X-Pack APIs¶
X-Pack is an Elastic Stack extension that bundles security, alerting, monitoring, reporting, and graph capabilities into one easy-to-install package. While the X-Pack components are designed to work together seamlessly, you can easily enable or disable the features you want to use.
Info¶
X-Pack info provides general info about the installed X-Pack.
-
class
elasticsearch.client.xpack.
XPackClient
(client)¶ -
info
(params=None, headers=None)¶ Retrieves information about the installed X-Pack features. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/info-api.html
Parameters: - accept_enterprise – If an enterprise license is installed, return the type and mode as ‘enterprise’ (default: false)
- categories – Comma-separated list of info categories. Can be any of: build, license, features
-
usage
(params=None, headers=None)¶ Retrieves usage information about the installed X-Pack features. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/usage-api.html
Parameters: master_timeout – Specify timeout for watch write operation
-
Async Search APIs¶
Async Search API lets you asynchronously execute a search request, monitor its progress, and retrieve partial results as they become available.
-
class
elasticsearch.client.async_search.
AsyncSearchClient
(client)¶ -
delete
(id, params=None, headers=None)¶ Deletes an async search by ID. If the search is still running, the search request will be cancelled. Otherwise, the saved search results are deleted. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/async-search.html
Parameters: id – The async search ID
-
get
(id, params=None, headers=None)¶ Retrieves the results of a previously submitted async search request given its ID. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/async-search.html
Parameters: - id – The async search ID
- keep_alive – Specify the time interval in which the results (partial or final) for this search will be available
- typed_keys – Specify whether aggregation and suggester names should be prefixed by their respective types in the response
- wait_for_completion_timeout – Specify the time that the request should block waiting for the final response
-
submit
(body=None, index=None, params=None, headers=None)¶ Executes a search request asynchronously. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/async-search.html
Parameters: - body – The search definition using the Query DSL
- index – A comma-separated list of index names to search; use _all or empty string to perform the operation on all indices
- _source – True or false to return the _source field or not, or a list of fields to return
- _source_excludes – A list of fields to exclude from the returned _source field
- _source_includes – A list of fields to extract and return from the _source field
- allow_no_indices – Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
- allow_partial_search_results – Indicate if an error should be returned if there is a partial search failure or timeout Default: True
- analyze_wildcard – Specify whether wildcard and prefix queries should be analyzed (default: false)
- analyzer – The analyzer to use for the query string
- batched_reduce_size – The number of shard results that should be reduced at once on the coordinating node. This value should be used as the granularity at which progress results will be made available. Default: 5
- default_operator – The default operator for query string query (AND or OR) Valid choices: AND, OR Default: OR
- df – The field to use as default where no field prefix is given in the query string
- docvalue_fields – A comma-separated list of fields to return as the docvalue representation of a field for each hit
- expand_wildcards – Whether to expand wildcard expression to concrete indices that are open, closed or both. Valid choices: open, closed, hidden, none, all Default: open
- explain – Specify whether to return detailed information about score computation as part of a hit
- from – Starting offset (default: 0)
- ignore_throttled – Whether specified concrete, expanded or aliased indices should be ignored when throttled
- ignore_unavailable – Whether specified concrete indices should be ignored when unavailable (missing or closed)
- keep_alive – Update the time interval in which the results (partial or final) for this search will be available Default: 5d
- keep_on_completion – Control whether the response should be stored in the cluster if it completed within the provided [wait_for_completion] time (default: false)
- lenient – Specify whether format-based query failures (such as providing text to a numeric field) should be ignored
- max_concurrent_shard_requests – The number of concurrent shard requests per node this search executes concurrently. This value should be used to limit the impact of the search on the cluster in order to limit the number of concurrent shard requests Default: 5
- preference – Specify the node or shard the operation should be performed on (default: random)
- q – Query in the Lucene query string syntax
- request_cache – Specify if request cache should be used for this request or not, defaults to true
- routing – A comma-separated list of specific routing values
- search_type – Search operation type Valid choices: query_then_fetch, dfs_query_then_fetch
- seq_no_primary_term – Specify whether to return sequence number and primary term of the last modification of each hit
- size – Number of hits to return (default: 10)
- sort – A comma-separated list of <field>:<direction> pairs
- stats – Specific ‘tag’ of the request for logging and statistical purposes
- stored_fields – A comma-separated list of stored fields to return as part of a hit
- suggest_field – Specify which field to use for suggestions
- suggest_mode – Specify suggest mode Valid choices: missing, popular, always Default: missing
- suggest_size – How many suggestions to return in response
- suggest_text – The source text for which the suggestions should be returned
- terminate_after – The maximum number of documents to collect for each shard, upon reaching which the query execution will terminate early.
- timeout – Explicit operation timeout
- track_scores – Whether to calculate and return scores even if they are not used for sorting
- track_total_hits – Indicate if the number of documents that match the query should be tracked
- typed_keys – Specify whether aggregation and suggester names should be prefixed by their respective types in the response
- version – Specify whether to return document version as part of a hit
- wait_for_completion_timeout – Specify the time that the request should block waiting for the final response Default: 1s
-
Autoscaling APIs¶
Autoscaling API gets the current autoscaling decision based on the configured autoscaling policy.
-
class
elasticsearch.client.autoscaling.
AutoscalingClient
(client)¶ -
delete_autoscaling_policy
(name, params=None, headers=None)¶ Deletes an autoscaling policy. https://www.elastic.co/guide/en/elasticsearch/reference/current/autoscaling-delete-autoscaling-policy.html
Parameters: name – the name of the autoscaling policy
-
get_autoscaling_decision
(params=None, headers=None)¶ Gets the current autoscaling decision based on the configured autoscaling policy, indicating whether or not autoscaling is needed. https://www.elastic.co/guide/en/elasticsearch/reference/current/autoscaling-get-autoscaling-decision.html
-
get_autoscaling_policy
(name, params=None, headers=None)¶ Retrieves an autoscaling policy. https://www.elastic.co/guide/en/elasticsearch/reference/current/autoscaling-get-autoscaling-policy.html
Parameters: name – the name of the autoscaling policy
-
put_autoscaling_policy
(name, body, params=None, headers=None)¶ Creates a new autoscaling policy. https://www.elastic.co/guide/en/elasticsearch/reference/current/autoscaling-put-autoscaling-policy.html
Parameters: - name – the name of the autoscaling policy
- body – the specification of the autoscaling policy
-
EQL APIs¶
EQL API allows querying with Event Query Language (EQL) to search logs and events and match them with shared properties.
-
class
elasticsearch.client.eql.
EqlClient
(client)¶ -
delete
(id, params=None, headers=None)¶ Deletes an async EQL search by ID. If the search is still running, the search request will be cancelled. Otherwise, the saved search results are deleted. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/eql-search-api.html
Parameters: id – The async search ID
-
get
(id, params=None, headers=None)¶ Returns async results from previously executed Event Query Language (EQL) search https://www.elastic.co/guide/en/elasticsearch/reference/7.9/eql-search-api.html
Parameters: - id – The async search ID
- keep_alive – Update the time interval in which the results (partial or final) for this search will be available Default: 5d
- wait_for_completion_timeout – Specify the time that the request should block waiting for the final response
-
search
(index, body, params=None, headers=None)¶ Returns results matching a query expressed in Event Query Language (EQL) https://www.elastic.co/guide/en/elasticsearch/reference/7.9/eql-search-api.html
Parameters: - index – The name of the index to scope the operation
- body – Eql request body. Use the query to limit the query scope.
