java.lang.Object

co.elastic.clients.elasticsearch._types.RequestBase

co.elastic.clients.elasticsearch.eql.EqlSearchRequest

All Implemented Interfaces:: ElasticsearchCommonRequest, JsonpSerializable

@JsonpDeserializable
public final class EqlSearchRequest
extends RequestBase
implements JsonpSerializable

Nested Class Summary

Nested Classes

Modifier and Type Class Description

static class EqlSearchRequest.Builder
Builder for EqlSearchRequest.

Nested classes/interfaces inherited from class co.elastic.clients.elasticsearch._types.RequestBase
RequestBase.AbstractBuilder<BuilderT extends RequestBase.AbstractBuilder<BuilderT>>
Field Summary

Fields

Modifier and Type Field Description

static JsonpDeserializer<EqlSearchRequest> _DESERIALIZER
Json deserializer for EqlSearchRequest

Constructor Summary

Constructors
Constructor	Description
`EqlSearchRequest(EqlSearchRequest.Builder builder)`
`EqlSearchRequest(java.util.function.Function<EqlSearchRequest.Builder,EqlSearchRequest.Builder> fn)`

Method Summary

Modifier and Type	Method	Description
`java.lang.Boolean`	`allowNoIndices()`	API name: `allow_no_indices`
`java.lang.Boolean`	`caseSensitive()`	API name: `case_sensitive`
`static <TEvent> Endpoint<EqlSearchRequest,EqlSearchResponse<TEvent>,ElasticsearchError>`	`createSearchEndpoint(JsonpDeserializer<TEvent> tEventDeserializer)`	Create an "`eql.search`" endpoint.
`java.lang.String`	`eventCategoryField()`	Field containing the event classification, such as process, file, or network.
`java.util.List<ExpandWildcardOptions>`	`expandWildcards()`	API name: `expand_wildcards`
`java.lang.Number`	`fetchSize()`	Maximum number of events to search at a time for sequence queries.
`java.util.List<jakarta.json.JsonValue>`	`fields()`	Array of wildcard (*) patterns.
`java.util.List<Query>`	`filter()`	Query, written in Query DSL, used to filter the events on which the EQL query runs.
`java.lang.Boolean`	`ignoreUnavailable()`	If true, missing or closed indices are not included in the response.
`java.lang.String`	`index()`	Required - The name of the index to scope the operation
`java.lang.String`	`keepAlive()`	API name: `keep_alive`
`java.lang.Boolean`	`keepOnCompletion()`	API name: `keep_on_completion`
`java.lang.String`	`query()`	Required - EQL query you wish to run.
`ResultPosition`	`resultPosition()`	API name: `result_position`
`void`	`serialize(jakarta.json.stream.JsonGenerator generator, JsonpMapper mapper)`	Serialize this object to JSON.
`protected void`	`serializeInternal(jakarta.json.stream.JsonGenerator generator, JsonpMapper mapper)`
`protected static void`	`setupEqlSearchRequestDeserializer(DelegatingDeserializer<EqlSearchRequest.Builder> op)`
`jakarta.json.JsonValue`	`size()`	For basic queries, the maximum number of matching events to return.
`java.lang.String`	`tiebreakerField()`	Field used to sort hits with the same timestamp in ascending order
`java.lang.String`	`timestampField()`	Field containing event timestamp.
`java.lang.String`	`waitForCompletionTimeout()`	API name: `wait_for_completion_timeout`

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details
- _DESERIALIZER
  
  public static final JsonpDeserializer<EqlSearchRequest> _DESERIALIZER
  
  Json deserializer for EqlSearchRequest
Constructor Details
- EqlSearchRequest
  
  public EqlSearchRequest(EqlSearchRequest.Builder builder)
- EqlSearchRequest
  
  public EqlSearchRequest(java.util.function.Function<EqlSearchRequest.Builder,EqlSearchRequest.Builder> fn)
Method Details
- index
  
  public java.lang.String index()
  
