* page and click the trash icon in the Actions column. - -You can’t delete the default space, but you can customize it to your liking. - - -## Move saved objects between spaces [spaces-move-saved-objects-between-spaces] - -To move saved objects between spaces, you can [copy objects](../../../explore-analyze/find-and-organize.md#saved-objects-copy-to-other-spaces) or [export and import objects](../../../explore-analyze/find-and-organize.md#saved-objects-import-and-export). diff --git a/raw-migrated-files/elasticsearch/elasticsearch-reference/search-analyze.md b/raw-migrated-files/elasticsearch/elasticsearch-reference/search-analyze.md deleted file mode 100644 index a31b10afa7..0000000000 --- a/raw-migrated-files/elasticsearch/elasticsearch-reference/search-analyze.md +++ /dev/null @@ -1,89 +0,0 @@ -# Search and analyze data [search-analyze] - -You can use {{es}} as a basic document store to retrieve documents and their metadata. However, the real power of {{es}} comes from its advanced search and analytics capabilities. - -You’ll use a combination of an API endpoint and a query language to interact with your data. - - -## REST API [search-analyze-rest-api] - -Use REST APIs to manage your {{es}} cluster, and to index and search your data. For testing purposes, you can submit requests directly from the command line or through the Dev Tools [Console](../../../explore-analyze/query-filter/tools/console.md) in {{kib}}. From your applications, you can use a [client](https://www.elastic.co/guide/en/elasticsearch/client/index.html) in your programming language of choice. - -Refer to [first steps with Elasticsearch](../../../solutions/search/get-started.md) for a hands-on example of using the `_search` endpoint, adding data to {{es}}, and running basic searches in Query DSL syntax. - - -## Query languages [search-analyze-query-languages] - -{{es}} provides a number of query languages for interacting with your data. - -**Query DSL** is the primary query language for {{es}} today. - -**{{esql}}** is a new piped query language and compute engine which was first added in version **8.11**. - -{{esql}} does not yet support all the features of Query DSL. Look forward to new {{esql}} features and functionalities in each release. - -Refer to [Query languages](../../../explore-analyze/query-filter.md#search-analyze-query-languages) for a full overview of the query languages available in {{es}}. - - -### Query DSL [search-analyze-query-dsl] - -[Query DSL](../../../explore-analyze/query-filter/languages/querydsl.md) is a full-featured JSON-style query language that enables complex searching, filtering, and aggregations. It is the original and most powerful query language for {{es}} today. - -The [`_search` endpoint](../../../solutions/search/querying-for-search.md) accepts queries written in Query DSL syntax. - - -#### Search and filter with Query DSL [search-analyze-query-dsl-search-filter] - -Query DSL support a wide range of search techniques, including the following: - -* [**Full-text search**](../../../solutions/search/full-text.md): Search text that has been analyzed and indexed to support phrase or proximity queries, fuzzy matches, and more. -* [**Keyword search**](elasticsearch://reference/elasticsearch/mapping-reference/keyword.md): Search for exact matches using `keyword` fields. -* [**Semantic search**](../../../solutions/search/semantic-search/semantic-search-semantic-text.md): Search `semantic_text` fields using dense or sparse vector search on embeddings generated in your {{es}} cluster. -* [**Vector search**](../../../solutions/search/vector/knn.md): Search for similar dense vectors using the kNN algorithm for embeddings generated outside of {{es}}. -* [**Geospatial search**](elasticsearch://reference/query-languages/geo-queries.md): Search for locations and calculate spatial relationships using geospatial queries. - -Learn about the full range of queries supported by [Query DSL](../../../explore-analyze/query-filter/languages/querydsl.md). - -You can also filter data using Query DSL. Filters enable you to include or exclude documents by retrieving documents that match specific field-level criteria. A query that uses the `filter` parameter indicates [filter context](../../../explore-analyze/query-filter/languages/querydsl.md#filter-context). - - -#### Analyze with Query DSL [search-analyze-data-query-dsl] - -[Aggregations](../../../explore-analyze/query-filter/aggregations.md) are the primary tool for analyzing {{es}} data using Query DSL. Aggregrations enable you to build complex summaries of your data and gain insight