Class EqlSearchRequest.Builder
java.lang.Object
co.elastic.clients.elasticsearch.eql.EqlSearchRequest.Builder
- All Implemented Interfaces:
ObjectBuilder<EqlSearchRequest>
- Enclosing class:
- EqlSearchRequest
public static class EqlSearchRequest.Builder extends java.lang.Object implements ObjectBuilder<EqlSearchRequest>
Builder for
EqlSearchRequest.-
Constructor Summary
Constructors Constructor Description Builder() -
Method Summary
Modifier and Type Method Description EqlSearchRequest.BuilderaddExpandWildcards(ExpandWildcardOptions value)Add a value toexpandWildcards(List), creating the list if needed.EqlSearchRequest.BuilderaddFields(jakarta.json.JsonValue value)Add a value tofields(List), creating the list if needed.EqlSearchRequest.BuilderaddFilter(Query value)Add a value tofilter(List), creating the list if needed.EqlSearchRequest.BuilderaddFilter(java.util.function.Function<Query.Builder,ObjectBuilder<Query>> fn)Add a value tofilter(List), creating the list if needed.EqlSearchRequest.BuilderallowNoIndices(java.lang.Boolean value)API name:allow_no_indicesEqlSearchRequestbuild()Builds aEqlSearchRequest.EqlSearchRequest.BuildercaseSensitive(java.lang.Boolean value)API name:case_sensitiveEqlSearchRequest.BuildereventCategoryField(java.lang.String value)Field containing the event classification, such as process, file, or network.EqlSearchRequest.BuilderexpandWildcards(ExpandWildcardOptions... value)API name:expand_wildcardsEqlSearchRequest.BuilderexpandWildcards(java.util.List<ExpandWildcardOptions> value)API name:expand_wildcardsEqlSearchRequest.BuilderfetchSize(java.lang.Number value)Maximum number of events to search at a time for sequence queries.EqlSearchRequest.Builderfields(jakarta.json.JsonValue... value)Array of wildcard (*) patterns.EqlSearchRequest.Builderfields(java.util.List<jakarta.json.JsonValue> value)Array of wildcard (*) patterns.EqlSearchRequest.Builderfilter(Query... value)Query, written in Query DSL, used to filter the events on which the EQL query runs.EqlSearchRequest.Builderfilter(java.util.function.Function<Query.Builder,ObjectBuilder<Query>> fn)Setfilter(List)to a singleton list.EqlSearchRequest.Builderfilter(java.util.List<Query> value)Query, written in Query DSL, used to filter the events on which the EQL query runs.EqlSearchRequest.BuilderignoreUnavailable(java.lang.Boolean value)If true, missing or closed indices are not included in the response.EqlSearchRequest.Builderindex(java.lang.String value)Required - The name of the index to scope the operationEqlSearchRequest.BuilderkeepAlive(java.lang.String value)API name:keep_aliveEqlSearchRequest.BuilderkeepOnCompletion(java.lang.Boolean value)API name:keep_on_completionEqlSearchRequest.Builderquery(java.lang.String value)Required - EQL query you wish to run.EqlSearchRequest.BuilderresultPosition(ResultPosition value)API name:result_positionEqlSearchRequest.Buildersize(jakarta.json.JsonValue value)For basic queries, the maximum number of matching events to return.EqlSearchRequest.BuildertiebreakerField(java.lang.String value)Field used to sort hits with the same timestamp in ascending orderEqlSearchRequest.BuildertimestampField(java.lang.String value)Field containing event timestamp.EqlSearchRequest.BuilderwaitForCompletionTimeout(java.lang.String value)API name:wait_for_completion_timeoutMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Constructor Details
-
Builder
public Builder()
-
-
Method Details
-
index
Required - The name of the index to scope the operationAPI name:
index -
allowNoIndices
API name:allow_no_indices -
expandWildcards
public EqlSearchRequest.Builder expandWildcards(@Nullable java.util.List<ExpandWildcardOptions> value)API name:expand_wildcards -
expandWildcards
API name:expand_wildcards -
addExpandWildcards
Add a value toexpandWildcards(List), creating the list if needed. -
query
Required - EQL query you wish to run.API name:
query -
caseSensitive
API name:case_sensitive -
eventCategoryField
Field containing the event classification, such as process, file, or network.API name:
event_category_field -
tiebreakerField
Field used to sort hits with the same timestamp in ascending orderAPI name:
tiebreaker_field -
timestampField
Field containing event timestamp. Default "@timestamp"API name:
timestamp_field -
fetchSize
Maximum number of events to search at a time for sequence queries.API name:
fetch_size -
filter
Query, written in Query DSL, used to filter the events on which the EQL query runs.API name:
filter -
filter
Query, written in Query DSL, used to filter the events on which the EQL query runs.API name:
filter -
addFilter
Add a value tofilter(List), creating the list if needed. -
filter
public EqlSearchRequest.Builder filter(java.util.function.Function<Query.Builder,ObjectBuilder<Query>> fn)Setfilter(List)to a singleton list. -
addFilter
public EqlSearchRequest.Builder addFilter(java.util.function.Function<Query.Builder,ObjectBuilder<Query>> fn)Add a value tofilter(List), creating the list if needed. -
keepAlive
API name:keep_alive -
keepOnCompletion
API name:keep_on_completion -
waitForCompletionTimeout
API name:wait_for_completion_timeout -
size
For basic queries, the maximum number of matching events to return. Defaults to 10API name:
size -
fields
Array of wildcard (*) patterns. The response returns values for field names matching these patterns in the fields property of each hit.API name:
fields -
fields
Array of wildcard (*) patterns. The response returns values for field names matching these patterns in the fields property of each hit.API name:
fields -
addFields
Add a value tofields(List), creating the list if needed. -
resultPosition
API name:result_position -
build
Builds aEqlSearchRequest.- Specified by:
buildin interfaceObjectBuilder<EqlSearchRequest>- Throws:
java.lang.NullPointerException- if some of the required fields are null.
-