  Required - The name of the index to scope the operation
  API name: index
- allowNoIndices
  
  @Nullable public java.lang.Boolean allowNoIndices()
  
  API name: allow_no_indices
- expandWildcards
  
  @Nullable public java.util.List<ExpandWildcardOptions> expandWildcards()
  
  API name: expand_wildcards
- ignoreUnavailable
  
  @Nullable public java.lang.Boolean ignoreUnavailable()
  
  If true, missing or closed indices are not included in the response.
  API name: ignore_unavailable
- query
  
  public java.lang.String query()
  
  Required - EQL query you wish to run.
  API name: query
- caseSensitive
  
  @Nullable public java.lang.Boolean caseSensitive()
  
  API name: case_sensitive
- eventCategoryField
  
  @Nullable public java.lang.String eventCategoryField()
  
  Field containing the event classification, such as process, file, or network.
  API name: event_category_field
- tiebreakerField
  
  @Nullable public java.lang.String tiebreakerField()
  
  Field used to sort hits with the same timestamp in ascending order
  API name: tiebreaker_field
- timestampField
  
  @Nullable public java.lang.String timestampField()
  
  Field containing event timestamp. Default "@timestamp"
  API name: timestamp_field
- fetchSize
  
  @Nullable public java.lang.Number fetchSize()
  
  Maximum number of events to search at a time for sequence queries.
  API name: fetch_size
- filter
  
  @Nullable public java.util.List<Query> filter()
  
  Query, written in Query DSL, used to filter the events on which the EQL query runs.
  API name: filter
- keepAlive
  
  @Nullable public java.lang.String keepAlive()
  
  API name: keep_alive
- keepOnCompletion
  
  @Nullable public java.lang.Boolean keepOnCompletion()
  
  API name: keep_on_completion
- waitForCompletionTimeout
  
  @Nullable public java.lang.String waitForCompletionTimeout()
  
  API name: wait_for_completion_timeout
- size
  
  @Nullable public jakarta.json.JsonValue size()
  
  For basic queries, the maximum number of matching events to return. Defaults to 10
  API name: size
- fields
  
  @Nullable public java.util.List<jakarta.json.JsonValue> fields()
  
  Array of wildcard (*) patterns. The response returns values for field names matching these patterns in the fields property of each hit.
  API name: fields
- resultPosition
  
  @Nullable public ResultPosition resultPosition()
  
  API name: result_position
- serialize
  
  public void serialize(jakarta.json.stream.JsonGenerator generator, JsonpMapper mapper)
  
  Serialize this object to JSON.
  
  Specified by:
  
  serialize in interface JsonpSerializable
- serializeInternal
  
  protected void serializeInternal(jakarta.json.stream.JsonGenerator generator, JsonpMapper mapper)
- setupEqlSearchRequestDeserializer
  
  protected static void setupEqlSearchRequestDeserializer(DelegatingDeserializer<EqlSearchRequest.Builder> op)
- createSearchEndpoint
  
  public static <TEvent> Endpoint<EqlSearchRequest,EqlSearchResponse<TEvent>,ElasticsearchError> createSearchEndpoint(JsonpDeserializer<TEvent> tEventDeserializer)
  
  Create an "eql.search" endpoint.

Class EqlSearchRequest

Nested Class Summary

Nested classes/interfaces inherited from class co.elastic.clients.elasticsearch._types.RequestBase

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Details

_DESERIALIZER

Constructor Details

EqlSearchRequest

EqlSearchRequest

Method Details

index

allowNoIndices

expandWildcards

ignoreUnavailable

query

caseSensitive

eventCategoryField

tiebreakerField

timestampField

fetchSize

filter

keepAlive

keepOnCompletion

waitForCompletionTimeout

size

fields

resultPosition

serialize

serializeInternal

setupEqlSearchRequestDeserializer

createSearchEndpoint