into key metrics, patterns, and trends. - -Because aggregations leverage the same data structures used for search, they are also very fast. This enables you to analyze and visualize your data in real time. You can search documents, filter results, and perform analytics at the same time, on the same data, in a single request. That means aggregations are calculated in the context of the search query. - -The folowing aggregation types are available: - -* [Metric](elasticsearch://reference/data-analysis/aggregations/metrics.md): Calculate metrics, such as a sum or average, from field values. -* [Bucket](elasticsearch://reference/data-analysis/aggregations/bucket.md): Group documents into buckets based on field values, ranges, or other criteria. -* [Pipeline](elasticsearch://reference/data-analysis/aggregations/pipeline.md): Run aggregations on the results of other aggregations. - -Run aggregations by specifying the [search API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-search)'s `aggs` parameter. Learn more in [Run an aggregation](../../../explore-analyze/query-filter/aggregations.md#run-an-agg). - - -### {{esql}} [search-analyze-data-esql] - -[Elasticsearch Query Language ({{esql}})](../../../explore-analyze/query-filter/languages/esql.md) is a piped query language for filtering, transforming, and analyzing data. {{esql}} is built on top of a new compute engine, where search, aggregation, and transformation functions are directly executed within {{es}} itself. {{esql}} syntax can also be used within various {{kib}} tools. - -The [`_query` endpoint](../../../explore-analyze/query-filter/languages/esql-rest.md) accepts queries written in {{esql}} syntax. - -Today, it supports a subset of the features available in Query DSL, but it is rapidly evolving. - -It comes with a comprehensive set of [functions and operators](elasticsearch://reference/query-languages/esql/esql-functions-operators.md) for working with data and has robust integration with {{kib}}'s Discover, dashboards and visualizations. - -Learn more in [Getting started with {{esql}}](../../../solutions/search/get-started.md), or try [our training course](https://www.elastic.co/training/introduction-to-esql). - - -## List of available query languages [search-analyze-data-query-languages-table] - -The following table summarizes all available {{es}} query languages, to help you choose the right one for your use case. - -| Name | Description | Use cases | API endpoint | -| --- | --- | --- | --- | -| [Query DSL](../../../explore-analyze/query-filter/languages/querydsl.md) | The primary query language for {{es}}. A powerful and flexible JSON-style language that enables complex queries. | Full-text search, semantic search, keyword search, filtering, aggregations, and more. | [`_search`](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-search) | -| [{{esql}}](../../../explore-analyze/query-filter/languages/esql.md) | Introduced in **8.11**, the Elasticsearch Query Language ({{esql}}) is a piped query language language for filtering, transforming, and analyzing data. | Initially tailored towards working with time series data like logs and metrics.Robust integration with {{kib}} for querying, visualizing, and analyzing data.Does not yet support full-text search. | [`_query`](../../../explore-analyze/query-filter/languages/esql-rest.md) | -| [EQL](../../../explore-analyze/query-filter/languages/eql.md) | Event Query Language (EQL) is a query language for event-based time series data. Data must contain the `@timestamp` field to use EQL. | Designed for the threat hunting security use case. | [`_eql`](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-eql) | -| [Elasticsearch SQL](../../../explore-analyze/query-filter/languages/sql.md) | Allows native, real-time SQL-like querying against {{es}} data. JDBC and ODBC drivers are available for integration with business intelligence (BI) tools. | Enables users familiar with SQL to query {{es}} data using familiar syntax for BI and reporting. | [`_sql`](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-sql) | -| [Kibana Query Language (KQL)](../../../explore-analyze/query-filter/languages/kql.md) | {{kib}} Query Language (KQL) is a text-based query language for filtering data when you access it through the {{kib}} UI. | Use KQL to filter documents where a value for a field exists, matches a given value, or is within a given range. | N/A | - diff --git a/raw-migrated-files/kibana/kibana/console-kibana.md b/raw-migrated-files/kibana/kibana/console-kibana.md deleted file mode 100644 index 1f2346df99..0000000000 --- a/raw-migrated-files/kibana/kibana/console-kibana.md +++ /dev/null @@ -1,224 +0,0 @@ -# Run API requests with Console [console-kibana] - -**Console** lets you interact with [{{es}} APIs](elasticsearch://reference/elasticsearch/rest-apis/index.md) and [{{kib}} APIs](https://www.elastic.co/docs/api) from within {{kib}}. - -:::{image} ../../../images/kibana-console.png -:alt: Console -:screenshot: -::: - -To go to **Console***, find ***Dev Tools** in the navigation menu or use the [global search bar](/explore-analyze/find-and-organize/find-apps-and-objects.md). - -You can also find Console directly on certain Search solution and Elasticsearch serverless project pages, where you can expand it from the footer. This Console, called **Persistent Console***, has the same capabilities and shares the same history as the Console in ***Dev Tools**. - -:::{image} ../../../images/kibana-persistent-console.png -:alt: Console -:screenshot: -::: - - -## Write requests [console-api] - -**Console** understands commands in a cURL-like syntax. For example, the following is a `GET` request to the {{es}} `_search` API. - -```js -GET /_search -{ - "query": { - "match_all": {} - } -} -``` - -Here is the equivalent command in cURL: - -```bash -curl -XGET "http://localhost:9200/_search" -d' -{ - "query": { - "match_all": {} - } -}' -``` - -Prepend requests to a {{kib}} API endpoint with `kbn:` - -```bash -GET kbn:/api/index_management/indices -``` - - -### Autocomplete [console-autocomplete] - -When you’re typing a command, **Console** makes context-sensitive suggestions. These suggestions show you the parameters for each API and speed up your typing. - -You can configure your preferences for autocomplete in the [Console settings](../../../explore-analyze/query-filter/tools/console.md#configuring-console). - - -### Comments [console-comments] - -You can write comments or temporarily disable parts of a request by using double forward slashes or pound signs to create single-line comments. - -```js -# This request searches all of your indices. -GET /_search -{ - // The query parameter indicates query context. - "query": { - "match_all": {} // Matches all documents. - } -} -``` - -You can also use a forward slash followed by an asterisk to mark the beginning of multi-line comments. An asterisk followed by a forward slash marks the end. - -```js -GET /_search -{ - "query": { - /*"match_all": { - "boost": 1.2 - }*/ - "match_none": {} - } -} -``` - - -### Variables [console-variables] - -Click **Variables** to create, edit, and delete variables. - -:::{image} ../../../images/kibana-variables.png -:alt: Variables -:screenshot: -::: - -You can refer to these variables in the paths and bodies of your requests. Each variable can be referenced multiple times. - -```js -GET ${pathVariable} -{ - "query": { - "match": { - "${bodyNameVariable}": "${bodyValueVariable}" - } - } -} -``` - -By default, variables in the body may be substituted as a boolean, number, array, or object by removing nearby quotes instead of a string with surrounding quotes. Triple quotes overwrite this default behavior and enforce simple replacement as a string. - -```js -GET /locations/_search -{ - "query": { - "bool": { - "must": { - "match": { - // ${shopName} shall be replaced as a string if the variable exists. - "shop.name": """${shopName}""" - } - }, - "filter": { - "geo_distance": { - "distance": "12km", - // "${pinLocation}" may be substituted with an array such as [-70, 40]. - "pin.location": "${pinLocation}" - } - } - } - } -} -``` - - -### Auto-formatting [auto-formatting] - -The auto-formatting capability can help you format requests to be more readable. Select one or more requests that you want to format, open the contextual menu, and then select **Auto indent**. - - -### Keyboard shortcuts [keyboard-shortcuts] - -Go to line number -: `Ctrl/Cmd` + `L` - -Auto-indent current request -: `Ctrl/Cmd` + `I` - -Jump to next request end -: `Ctrl/Cmd` + `↓` - -Jump to previous request end -: `Ctrl/Cmd` + `↑` - -Open documentation for current request -: `Ctrl/Cmd` + `/` - -Run current request -: `Ctrl/Cmd` + `Enter` - -Apply current or topmost term in autocomplete menu -: `Enter` or `Tab` - -Close autocomplete menu -: `Esc` - -Navigate items in autocomplete menu -: `↓` + `↑` - - -### View API docs [console-view-api] - -To view the documentation for an API endpoint, select the request, then open the contextual menu and select **Open API reference**. - - -## Run requests [console-request] - -When you’re ready to run a request, select the request, and click the play button. - -The