Skip to content

Commit bd159d8

Browse files
jrodewigjrodewig
authored
[DOCS] EQL: Flatten EQL syntax headings (#65693) (#65696)
1 parent eca0401 commit bd159d8

File tree

1 file changed

+9
-9
lines changed

1 file changed

+9
-9
lines changed

docs/reference/eql/syntax.asciidoc

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,7 @@ field using the `event_category_field` parameter of the EQL search API.
3838

3939
[discrete]
4040
[[eql-syntax-match-any-event-category]]
41-
==== Match any event category
41+
=== Match any event category
4242

4343
To match events of any category, use the `any` keyword. You can also use the
4444
`any` keyword to search for documents without a event category field.
@@ -53,7 +53,7 @@ any where network.protocol == "http"
5353

5454
[discrete]
5555
[[eql-syntax-escape-an-event-category]]
56-
==== Escape an event category
56+
=== Escape an event category
5757

5858
Use enclosing double quotes (`"`) or three enclosing double quotes (`"""`) to
5959
escape event categories that:
@@ -77,7 +77,7 @@ escape event categories that:
7777

7878
[discrete]
7979
[[eql-syntax-escape-a-field-name]]
80-
==== Escape a field name
80+
=== Escape a field name
8181

8282
Use enclosing enclosing backticks (+++`+++) to escape field names that:
8383

@@ -110,7 +110,7 @@ EQL operators are case-sensitive by default.
110110

111111
[discrete]
112112
[[eql-syntax-comparison-operators]]
113-
==== Comparison operators
113+
=== Comparison operators
114114

115115
[source,eql]
116116
----
@@ -194,7 +194,7 @@ process where process.parent.name == "foo" and process.name == "foo"
194194

195195
[discrete]
196196
[[eql-syntax-logical-operators]]
197-
==== Logical operators
197+
=== Logical operators
198198

199199
[source,eql]
200200
----
@@ -214,7 +214,7 @@ Returns `true` if the condition to the right is `false`.
214214

215215
[discrete]
216216
[[eql-syntax-lookup-operators]]
217-
==== Lookup operators
217+
=== Lookup operators
218218

219219
[source,eql]
220220
----
@@ -232,7 +232,7 @@ matching is case-sensitive.
232232

233233
[discrete]
234234
[[eql-syntax-math-operators]]
235-
==== Math operators
235+
=== Math operators
236236

237237
[source,eql]
238238
----
@@ -326,7 +326,7 @@ Strings enclosed in single quotes (`'`) are not supported.
326326

327327
[discrete]
328328
[[eql-syntax-escape-characters]]
329-
==== Escape characters in a string
329+
=== Escape characters in a string
330330

331331
When used within a string, special characters, such as a carriage return or
332332
double quote (`"`), must be escaped with a preceding backslash (`\`).
@@ -352,7 +352,7 @@ double quote (`\"`) instead.
352352

353353
[discrete]
354354
[[eql-syntax-raw-strings]]
355-
==== Raw strings
355+
=== Raw strings
356356

357357
Raw strings treat special characters, such as backslashes (`\`), as literal
358358
characters. Raw strings are enclosed in three double quotes (`"""`).

0 commit comments

Comments
 (0)