- keep_alive – Update the time interval in which the results (partial or final) for this search will be available Default: 5d
- keep_on_completion – Control whether the response should be stored in the cluster if it completed within the provided [wait_for_completion] time (default: false)
- wait_for_completion_timeout – Specify the time that the request should block waiting for the final response
-
Graph Explore APIs¶
Graph Explore API enables you to extract and summarize information about the documents and terms in your Elasticsearch index.
-
class
elasticsearch.client.graph.
GraphClient
(client)¶ -
explore
(index, body=None, doc_type=None, params=None, headers=None)¶ Explore extracted and summarized information about the documents and terms in an index. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/graph-explore-api.html
Parameters: - index – A comma-separated list of index names to search; use _all or empty string to perform the operation on all indices
- body – Graph Query DSL
- doc_type – A comma-separated list of document types to search; leave empty to perform the operation on all types
- routing – Specific routing value
- timeout – Explicit operation timeout
-
Licensing APIs¶
Licensing API can be used to manage your licences.
-
class
elasticsearch.client.license.
LicenseClient
(client)¶ -
delete
(params=None, headers=None)¶ Deletes licensing information for the cluster https://www.elastic.co/guide/en/elasticsearch/reference/7.9/delete-license.html
-
get
(params=None, headers=None)¶ Retrieves licensing information for the cluster https://www.elastic.co/guide/en/elasticsearch/reference/7.9/get-license.html
Parameters: - accept_enterprise – If the active license is an enterprise license, return type as ‘enterprise’ (default: false)
- local – Return local information, do not retrieve the state from master node (default: false)
-
get_basic_status
(params=None, headers=None)¶ Retrieves information about the status of the basic license. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/get-basic-status.html
-
get_trial_status
(params=None, headers=None)¶ Retrieves information about the status of the trial license. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/get-trial-status.html
-
post
(body=None, params=None, headers=None)¶ Updates the license for the cluster. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/update-license.html
Parameters: - body – licenses to be installed
- acknowledge – whether the user has acknowledged acknowledge messages (default: false)
-
post_start_basic
(params=None, headers=None)¶ Starts an indefinite basic license. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/start-basic.html
Parameters: acknowledge – whether the user has acknowledged acknowledge messages (default: false)
-
post_start_trial
(params=None, headers=None)¶ starts a limited time trial license. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/start-trial.html
Parameters: - acknowledge – whether the user has acknowledged acknowledge messages (default: false)
- doc_type – The type of trial license to generate (default: “trial”)
-
Machine Learning APIs¶
Machine Learning can be useful for discovering new patterns about your data. For a more detailed explanation about X-Pack’s machine learning please refer to the official documentation.
-
class
elasticsearch.client.ml.
MlClient
(client)¶ -
close_job
(job_id, body=None, params=None, headers=None)¶ Closes one or more anomaly detection jobs. A job can be opened and closed multiple times throughout its lifecycle. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-close-job.html
Parameters: - job_id – The name of the job to close
- body – The URL params optionally sent in the body
- allow_no_jobs – Whether to ignore if a wildcard expression matches no jobs. (This includes _all string or when no jobs have been specified)
- force – True if the job should be forcefully closed
- timeout – Controls the time to wait until a job has closed. Default to 30 minutes
-
delete_calendar
(calendar_id, params=None, headers=None)¶ Deletes a calendar. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-delete-calendar.html
Parameters: calendar_id – The ID of the calendar to delete
-
delete_calendar_event
(calendar_id, event_id, params=None, headers=None)¶ Deletes scheduled events from a calendar. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-delete-calendar-event.html
Parameters: - calendar_id – The ID of the calendar to modify
- event_id – The ID of the event to remove from the calendar
-
delete_calendar_job
(calendar_id, job_id, params=None, headers=None)¶ Deletes anomaly detection jobs from a calendar. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-delete-calendar-job.html
Parameters: - calendar_id – The ID of the calendar to modify
- job_id – The ID of the job to remove from the calendar
-
delete_data_frame_analytics
(id, params=None, headers=None)¶ Deletes an existing data frame analytics job. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/delete-dfanalytics.html
Parameters: - id – The ID of the data frame analytics to delete
- force – True if the job should be forcefully deleted
- timeout – Controls the time to wait until a job is deleted. Defaults to 1 minute
-
delete_datafeed
(datafeed_id, params=None, headers=None)¶ Deletes an existing datafeed. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-delete-datafeed.html
Parameters: - datafeed_id – The ID of the datafeed to delete
- force – True if the datafeed should be forcefully deleted
-
delete_expired_data
(body=None, job_id=None, params=None, headers=None)¶ Deletes expired and unused machine learning data. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-delete-expired-data.html
Parameters: - body – deleting expired data parameters
- job_id – The ID of the job(s) to perform expired data hygiene for
- requests_per_second – The desired requests per second for the deletion processes.