result of the request execution is displayed in the response panel, where you can see: - -* the JSON response -* the HTTP status code corresponding to the request -* The execution time, in ms. - -::::{tip} -You can select multiple requests and submit them together. **Console** executes the requests one by one. Submitting multiple requests is helpful when you’re debugging an issue or trying query combinations in multiple scenarios. -:::: - - - -## Import and export requests [import-export-console-requests] - -You can export requests: - -* **to a TXT file***, by using the ***Export requests*** button. When using this method, all content of the input panel is copied, including comments, requests, and payloads. All of the formatting is preserved and allows you to re-import the file later, or to a different environment, using the ***Import requests** button. - - ::::{tip} - When importing a TXT file containing Console requests, the current content of the input panel is replaced. Export it first if you don’t want to lose it, or find it in the **History** tab if you already ran the requests. - :::: - -* by copying them individually as **curl***, ***JavaScript***, or ***Python***. To do this, select a request, then open the contextual menu and select ***Copy as**. When using this action, requests are copied individually to your clipboard. You can save your favorite language to make the copy action faster the next time you use it. - - When running copied requests from an external environment, you’ll need to add [authentication information](https://www.elastic.co/docs/api/doc/kibana/authentication) to the request. - - - -## Get your request history [console-history] - -**Console** maintains a list of the last 500 requests that you tried to execute. To view them, open the **History** tab. - -You can run a request from your history again by selecting the request and clicking **Add and run***. If you want to add it back to the Console input panel without running it yet, click ***Add** instead. It is added to the editor at the current cursor position. - - -## Configure Console settings [configuring-console] - -Go to the **Config*** tab of ***Console** to customize its display, autocomplete, and accessibility settings. - - -## Disable Console [disable-console] - -If you don’t want to use **Console**, you can disable it by setting `console.ui.enabled` to `false` in your `kibana.yml` configuration file. Changing this setting causes the server to regenerate assets on the next startup, which might cause a delay before pages start being served. - -You can also choose to only disable the persistent console that shows in the footer of several Kibana pages. To do that, go to **Stack Management*** > ***Advanced Settings**, and turn off the `devTools:enablePersistentConsole` setting. diff --git a/raw-migrated-files/kibana/kibana/esql.md b/raw-migrated-files/kibana/kibana/esql.md deleted file mode 100644 index 3ee9dba4f5..0000000000 --- a/raw-migrated-files/kibana/kibana/esql.md +++ /dev/null @@ -1,42 +0,0 @@ -# {{esql}} [esql] - -The Elasticsearch Query Language, {{esql}}, makes it faster and easier to explore your data. - -{{esql}} is a piped language which allows you to chain together multiple commands to query your data. Based on the query, Lens suggestions in Discover create a visualization of the query results. - -{{esql}} comes with its own dedicated {{esql}} Compute Engine for greater efficiency. With one query you can search, aggregate, calculate and perform data transformations without leaving **Discover***. Write your query directly in ***Discover*** or use the ***Dev Tools** with the [{{esql}} API](../../../explore-analyze/query-filter/languages/esql-rest.md). - -You can switch to the ES|QL mode of Discover from the application menu bar. - -{{esql}} also features in-app help and suggestions, so you can get started faster and don’t have to leave the application to check syntax. - -![The ES|QL syntax reference and the autocomplete menu](../../../images/kibana-esql-in-app-help.png "") - -You can also use ES|QL queries to create panels on your dashboards, create enrich policies, and create alerting rules. - -For more detailed information about {{esql}} in Kibana, refer to [Using {{esql}} in {{kib}}](../../../explore-analyze/query-filter/languages/esql-kibana.md). - -::::{note} -{{esql}} is enabled by default in {{kib}}. It can be disabled using the `enableESQL` setting from the [Advanced Settings](kibana://reference/advanced-settings.md). - -This will hide the {{esql}} user interface from various applications. However, users will be