Skip to content

[DOCS] Add basic EQL search tutorial docs#51574

Merged
jrodewig merged 6 commits intoelastic:masterfrom
jrodewig:docs__search-eql-tutorial
Feb 12, 2020
Merged

[DOCS] Add basic EQL search tutorial docs#51574
jrodewig merged 6 commits intoelastic:masterfrom
jrodewig:docs__search-eql-tutorial

Conversation

@jrodewig
Copy link
Copy Markdown
Contributor

@jrodewig jrodewig commented Jan 28, 2020

Adds a basic tutorial and example for performing an EQL search.

I plan to add additional sections (specifying timestamp/event type, joins, pagination) with
future PRs. See #51057.

Also adds missing experimental::[] macro to the EQL requirements page.

@jrodewig jrodewig added >docs General docs changes :Analytics/EQL EQL querying labels Jan 28, 2020
@elasticmachine
Copy link
Copy Markdown
Collaborator

elasticmachine commented Jan 28, 2020

Pinging @elastic/es-search (:Search/EQL)

@elasticmachine
Copy link
Copy Markdown
Collaborator

elasticmachine commented Jan 28, 2020

Pinging @elastic/es-docs (>docs)

@jrodewig jrodewig mentioned this pull request Jan 28, 2020
Closed
35 tasks
@jrodewig jrodewig marked this pull request as ready for review January 29, 2020 15:29
@jrodewig
[DOCS] Add basic EQL search tutorial docs
72a6f76 
I plan to add additional sections to this page with future PRs:

* Specify timestamp and event type fields
* Specify a join key field
* Filter using query DSL
* Paginate a large response

See #51057.
@jrodewig
Merge remote-tracking branch 'upstream/master' into docs__search-eql-…
8006c05 
…tutorial
@jrodewig
Update anchors
bcf1665
aleksmaus
aleksmaus approved these changes Feb 7, 2020
View reviewed changes
Copy link
Copy Markdown
Contributor

@aleksmaus aleksmaus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you!

@jrodewig jrodewig merged commit be8ae97 into elastic:master Feb 12, 2020
@jrodewig jrodewig deleted the docs__search-eql-tutorial branch February 12, 2020 13:40
jrodewig added a commit that referenced this pull request Feb 12, 2020
@jrodewig
[DOCS] Add basic EQL search tutorial docs (#51574)
20453d3 
I plan to add additional sections to this page with future PRs:

* Specify timestamp and event type fields
* Specify a join key field
* Filter using query DSL
* Paginate a large response

See #51057.
@jrodewig
Copy link
Copy Markdown
Contributor Author

jrodewig commented Feb 12, 2020

Backport commits

master be8ae97
7.x 20453d3

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

2 more reviewers

@aleksmaus aleksmaus aleksmaus approved these changes

@rw-access rw-access rw-access approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

:Analytics/EQL EQL querying >docs General docs changes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@jrodewig @elasticmachine @aleksmaus @rw-access