- timeout – How long can the underlying delete processes run until they are canceled
-
delete_filter
(filter_id, params=None, headers=None)¶ Deletes a filter. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-delete-filter.html
Parameters: filter_id – The ID of the filter to delete
-
delete_forecast
(job_id, forecast_id=None, params=None, headers=None)¶ Deletes forecasts from a machine learning job. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-delete-forecast.html
Parameters: - job_id – The ID of the job from which to delete forecasts
- forecast_id – The ID of the forecast to delete, can be comma delimited list. Leaving blank implies _all
- allow_no_forecasts – Whether to ignore if _all matches no forecasts
- timeout – Controls the time to wait until the forecast(s) are deleted. Default to 30 seconds
-
delete_job
(job_id, params=None, headers=None)¶ Deletes an existing anomaly detection job. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-delete-job.html
Parameters: - job_id – The ID of the job to delete
- force – True if the job should be forcefully deleted
- wait_for_completion – Should this request wait until the operation has completed before returning Default: True
-
delete_model_snapshot
(job_id, snapshot_id, params=None, headers=None)¶ Deletes an existing model snapshot. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-delete-snapshot.html
Parameters: - job_id – The ID of the job to fetch
- snapshot_id – The ID of the snapshot to delete
-
delete_trained_model
(model_id, params=None, headers=None)¶ Deletes an existing trained inference model that is currently not referenced by an ingest pipeline. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/delete-inference.html
Parameters: model_id – The ID of the trained model to delete
-
estimate_model_memory
(body, params=None, headers=None)¶ Estimates the model memory https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-apis.html
Parameters: body – The analysis config, plus cardinality estimates for fields it references
-
evaluate_data_frame
(body, params=None, headers=None)¶ Evaluates the data frame analytics for an annotated index. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/evaluate-dfanalytics.html
Parameters: body – The evaluation definition
-
explain_data_frame_analytics
(body=None, id=None, params=None, headers=None)¶ Explains a data frame analytics config. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/explain-dfanalytics.html
Parameters: - body – The data frame analytics config to explain
- id – The ID of the data frame analytics to explain
-
find_file_structure
(body, params=None, headers=None)¶ Finds the structure of a text file. The text file must contain data that is suitable to be ingested into Elasticsearch. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-find-file-structure.html
Parameters: - body – The contents of the file to be analyzed
- charset – Optional parameter to specify the character set of the file
- column_names – Optional parameter containing a comma separated list of the column names for a delimited file
- delimiter – Optional parameter to specify the delimiter character for a delimited file - must be a single character
- explain – Whether to include a commentary on how the structure was derived
- format – Optional parameter to specify the high level file format Valid choices: ndjson, xml, delimited, semi_structured_text
- grok_pattern – Optional parameter to specify the Grok pattern that should be used to extract fields from messages in a semi- structured text file
- has_header_row – Optional parameter to specify whether a delimited file includes the column names in its first row
- line_merge_size_limit – Maximum number of characters permitted in a single message when lines are merged to create messages. Default: 10000
- lines_to_sample – How many lines of the file should be included in the analysis Default: 1000
- quote – Optional parameter to specify the quote character for a delimited file - must be a single character
- should_trim_fields – Optional parameter to specify whether the values between delimiters in a delimited file should have whitespace trimmed from them
- timeout – Timeout after which the analysis will be aborted Default: 25s
- timestamp_field – Optional parameter to specify the timestamp field in the file
- timestamp_format – Optional parameter to specify the timestamp format in the file - may be either a Joda or Java time format
-
flush_job
(job_id, body=None, params=None, headers=None)¶ Forces any buffered data to be processed by the job. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-flush-job.html
Parameters: - job_id – The name of the job to flush
- body – Flush parameters
- advance_time – Advances time to the given value generating results and updating the model for the advanced interval
- calc_interim – Calculates interim results for the most recent bucket or all buckets within the latency period
- end – When used in conjunction with calc_interim, specifies the range of buckets on which to calculate interim results
- skip_time – Skips time to the given value without generating results or updating the model for the skipped interval
- start – When used in conjunction with calc_interim, specifies the range of buckets on which to calculate interim results
-
forecast
(job_id, params=None, headers=None)¶ Predicts the future behavior of a time series by using its historical behavior. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-forecast.html
Parameters: - job_id – The ID of the job to forecast for
- duration – The duration of the forecast
- expires_in – The time interval after which the forecast expires. Expired forecasts will be deleted at the first opportunity.
- max_model_memory – The max memory able to be used by the forecast. Default is 20mb.
-
get_buckets
(job_id, body=None, timestamp=None, params=None, headers=None)¶ Retrieves anomaly detection job results for one or more buckets. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-get-bucket.html
Parameters: - job_id – ID of the job to get bucket results from
- body – Bucket selection details if not provided in URI
- timestamp – The timestamp of the desired single bucket result
- anomaly_score – Filter for the most anomalous buckets
- desc – Set the sort direction
- end – End time filter for buckets
- exclude_interim – Exclude interim results
- expand – Include anomaly records
- from – skips a number of buckets
- size – specifies a max number of buckets to get
- sort – Sort buckets by a particular field
- start – Start time filter for buckets
-
get_calendar_events
(calendar_id, params=None, headers=None)¶ Retrieves information about the scheduled events in calendars. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-get-calendar-event.html
Parameters: - calendar_id – The ID of the calendar containing the events
- end – Get events before this time
- from – Skips a number of events
- job_id – Get events for the job. When this option is used calendar_id must be ‘_all’
- size – Specifies a max number of events to get
- start – Get events after this time
-
get_calendars
(body=None, calendar_id=None, params=None, headers=None)¶ Retrieves configuration information for calendars. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-get-calendar.html
Parameters: - body – The from and size parameters optionally sent in the body
- calendar_id – The ID of the calendar to fetch
- from – skips a number of calendars
- size – specifies a max number of calendars to get
-
get_categories
(job_id, body=None, category_id=None, params=None, headers=None)¶ Retrieves anomaly detection job results for one or more categories. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-get-category.html
Parameters: - job_id – The name of the job
- body – Category selection details if not provided in URI
- category_id – The identifier of the category definition of interest
- from – skips a number of categories
- partition_field_value – Specifies the partition to retrieve categories for. This is optional, and should never be used for jobs where per-partition categorization is disabled.
- size – specifies a max number of categories to get
-
get_data_frame_analytics
(id=None, params=None, headers=None)¶ Retrieves configuration information for data frame analytics jobs. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/get-dfanalytics.html
Parameters: - id – The ID of the data frame analytics to fetch
- allow_no_match – Whether to ignore if a wildcard expression matches no data frame analytics. (This includes _all string or when no data frame analytics have been specified) Default: True
- from – skips a number of analytics
- size – specifies a max number of analytics to get Default: 100
-
get_data_frame_analytics_stats
(id=None, params=None, headers=None)¶ Retrieves usage information for data frame analytics jobs. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/get-dfanalytics-stats.html
Parameters: - id – The ID of the data frame analytics stats to fetch
- allow_no_match – Whether to ignore if a wildcard expression matches no data frame analytics. (This includes _all string or when no data frame analytics have been specified) Default: True
- from – skips a number of analytics
- size – specifies a max number of analytics to get Default: 100
-
get_datafeed_stats
(datafeed_id=None, params=None, headers=None)¶ Retrieves usage information for datafeeds. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-get-datafeed-stats.html
Parameters: - datafeed_id – The ID of the datafeeds stats to fetch
- allow_no_datafeeds – Whether to ignore if a wildcard expression matches no datafeeds. (This includes _all string or when no datafeeds have been specified)
-
get_datafeeds
(datafeed_id=None, params=None, headers=None)¶ Retrieves configuration information for datafeeds. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-get-datafeed.html
Parameters: - datafeed_id – The ID of the datafeeds to fetch
- allow_no_datafeeds – Whether to ignore if a wildcard expression matches no datafeeds. (This includes _all string or when no datafeeds have been specified)
-
get_filters
(filter_id=None, params=None, headers=None)¶ Retrieves filters. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-get-filter.html
Parameters: - filter_id – The ID of the filter to fetch
- from – skips a number of filters
- size – specifies a max number of filters to get
-
get_influencers
(job_id, body=None, params=None, headers=None)¶ Retrieves anomaly detection job results for one or more influencers. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-get-influencer.html
Parameters: - job_id – Identifier for the anomaly detection job
- body – Influencer selection criteria
- desc – whether the results should be sorted in decending order
- end – end timestamp for the requested influencers
- exclude_interim – Exclude interim results
- from – skips a number of influencers
- influencer_score – influencer score threshold for the requested influencers
- size – specifies a max number of influencers to get
- sort – sort field for the requested influencers
- start – start timestamp for the requested influencers
-
get_job_stats
(job_id=None, params=None, headers=None)¶ Retrieves usage information for anomaly detection jobs. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-get-job-stats.html
Parameters: - job_id – The ID of the jobs stats to fetch
- allow_no_jobs – Whether to ignore if a wildcard expression matches no jobs. (This includes _all string or when no jobs have been specified)
-
get_jobs
(job_id=None, params=None, headers=None)¶ Retrieves configuration information for anomaly detection jobs. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-get-job.html
Parameters: - job_id – The ID of the jobs to fetch
- allow_no_jobs – Whether to ignore if a wildcard expression matches no jobs. (This includes _all string or when no jobs have been specified)
-
get_model_snapshots
(job_id, body=None, snapshot_id=None, params=None, headers=None)¶ Retrieves information about model snapshots. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-get-snapshot.html
Parameters: - job_id – The ID of the job to fetch
- body – Model snapshot selection criteria
- snapshot_id – The ID of the snapshot to fetch
- desc – True if the results should be sorted in descending order
- end – The filter ‘end’ query parameter
- from – Skips a number of documents
- size – The default number of documents returned in queries as a string.