able to access existing {{esql}} artifacts like saved Discover sessions and visualizations. - -:::: - - - -## {{observability}} [esql-observability] - -{{esql}} makes it much easier to analyze metrics, logs and traces from a single query. Find performance issues fast by defining fields on the fly, enriching data with lookups, and using simultaneous query processing. Combining {{esql}} with {{ml}} and AiOps can improve detection accuracy and use aggregated value thresholds. - - -## Security [esql-security] - -Use {{esql}} to retrieve important information for investigation by using lookups. Enrich data and create new fields on the go to gain valuable insight for faster decision-making and actions. For example, perform a lookup on an IP address to identify its geographical location, its association with known malicious entities, or whether it belongs to a known cloud service provider all from one search bar. {{esql}} ensures more accurate alerts by incorporating aggregated values in detection rules. - - -## What’s next? [esql-whats-next] - -The main documentation for {{esql}} lives in the [{{es}} docs](../../../explore-analyze/query-filter/languages/esql.md). - -We also have a short tutorial in the **Discover** docs: [Using {{esql}}](../../../explore-analyze/discover/try-esql.md). diff --git a/raw-migrated-files/kibana/kibana/search-ai-assistant.md b/raw-migrated-files/kibana/kibana/search-ai-assistant.md deleted file mode 100644 index 78bee857f5..0000000000 --- a/raw-migrated-files/kibana/kibana/search-ai-assistant.md +++ /dev/null @@ -1,141 +0,0 @@ -# AI Assistant [search-ai-assistant] - -::::{tip} -Don’t confuse AI Assistant with [Playground](../../../solutions/search/rag/playground.md)! Use Playground to chat with your data, test and tweak different {{es}} queries in the Playground UI, and download the code to integrate into your own RAG application. - -Use AI Assistant to get help with Elasticsearch and Kibana tasks directly in the UI. - -:::: - - -::::{admonition} Observability use cases -Refer to the [Observability documentation](../../../solutions/observability/observability-ai-assistant.md) for more information on how to use AI Assistant in Observability contexts. - -:::: - - -**AI Assistant for Observability and Search** uses generative AI to help you with a variety of tasks related to Elasticsearch and Kibana, including: - -1. **Constructing Queries**: Assists you in building queries to search and analyze your data. -2. **Indexing Data**: Guides you on how to index data into Elasticsearch. -3. **Searching Data**: Helps you search for specific data within your Elasticsearch indices. -4. **Using Elasticsearch APIs**: Calls Elasticsearch APIs on your behalf if you need specific operations performed. -5. **Generating Sample Data**: Helps you create sample data for testing and development purposes. -6. **Visualizing and Analyzing Data**: Assists you in creating visualizations and analyzing your data using Kibana. -7. **Explaining ES|QL**: Explains how ES|QL works and help you convert queries from other languages to [ES|QL.](../../../explore-analyze/query-filter/languages/esql.md) - - -## Requirements [ai-assistant-requirements] - -To use AI Assistant in **Search** contexts, you must have the following: - -* Elastic Stack version 8.16.0, or an Elasticsearch Serverless project. -* A [generative AI connector](../../../deploy-manage/manage-connectors.md) to connect to a LLM provider, or a local model. - - * You need an account with a third-party generative AI provider, which AI Assistant uses to generate responses, or else you need to host your own local model. - * To set up AI Assistant, you need the `Actions and Connectors : All` [privilege](../../../deploy-manage/users-roles/cluster-or-deployment-auth/kibana-privileges.md). - -* To use AI Assistant, you need at least the `Elastic AI Assistant : All` and `Actions and Connectors : Read` [privilege](../../../deploy-manage/users-roles/cluster-or-deployment-auth/kibana-privileges.md). -* AI Assistant requires [ELSER](../../../explore-analyze/machine-learning/nlp/ml-nlp-elser.md), Elastic’s proprietary semantic search model. - - -## Your data and AI Assistant [ai-assistant-data-information] - -Elastic does not use customer data for model training. This includes anything you send the model, such as alert or event data, detection rule configurations, queries, and prompts. However, any data you provide to AI Assistant will be processed by the third-party provider you chose when setting up the generative AI connector as part of the assistant setup. - -Elastic does not