- sort – Name of the field to sort on
- start – The filter ‘start’ query parameter
-
get_overall_buckets
(job_id, body=None, params=None, headers=None)¶ Retrieves overall bucket results that summarize the bucket results of multiple anomaly detection jobs. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-get-overall-buckets.html
Parameters: - job_id – The job IDs for which to calculate overall bucket results
- body – Overall bucket selection details if not provided in URI
- allow_no_jobs – Whether to ignore if a wildcard expression matches no jobs. (This includes _all string or when no jobs have been specified)
- bucket_span – The span of the overall buckets. Defaults to the longest job bucket_span
- end – Returns overall buckets with timestamps earlier than this time
- exclude_interim – If true overall buckets that include interim buckets will be excluded
- overall_score – Returns overall buckets with overall scores higher than this value
- start – Returns overall buckets with timestamps after this time
- top_n – The number of top job bucket scores to be used in the overall_score calculation
-
get_records
(job_id, body=None, params=None, headers=None)¶ Retrieves anomaly records for an anomaly detection job. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-get-record.html
Parameters: - job_id – The ID of the job
- body – Record selection criteria
- desc – Set the sort direction
- end – End time filter for records
- exclude_interim – Exclude interim results
- from – skips a number of records
- record_score – Returns records with anomaly scores greater or equal than this value
- size – specifies a max number of records to get
- sort – Sort records by a particular field
- start – Start time filter for records
-
get_trained_models
(model_id=None, params=None, headers=None)¶ Retrieves configuration information for a trained inference model. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/get-inference.html
Parameters: - model_id – The ID of the trained models to fetch
- allow_no_match – Whether to ignore if a wildcard expression matches no trained models. (This includes _all string or when no trained models have been specified) Default: True
- decompress_definition – Should the model definition be decompressed into valid JSON or returned in a custom compressed format. Defaults to true. Default: True
- for_export – Omits fields that are illegal to set on model PUT
- from – skips a number of trained models
- include_model_definition – Should the full model definition be included in the results. These definitions can be large. So be cautious when including them. Defaults to false.
- size – specifies a max number of trained models to get Default: 100
- tags – A comma-separated list of tags that the model must have.
-
get_trained_models_stats
(model_id=None, params=None, headers=None)¶ Retrieves usage information for trained inference models. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/get-inference-stats.html
Parameters: - model_id – The ID of the trained models stats to fetch
- allow_no_match – Whether to ignore if a wildcard expression matches no trained models. (This includes _all string or when no trained models have been specified) Default: True
- from – skips a number of trained models
- size – specifies a max number of trained models to get Default: 100
-
info
(params=None, headers=None)¶ Returns defaults and limits used by machine learning. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/get-ml-info.html
-
open_job
(job_id, params=None, headers=None)¶ Opens one or more anomaly detection jobs. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-open-job.html
Parameters: job_id – The ID of the job to open
-
post_calendar_events
(calendar_id, body, params=None, headers=None)¶ Posts scheduled events in a calendar. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-post-calendar-event.html
Parameters: - calendar_id – The ID of the calendar to modify
- body – A list of events
-
post_data
(job_id, body, params=None, headers=None)¶ Sends data to an anomaly detection job for analysis. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-post-data.html
Parameters: - job_id – The name of the job receiving the data
- body – The data to process
- reset_end – Optional parameter to specify the end of the bucket resetting range
- reset_start – Optional parameter to specify the start of the bucket resetting range
-
preview_datafeed
(datafeed_id, params=None, headers=None)¶ Previews a datafeed. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-preview-datafeed.html
Parameters: datafeed_id – The ID of the datafeed to preview
-
put_calendar
(calendar_id, body=None, params=None, headers=None)¶ Instantiates a calendar. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-put-calendar.html
Parameters: - calendar_id – The ID of the calendar to create
- body – The calendar details
-
put_calendar_job
(calendar_id, job_id, params=None, headers=None)¶ Adds an anomaly detection job to a calendar. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-put-calendar-job.html
Parameters: - calendar_id – The ID of the calendar to modify
- job_id – The ID of the job to add to the calendar
-
put_data_frame_analytics
(id, body, params=None, headers=None)¶ Instantiates a data frame analytics job. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/put-dfanalytics.html
Parameters: - id – The ID of the data frame analytics to create
- body – The data frame analytics configuration
-
put_datafeed
(datafeed_id, body, params=None, headers=None)¶ Instantiates a datafeed. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-put-datafeed.html
Parameters: - datafeed_id – The ID of the datafeed to create
- body – The datafeed config
- allow_no_indices – Ignore if the source indices expressions resolves to no concrete indices (default: true)
- expand_wildcards – Whether source index expressions should get expanded to open or closed indices (default: open) Valid choices: open, closed, hidden, none, all
- ignore_throttled – Ignore indices that are marked as throttled (default: true)
- ignore_unavailable – Ignore unavailable indexes (default: false)
-
put_filter
(filter_id, body, params=None, headers=None)¶ Instantiates a filter. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-put-filter.html
Parameters: - filter_id – The ID of the filter to create
- body – The filter details
-
put_job
(job_id, body, params=None, headers=None)¶ Instantiates an anomaly detection job. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-put-job.html
Parameters: - job_id – The ID of the job to create
- body – The job
-
put_trained_model
(model_id, body, params=None, headers=None)¶ Creates an inference trained model. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/put-inference.html
Parameters: - model_id – The ID of the trained models to store
- body – The trained model configuration
-
revert_model_snapshot
(job_id, snapshot_id, body=None, params=None, headers=None)¶ Reverts to a specific snapshot. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-revert-snapshot.html
Parameters: - job_id – The ID of the job to fetch
- snapshot_id – The ID of the snapshot to revert to
- body – Reversion options
- delete_intervening_results – Should we reset the results back to the time of the snapshot?
-
set_upgrade_mode
(params=None, headers=None)¶ Sets a cluster wide upgrade_mode setting that prepares machine learning indices for an upgrade. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-set-upgrade-mode.html
Parameters: - enabled – Whether to enable upgrade_mode ML setting or not. Defaults to false.
- timeout – Controls the time to wait before action times out. Defaults to 30 seconds
-
start_data_frame_analytics
(id, body=None, params=None, headers=None)¶ Starts a data frame analytics job. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/start-dfanalytics.html
Parameters: - id – The ID of the data frame analytics to start
- body – The start data frame analytics parameters
- timeout – Controls the time to wait until the task has started. Defaults to 20 seconds
-
start_datafeed
(datafeed_id, body=None, params=None, headers=None)¶ Starts one or more datafeeds. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-start-datafeed.html
Parameters: - datafeed_id – The ID of the datafeed to start
- body – The start datafeed parameters
- end – The end time when the datafeed should stop. When not set, the datafeed continues in real time
- start – The start time from where the datafeed should begin
- timeout – Controls the time to wait until a datafeed has started. Default to 20 seconds
-
stop_data_frame_analytics
(id, body=None, params=None, headers=None)¶ Stops one or more data frame analytics jobs. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/stop-dfanalytics.html
Parameters: - id – The ID of the data frame analytics to stop
- body – The stop data frame analytics parameters
- allow_no_match – Whether to ignore if a wildcard expression matches no data frame analytics. (This includes _all string or when no data frame analytics have been specified)
- force – True if the data frame analytics should be forcefully stopped
- timeout – Controls the time to wait until the task has stopped. Defaults to 20 seconds
-
stop_datafeed
(datafeed_id, params=None, headers=None)¶ Stops one or more datafeeds. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-stop-datafeed.html
Parameters: - datafeed_id – The ID of the datafeed to stop
- allow_no_datafeeds – Whether to ignore if a wildcard expression matches no datafeeds. (This includes _all string or when no datafeeds have been specified)
- force – True if the datafeed should be forcefully stopped.
- timeout – Controls the time to wait until a datafeed has stopped. Default to 20 seconds
-
update_data_frame_analytics
(id, body, params=None, headers=None)¶ Updates certain properties of a data frame analytics job. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/update-dfanalytics.html
Parameters: - id – The ID of the data frame analytics to update
- body – The data frame analytics settings to update
-
update_datafeed
(datafeed_id, body, params=None, headers=None)¶ Updates certain properties of a datafeed. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-update-datafeed.html
Parameters: - datafeed_id – The ID of the datafeed to update
- body – The datafeed update settings
- allow_no_indices – Ignore if the source indices expressions resolves to no concrete indices (default: true)
- expand_wildcards – Whether source index expressions should get expanded to open or closed indices (default: open) Valid choices: open, closed, hidden, none, all
- ignore_throttled – Ignore indices that are marked as throttled (default: true)
- ignore_unavailable – Ignore unavailable indexes (default: false)
-
update_filter
(filter_id, body, params=None, headers=None)¶ Updates the description of a filter, adds items, or removes items. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-update-filter.html
Parameters: - filter_id – The ID of the filter to update
- body – The filter update
-
update_job
(job_id, body, params=None, headers=None)¶ Updates certain properties of an anomaly detection job. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-update-job.html
Parameters: - job_id – The ID of the job to create
- body – The job update settings
-
update_model_snapshot
(job_id, snapshot_id, body, params=None, headers=None)¶ Updates certain properties of a snapshot. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ml-update-snapshot.html
Parameters: - job_id – The ID of the job to fetch
- snapshot_id – The ID of the snapshot to update
- body – The model snapshot properties to update
-
validate
(body, params=None, headers=None)¶ Validates an anomaly detection job. https://www.elastic.co/guide/en/machine-learning/current/ml-jobs.html
Parameters: body – The job config
-
validate_detector
(body, params=None, headers=None)¶ Validates an anomaly detection detector. https://www.elastic.co/guide/en/machine-learning/current/ml-jobs.html
Parameters: body – The detector
-
Security APIs¶
Security API can be used to help secure your Elasticsearch cluster. Integrating with LDAP and Active Directory.
-
class
elasticsearch.client.security.
SecurityClient
(client)¶ -
authenticate
(params=None, headers=None)¶ Enables authentication as a user and retrieve information about the authenticated user. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-authenticate.html
-
change_password
(body, username=None, params=None, headers=None)¶ Changes the passwords of users in the native realm and built-in users. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-change-password.html
Parameters: - body – the new password for the user
- username – The username of the user to change the password for
- refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
-
clear_cached_privileges
(application, params=None, headers=None)¶ Evicts application privileges from the native application privileges cache. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-clear-privilege-cache.html
Parameters: application – A comma-separated list of application names
-
clear_cached_realms
(realms, params=None, headers=None)¶ Evicts users from the user cache. Can completely clear the cache or evict specific users. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-clear-cache.html
Parameters: - realms – Comma-separated list of realms to clear
- usernames – Comma-separated list of usernames to clear from the cache
-
clear_cached_roles
(name, params=None, headers=None)¶ Evicts roles from the native role cache. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-clear-role-cache.html
Parameters: name – Role name
-
create_api_key
(body, params=None, headers=None)¶ Creates an API key for access without requiring basic authentication. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-create-api-key.html
Parameters: - body – The api key request to create an API key
- refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
-
delete_privileges
(application, name, params=None, headers=None)¶ Removes application privileges. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-delete-privilege.html
Parameters: - application – Application name
- name – Privilege name
- refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
-
delete_role
(name, params=None, headers=None)¶ Removes roles in the native realm. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-delete-role.html
Parameters: - name – Role name
- refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
-
delete_role_mapping
(name, params=None, headers=None)¶ Removes role mappings. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-delete-role-mapping.html
Parameters: - name – Role-mapping name
- refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
-
delete_user
(username, params=None, headers=None)¶ Deletes users from the native realm. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-delete-user.html
Parameters: - username – username
- refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
-
disable_user
(username, params=None, headers=None)¶ Disables users in the native realm. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-disable-user.html
Parameters: - username – The username of the user to disable
- refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
-
enable_user
(username, params=None, headers=None)¶ Enables users in the native realm. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-enable-user.html
Parameters: - username – The username of the user to enable
- refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
-
get_api_key
(params=None, headers=None)¶ Retrieves information for one or more API keys. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-get-api-key.html
Parameters: - id – API key id of the API key to be retrieved
- name – API key name of the API key to be retrieved
- owner – flag to query API keys owned by the currently authenticated user
- realm_name – realm name of the user who created this API key to be retrieved
- username – user name of the user who created this API key to be retrieved
-
get_builtin_privileges
(params=None, headers=None)¶ Retrieves the list of cluster privileges and index privileges that are available in this version of Elasticsearch. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-get-builtin-privileges.html
-
get_privileges
(application=None, name=None, params=None, headers=None)¶ Retrieves application privileges. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-get-privileges.html
Parameters: - application – Application name
- name – Privilege name
-
get_role
(name=None, params=None, headers=None)¶ Retrieves roles in the native realm. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-get-role.html
Parameters: name – Role name
-
get_role_mapping
(name=None, params=None, headers=None)¶ Retrieves role mappings. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-get-role-mapping.html
Parameters: name – Role-Mapping name
-
get_token
(body, params=None, headers=None)¶ Creates a bearer token for access without requiring basic authentication. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-get-token.html
Parameters: body – The token request to get
-
get_user
(username=None, params=None, headers=None)¶ Retrieves information about users in the native realm and built-in users. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-get-user.html
Parameters: username – A comma-separated list of usernames
-
get_user_privileges
(params=None, headers=None)¶ Retrieves application privileges. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-get-privileges.html
-
has_privileges
(body, user=None, params=None, headers=None)¶ Determines whether the specified user has a specified list of privileges. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-has-privileges.html
Parameters: - body – The privileges to test
- user – Username
-
invalidate_api_key
(body, params=None, headers=None)¶ Invalidates one or more API keys. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-invalidate-api-key.html
Parameters: body – The api key request to invalidate API key(s)
-
invalidate_token
(body, params=None, headers=None)¶ Invalidates one or more access tokens or refresh tokens. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-invalidate-token.html
Parameters: body – The token to invalidate
-
put_privileges
(body, params=None, headers=None)¶ Adds or updates application privileges. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-put-privileges.html
Parameters: - body – The privilege(s) to add
- refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
-
put_role
(name, body, params=None, headers=None)¶ Adds and updates roles in the native realm. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-put-role.html
Parameters: - name – Role name
- body – The role to add
- refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
-
put_role_mapping
(name, body, params=None, headers=None)¶ Creates and updates role mappings. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-put-role-mapping.html
Parameters: - name – Role-mapping name
- body – The role mapping to add
- refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
-
put_user
(username, body, params=None, headers=None)¶ Adds and updates users in the native realm. These users are commonly referred to as native users. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/security-api-put-user.html
Parameters: - username – The username of the User
- body – The user to add
- refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
-
Watcher APIs¶
Watcher API can be used to notify you when certain pre-defined thresholds have happened.