control third-party tools, and assumes no responsibility or liability for their content, operation, or use, nor for any loss or damage that may arise from your using such tools. Please exercise caution when using AI tools with personal, sensitive, or confidential information. Any data you submit may be used by the provider for AI training or other purposes. There is no guarantee that the provider will keep any information you provide secure or confidential. You should familiarize yourself with the privacy practices and terms of use of any generative AI tools prior to use. - - -## Using AI Assistant [ai-assistant-using] - -To open AI Assistant, select the **AI Assistant** button in the top toolbar in the UI. You can also use the global search field in the UI to find AI Assistant. - -:::{image} ../../../images/kibana-ai-assistant-button.png -:alt: AI Assistant button -:screenshot: -::: - -This opens the AI Assistant chat interface flyout. - -:::{image} ../../../images/kibana-ai-assistant-welcome-chat.png -:alt: AI Assistant Welcome chat -:screenshot: -::: - -You can get started by selecting **✨ Suggest** to get some example prompts, or by typing into the chat field. - - -## Add data to the AI Assistant knowledge base [ai-assistant-add-custom-data] - -::::{note} -This functionality is not available on Elastic Cloud Serverless projects. - -:::: - - -You can improve the relevance of AI Assistant’s responses by indexing your own data into AI Assistant’s knowledge base. AI Assistant uses [ELSER](../../../explore-analyze/machine-learning/nlp/ml-nlp-elser.md), Elastic’s proprietary semantic search model, to power its search capabilities. - - -### Use the UI [search-ai-assistant-use-the-ui] - -To add external data to the knowledge base in UI: - -1. In the AI Assistant UI, select the **Settings** icon: `⋮`. -2. Under **Actions**, click **Manage knowledge base**. -3. Click the **New entry** button, and choose either: - - * **Single entry**: Write content for a single entry in the UI. - * **Bulk import**: Upload a newline delimited JSON (`ndjson`) file containing a list of entries to add to the knowledge base. Each object should conform to the following format: - - ```json - { - "id": "a_unique_human_readable_id", - "text": "Contents of item", - } - ``` - - - -### Use Search connectors [observability-ai-assistant-add-data-to-kb] - -::::{note} -This functionality is not available on Elastic Cloud Serverless projects. - -:::: - - -You can ingest external data (GitHub issues, Markdown files, Jira tickets, text files, etc.) into {{es}} using [Search Connectors](elasticsearch://reference/ingestion-tools/search-connectors/index.md). Connectors sync third party data sources to {{es}}. - -Supported service types include [GitHub](elasticsearch://reference/ingestion-tools/search-connectors/es-connectors-github.md), [Slack](elasticsearch://reference/ingestion-tools/search-connectors/es-connectors-slack.md), [Jira](elasticsearch://reference/ingestion-tools/search-connectors/es-connectors-jira.md), and more. These can be Elastic managed or self-managed on your own infrastructure. - -To create a connector and make its content available to the AI Assistant knowledge base, follow these steps: - -1. **In {{kib}} UI, go to *Search → Content → Connectors* and follow the instructions to create a new connector.** - - For example, if you create a [GitHub connector](elasticsearch://reference/ingestion-tools/search-connectors/es-connectors-github.md) you must set a `name`, attach it to a new or existing `index`, add your `personal access token` and include the `list of repositories` to synchronize. - - ::::{tip} - Learn more about configuring and [using connectors](elasticsearch://reference/ingestion-tools/search-connectors/connectors-ui-in-kibana.md) in the Elasticsearch documentation. - :::: - -2. **Create a pipeline and process the data with ELSER.** - - To process connector data using [ELSER](../../../explore-analyze/machine-learning/nlp/ml-nlp-elser.md), you must create an **ML Inference Pipeline**: - - 1. Open the previously created connector and select the **Pipelines** tab. - 2. Select **Copy and customize** button at the `Unlock your custom pipelines` box. - 3. Select **Add Inference Pipeline** button at the `Machine Learning Inference Pipelines` box. - 4. Select **ELSER (Elastic Learned Sparse EncodeR)** ML model to add the necessary embeddings to the data. - 5. Select the fields that need to be evaluated as part of the inference pipeline. - 6. Test and save the inference pipeline and the overall pipeline. - -3. **Sync data.