-
class
elasticsearch.client.watcher.
WatcherClient
(client)¶ -
ack_watch
(watch_id, action_id=None, params=None, headers=None)¶ Acknowledges a watch, manually throttling the execution of the watch’s actions. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/watcher-api-ack-watch.html
Parameters: - watch_id – Watch ID
- action_id – A comma-separated list of the action ids to be acked
-
activate_watch
(watch_id, params=None, headers=None)¶ Activates a currently inactive watch. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/watcher-api-activate-watch.html
Parameters: watch_id – Watch ID
-
deactivate_watch
(watch_id, params=None, headers=None)¶ Deactivates a currently active watch. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/watcher-api-deactivate-watch.html
Parameters: watch_id – Watch ID
-
delete_watch
(id, params=None, headers=None)¶ Removes a watch from Watcher. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/watcher-api-delete-watch.html
Parameters: id – Watch ID
-
execute_watch
(body=None, id=None, params=None, headers=None)¶ Forces the execution of a stored watch. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/watcher-api-execute-watch.html
Parameters: - body – Execution control
- id – Watch ID
- debug – indicates whether the watch should execute in debug mode
-
get_watch
(id, params=None, headers=None)¶ Retrieves a watch by its ID. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/watcher-api-get-watch.html
Parameters: id – Watch ID
-
put_watch
(id, body=None, params=None, headers=None)¶ Creates a new watch, or updates an existing one. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/watcher-api-put-watch.html
Parameters: - id – Watch ID
- body – The watch
- active – Specify whether the watch is in/active by default
- if_primary_term – only update the watch if the last operation that has changed the watch has the specified primary term
- if_seq_no – only update the watch if the last operation that has changed the watch has the specified sequence number
- version – Explicit version number for concurrency control
-
start
(params=None, headers=None)¶ Starts Watcher if it is not already running. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/watcher-api-start.html
-
stats
(metric=None, params=None, headers=None)¶ Retrieves the current Watcher metrics. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/watcher-api-stats.html
Parameters: - metric – Controls what additional stat metrics should be include in the response Valid choices: _all, queued_watches, current_watches, pending_watches
- emit_stacktraces – Emits stack traces of currently running watches
-
stop
(params=None, headers=None)¶ Stops Watcher if it is running. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/watcher-api-stop.html
-
Migration APIs¶
Migration API helps simplify upgrading X-Pack indices from one version to another.
-
class
elasticsearch.client.migration.
MigrationClient
(client)¶ -
deprecations
(index=None, params=None, headers=None)¶ Retrieves information about different cluster, node, and index level settings that use deprecated features that will be removed or changed in the next major version. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/migration-api-deprecation.html
Parameters: index – Index pattern
-
Enrich APIs¶
Enrich API can be used to add data from your existing indices to incoming documents during ingest.
-
class
elasticsearch.client.enrich.
EnrichClient
(client)¶ -
delete_policy
(name, params=None, headers=None)¶ Deletes an existing enrich policy and its enrich index. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/delete-enrich-policy-api.html
Parameters: name – The name of the enrich policy
-
execute_policy
(name, params=None, headers=None)¶ Creates the enrich index for an existing enrich policy. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/execute-enrich-policy-api.html
Parameters: - name – The name of the enrich policy
- wait_for_completion – Should the request should block until the execution is complete. Default: True
-
get_policy
(name=None, params=None, headers=None)¶ Gets information about an enrich policy. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/get-enrich-policy-api.html
Parameters: name – A comma-separated list of enrich policy names
-
put_policy
(name, body, params=None, headers=None)¶ Creates a new enrich policy. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/put-enrich-policy-api.html
Parameters: - name – The name of the enrich policy
- body – The enrich policy to register
-
stats
(params=None, headers=None)¶ Gets enrich coordinator statistics and information about enrich policies that are currently executing. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/enrich-stats-api.html
-
SQL APIs¶
The SQL REST API accepts SQL in a JSON document, executes it, and returns the results.
-
class
elasticsearch.client.sql.
SqlClient
(client)¶ -
clear_cursor
(body, params=None, headers=None)¶ Clears the SQL cursor https://www.elastic.co/guide/en/elasticsearch/reference/7.9/sql-pagination.html
Parameters: body – Specify the cursor value in the cursor element to clean the cursor.
-
query
(body, params=None, headers=None)¶ Executes a SQL request https://www.elastic.co/guide/en/elasticsearch/reference/7.9/sql-rest-overview.html
Parameters: - body – Use the query element to start a query. Use the cursor element to continue a query.
- format – a short version of the Accept header, e.g. json, yaml
-
translate
(body, params=None, headers=None)¶ Translates SQL into Elasticsearch queries https://www.elastic.co/guide/en/elasticsearch/reference/7.9/sql-translate.html
Parameters: body – Specify the query in the query element.
-
Cross-Cluster Replication APIs¶
Cross-Cluster Replication API used to perform cross-cluster replication operations.
-
class
elasticsearch.client.ccr.
CcrClient
(client)¶ -
delete_auto_follow_pattern
(name, params=None, headers=None)¶ Deletes auto-follow patterns. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ccr-delete-auto-follow-pattern.html
Parameters: name – The name of the auto follow pattern.
-
follow
(index, body, params=None, headers=None)¶ Creates a new follower index configured to follow the referenced leader index. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ccr-put-follow.html
Parameters: - index – The name of the follower index
- body – The name of the leader index and other optional ccr related parameters
- wait_for_active_shards – Sets the number of shard copies that must be active before returning. Defaults to 0. Set to all for all shard copies, otherwise set to any non-negative value less than or equal to the total number of copies for the shard (number of replicas + 1) Default: 0
-
follow_info
(index, params=None, headers=None)¶ Retrieves information about all follower indices, including parameters and status for each follower index https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ccr-get-follow-info.html
Parameters: index – A comma-separated list of index patterns; use _all to perform the operation on all indices
-
follow_stats
(index, params=None, headers=None)¶ Retrieves follower stats. return shard-level stats about the following tasks associated with each shard for the specified indices. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ccr-get-follow-stats.html
Parameters: index – A comma-separated list of index patterns; use _all to perform the operation on all indices
-
forget_follower
(index, body, params=None, headers=None)¶ Removes the follower retention leases from the leader. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ccr-post-forget-follower.html
Parameters: - index – the name of the leader index for which specified follower retention leases should be removed
- body – the name and UUID of the follower index, the name of the cluster containing the follower index, and the alias from the perspective of that cluster for the remote cluster containing the leader index
-
get_auto_follow_pattern
(name=None, params=None, headers=None)¶ Gets configured auto-follow patterns. Returns the specified auto-follow pattern collection. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ccr-get-auto-follow-pattern.html
Parameters: name – The name of the auto follow pattern.
-
pause_auto_follow_pattern
(name, params=None, headers=None)¶ Pauses an auto-follow pattern https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ccr-pause-auto-follow-pattern.html
Parameters: name – The name of the auto follow pattern that should pause discovering new indices to follow.
-
pause_follow
(index, params=None, headers=None)¶ Pauses a follower index. The follower index will not fetch any additional operations from the leader index. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ccr-post-pause-follow.html
Parameters: index – The name of the follower index that should pause following its leader index.
-
put_auto_follow_pattern
(name, body, params=None, headers=None)¶ Creates a new named collection of auto-follow patterns against a specified remote cluster. Newly created indices on the remote cluster matching any of the specified patterns will be automatically configured as follower indices. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ccr-put-auto-follow-pattern.html
Parameters: - name – The name of the auto follow pattern.
- body – The specification of the auto follow pattern
-
resume_auto_follow_pattern
(name, params=None, headers=None)¶ Resumes an auto-follow pattern that has been paused https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ccr-resume-auto-follow-pattern.html
Parameters: name – The name of the auto follow pattern to resume discovering new indices to follow.
-
resume_follow
(index, body=None, params=None, headers=None)¶ Resumes a follower index that has been paused https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ccr-post-resume-follow.html
Parameters: - index – The name of the follow index to resume following.
- body – The name of the leader index and other optional ccr related parameters
-
stats
(params=None, headers=None)¶ Gets all stats related to cross-cluster replication. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ccr-get-stats.html
-
unfollow
(index, params=None, headers=None)¶ Stops the following task associated with a follower index and removes index metadata and settings associated with cross-cluster replication. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ccr-post-unfollow.html
Parameters: index – The name of the follower index that should be turned into a regular index.
-
Monitoring APIs¶
Monitoring API used to collect data from the Elasticsearch nodes, Logstash nodes, Kibana instances, and Beats in your cluster.
-
class
elasticsearch.client.monitoring.
MonitoringClient
(client)¶ -
bulk
(body, doc_type=None, params=None, headers=None)¶ Used by the monitoring features to send monitoring data. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/monitor-elasticsearch-cluster.html
Parameters: - body – The operation definition and data (action-data pairs), separated by newlines
- doc_type – Default document type for items which don’t provide one
- interval – Collection interval (e.g., ’10s’ or ‘10000ms’) of the payload
- system_api_version – API Version of the monitored system
- system_id – Identifier of the monitored system
-
Rollup APIs¶
Rollup API enables searching through rolled-up data using the standard query DSL.
-
class
elasticsearch.client.rollup.
RollupClient
(client)¶ -
delete_job
(id, params=None, headers=None)¶ Deletes an existing rollup job. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/rollup-delete-job.html
Parameters: id – The ID of the job to delete
-
get_jobs
(id=None, params=None, headers=None)¶ Retrieves the configuration, stats, and status of rollup jobs. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/rollup-get-job.html
Parameters: id – The ID of the job(s) to fetch. Accepts glob patterns, or left blank for all jobs
-
get_rollup_caps
(id=None, params=None, headers=None)¶ Returns the capabilities of any rollup jobs that have been configured for a specific index or index pattern. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/rollup-get-rollup-caps.html
Parameters: id – The ID of the index to check rollup capabilities on, or left blank for all jobs
-
get_rollup_index_caps
(index, params=None, headers=None)¶ Returns the rollup capabilities of all jobs inside of a rollup index (e.g. the index where rollup data is stored). https://www.elastic.co/guide/en/elasticsearch/reference/7.9/rollup-get-rollup-index-caps.html
Parameters: index – The rollup index or index pattern to obtain rollup capabilities from.
-
put_job
(id, body, params=None, headers=None)¶ Creates a rollup job. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/rollup-put-job.html
Parameters: - id – The ID of the job to create
- body – The job configuration
-
rollup_search
(index, body, doc_type=None, params=None, headers=None)¶ Enables searching rolled-up data using the standard query DSL. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/rollup-search.html
Parameters: - index – The indices or index-pattern(s) (containing rollup or regular data) that should be searched
- body – The search request body
- doc_type – The doc type inside the index
- rest_total_hits_as_int – Indicates whether hits.total should be rendered as an integer or an object in the rest search response
- typed_keys – Specify whether aggregation and suggester names should be prefixed by their respective types in the response
-
start_job
(id, params=None, headers=None)¶ Starts an existing, stopped rollup job. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/rollup-start-job.html
Parameters: id – The ID of the job to start
-
stop_job
(id, params=None, headers=None)¶ Stops an existing, started rollup job. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/rollup-stop-job.html
Parameters: - id – The ID of the job to stop
- timeout – Block for (at maximum) the specified duration while waiting for the job to stop. Defaults to 30s.
- wait_for_completion – True if the API should block until the job has fully stopped, false if should be executed async. Defaults to false.
-
Snapshot Lifecycle Management APIs¶
Snapshot Lifecycle Management API can be used to set up policies to automatically take snapshots and control how long they are retained.
-
class
elasticsearch.client.slm.
SlmClient
(client)¶ -
delete_lifecycle
(policy_id, params=None, headers=None)¶ Deletes an existing snapshot lifecycle policy. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/slm-api-delete-policy.html
Parameters: policy_id – The id of the snapshot lifecycle policy to remove
-
execute_lifecycle
(policy_id, params=None, headers=None)¶ Immediately creates a snapshot according to the lifecycle policy, without waiting for the scheduled time. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/slm-api-execute-lifecycle.html
Parameters: policy_id – The id of the snapshot lifecycle policy to be executed
-
execute_retention
(params=None, headers=None)¶ Deletes any snapshots that are expired according to the policy’s retention rules. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/slm-api-execute-retention.html
-
get_lifecycle
(policy_id=None, params=None, headers=None)¶ Retrieves one or more snapshot lifecycle policy definitions and information about the latest snapshot attempts. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/slm-api-get-policy.html
Parameters: policy_id – Comma-separated list of snapshot lifecycle policies to retrieve
-
get_stats
(params=None, headers=None)¶ Returns global and policy-level statistics about actions taken by snapshot lifecycle management. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/slm-api-get-stats.html
-
get_status
(params=None, headers=None)¶ Retrieves the status of snapshot lifecycle management (SLM). https://www.elastic.co/guide/en/elasticsearch/reference/7.9/slm-api-get-status.html
-
put_lifecycle
(policy_id, body=None, params=None, headers=None)¶ Creates or updates a snapshot lifecycle policy. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/slm-api-put-policy.html
Parameters: - policy_id – The id of the snapshot lifecycle policy
- body – The snapshot lifecycle policy definition to register
-
start
(params=None, headers=None)¶ Turns on snapshot lifecycle management (SLM). https://www.elastic.co/guide/en/elasticsearch/reference/7.9/slm-api-start.html
-
stop
(params=None, headers=None)¶ Turns off snapshot lifecycle management (SLM). https://www.elastic.co/guide/en/elasticsearch/reference/7.9/slm-api-stop.html
-
Searchable Snapshots APIs¶
Searchable Snapshots API used to perform searchable snapshots operations.