** - - Once the pipeline is set up, perform a **Full Content Sync** of the connector. The inference pipeline will process the data as follows: - - * As data comes in, the ELSER model processes the data, creating sparse embeddings for each document. - * If you inspect the ingested documents, you can see how the weights and tokens are added to the `predicted_value` field. - -4. **Confirm AI Assistant can access the index.** - - Ask the AI Assistant a specific question to confirm that the data is available for the AI Assistant knowledge base. diff --git a/raw-migrated-files/kibana/kibana/set-time-filter.md b/raw-migrated-files/kibana/kibana/set-time-filter.md deleted file mode 100644 index eef82661f1..0000000000 --- a/raw-migrated-files/kibana/kibana/set-time-filter.md +++ /dev/null @@ -1,25 +0,0 @@ -# Set the time range [set-time-filter] - -Display data within a specified time range when your index contains time-based events, and a time-field is configured for the selected [{{data-source}}](../../../explore-analyze/find-and-organize/data-views.md). The default time range is 15 minutes, but you can customize it in [Advanced Settings](kibana://reference/advanced-settings.md). - -1. Click ![calendar icon](../../../images/kibana-time-filter-icon.png ""). -2. Choose one of the following: - - * **Quick select**. Set a time based on the last or next number of seconds, minutes, hours, or other time unit. - * **Commonly used**. Select a time range from options such as **Last 15 minutes**, **Today**, and **Week to date**. - * **Recently used date ranges**. Use a previously selected data range. - * **Refresh every**. Specify an automatic refresh rate. - - :::{image} ../../../images/kibana-time-filter.png - :alt: Time filter menu - :screenshot: - ::: - -3. To set start and end times, click the bar next to the time filter. In the popup, select **Absolute**, **Relative** or **Now**, then specify the required options. - - :::{image} ../../../images/kibana-time-relative.png - :alt: Time filter showing relative time - :screenshot: - ::: - - diff --git a/raw-migrated-files/toc.yml b/raw-migrated-files/toc.yml index 82bac17508..d4d9103ff2 100644 --- a/raw-migrated-files/toc.yml +++ b/raw-migrated-files/toc.yml @@ -24,7 +24,6 @@ toc: - file: cloud/cloud-enterprise/ece-add-custom-bundle-plugin.md - file: cloud/cloud-enterprise/ece-add-user-settings.md - file: cloud/cloud-enterprise/ece-administering-deployments.md - - file: cloud/cloud-enterprise/ece-api-console.md - file: cloud/cloud-enterprise/ece-change-deployment.md - file: cloud/cloud-enterprise/ece-create-deployment.md - file: cloud/cloud-enterprise/ece-delete-deployment.md @@ -115,7 +114,6 @@ toc: children: - file: docs-content/serverless/intro.md - file: docs-content/serverless/elasticsearch-differences.md - - file: docs-content/serverless/elasticsearch-explore-your-data.md - file: docs-content/serverless/elasticsearch-http-apis.md - file: docs-content/serverless/general-billing-stop-project.md - file: docs-content/serverless/general-sign-up-trial.md @@ -131,7 +129,6 @@ toc: - file: docs-content/serverless/security-automatic-import.md - file: docs-content/serverless/security-detection-engine-overview.md - file: docs-content/serverless/security-vuln-management-faq.md - - file: docs-content/serverless/spaces.md - file: docs-content/serverless/what-is-observability-serverless.md - file: elasticsearch-hadoop/elasticsearch-hadoop/index.md children: @@ -163,7 +160,6 @@ toc: - file: elasticsearch/elasticsearch-reference/monitoring-production.md - file: elasticsearch/elasticsearch-reference/recovery-prioritization.md - file: elasticsearch/elasticsearch-reference/scalability.md - - file: elasticsearch/elasticsearch-reference/search-analyze.md - file: elasticsearch/elasticsearch-reference/search-with-synonyms.md - file: elasticsearch/elasticsearch-reference/secure-cluster.md - file: elasticsearch/elasticsearch-reference/secure-monitoring.md @@ -183,16 +179,12 @@ toc: - file: kibana/kibana/index.md children: - file: kibana/kibana/apm-settings-kb.md - - file: kibana/kibana/console-kibana.md - file: kibana/kibana/elasticsearch-mutual-tls.md - - file: kibana/kibana/esql.md - file: kibana/kibana/install.md - file: kibana/kibana/logging-settings.md - file: kibana/kibana/reporting-production-considerations.md - - file: kibana/kibana/search-ai-assistant.md - file: kibana/kibana/secure-reporting.md - file: kibana/kibana/Security-production-considerations.md - - file: kibana/kibana/set-time-filter.md - file: kibana/kibana/setup.md - file: kibana/kibana/upgrade-migrations-rolling-back.md - file: kibana/kibana/upgrade.md