-
class
elasticsearch.client.searchable_snapshots.
SearchableSnapshotsClient
(client)¶ -
clear_cache
(index=None, params=None, headers=None)¶ Clear the cache of searchable snapshots. https://www.elastic.co/guide/en/elasticsearch/reference/current/searchable-snapshots-api-clear-cache.html
Parameters: - index – A comma-separated list of index name to limit the operation
- allow_no_indices – Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
- expand_wildcards – Whether to expand wildcard expression to concrete indices that are open, closed or both. Valid choices: open, closed, none, all Default: open
- ignore_unavailable – Whether specified concrete indices should be ignored when unavailable (missing or closed)
-
mount
(repository, snapshot, body, params=None, headers=None)¶ Mount a snapshot as a searchable index. https://www.elastic.co/guide/en/elasticsearch/reference/current/searchable-snapshots-api-mount-snapshot.html
Parameters: - repository – The name of the repository containing the snapshot of the index to mount
- snapshot – The name of the snapshot of the index to mount
- body – The restore configuration for mounting the snapshot as searchable
- master_timeout – Explicit operation timeout for connection to master node
- wait_for_completion – Should this request wait until the operation has completed before returning
-
repository_stats
(repository, params=None, headers=None)¶ Retrieve usage statistics about a snapshot repository. https://www.elastic.co/guide/en/elasticsearch/reference/current/searchable-snapshots-repository-stats.html
Parameters: repository – The repository for which to get the stats for
-
stats
(index=None, params=None, headers=None)¶ Retrieve various statistics about searchable snapshots. https://www.elastic.co/guide/en/elasticsearch/reference/current/searchable-snapshots-api-stats.html
Parameters: index – A comma-separated list of index names
-
Index Lifecycle Management APIs¶
Index Lifecycle Management API used to set up policies to automatically manage the index lifecycle.
-
class
elasticsearch.client.ilm.
IlmClient
(client)¶ -
delete_lifecycle
(policy, params=None, headers=None)¶ Deletes the specified lifecycle policy definition. A currently used policy cannot be deleted. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ilm-delete-lifecycle.html
Parameters: policy – The name of the index lifecycle policy
-
explain_lifecycle
(index, params=None, headers=None)¶ Retrieves information about the index’s current lifecycle state, such as the currently executing phase, action, and step. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ilm-explain-lifecycle.html
Parameters: - index – The name of the index to explain
- only_errors – filters the indices included in the response to ones in an ILM error state, implies only_managed
- only_managed – filters the indices included in the response to ones managed by ILM
-
get_lifecycle
(policy=None, params=None, headers=None)¶ Returns the specified policy definition. Includes the policy version and last modified date. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ilm-get-lifecycle.html
Parameters: policy – The name of the index lifecycle policy
-
get_status
(params=None, headers=None)¶ Retrieves the current index lifecycle management (ILM) status. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ilm-get-status.html
-
move_to_step
(index, body=None, params=None, headers=None)¶ Manually moves an index into the specified step and executes that step. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ilm-move-to-step.html
Parameters: - index – The name of the index whose lifecycle step is to change
- body – The new lifecycle step to move to
-
put_lifecycle
(policy, body=None, params=None, headers=None)¶ Creates a lifecycle policy https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ilm-put-lifecycle.html
Parameters: - policy – The name of the index lifecycle policy
- body – The lifecycle policy definition to register
-
remove_policy
(index, params=None, headers=None)¶ Removes the assigned lifecycle policy and stops managing the specified index https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ilm-remove-policy.html
Parameters: index – The name of the index to remove policy on
-
retry
(index, params=None, headers=None)¶ Retries executing the policy for an index that is in the ERROR step. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ilm-retry-policy.html
Parameters: index – The name of the indices (comma-separated) whose failed lifecycle step is to be retry
-
start
(params=None, headers=None)¶ Start the index lifecycle management (ILM) plugin. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ilm-start.html
-
stop
(params=None, headers=None)¶ Halts all lifecycle management operations and stops the index lifecycle management (ILM) plugin https://www.elastic.co/guide/en/elasticsearch/reference/7.9/ilm-stop.html
-
Transform APIs¶
Transform API manages transformation operations from grabbing data from source indices, transforms it, and saves it to a destination index.
-
class
elasticsearch.client.transform.
TransformClient
(client)¶ -
delete_transform
(transform_id, params=None, headers=None)¶ Deletes an existing transform. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/delete-transform.html
Parameters: - transform_id – The id of the transform to delete
- force – When true, the transform is deleted regardless of its current state. The default value is false, meaning that the transform must be stopped before it can be deleted.
-
get_transform
(transform_id=None, params=None, headers=None)¶ Retrieves configuration information for transforms. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/get-transform.html
Parameters: - transform_id – The id or comma delimited list of id expressions of the transforms to get, ‘_all’ or ‘*’ implies get all transforms
- allow_no_match – Whether to ignore if a wildcard expression matches no transforms. (This includes _all string or when no transforms have been specified)
- from – skips a number of transform configs, defaults to 0
- size – specifies a max number of transforms to get, defaults to 100
-
get_transform_stats
(transform_id, params=None, headers=None)¶ Retrieves usage information for transforms. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/get-transform-stats.html
Parameters: - transform_id – The id of the transform for which to get stats. ‘_all’ or ‘*’ implies all transforms
- allow_no_match – Whether to ignore if a wildcard expression matches no transforms. (This includes _all string or when no transforms have been specified)
- from – skips a number of transform stats, defaults to 0
- size – specifies a max number of transform stats to get, defaults to 100
-
preview_transform
(body, params=None, headers=None)¶ Previews a transform. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/preview-transform.html
Parameters: body – The definition for the transform to preview
-
put_transform
(transform_id, body, params=None, headers=None)¶ Instantiates a transform. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/put-transform.html
Parameters: - transform_id – The id of the new transform.
- body – The transform definition
- defer_validation – If validations should be deferred until transform starts, defaults to false.
-
start_transform
(transform_id, params=None, headers=None)¶ Starts one or more transforms. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/start-transform.html
Parameters: - transform_id – The id of the transform to start
- timeout – Controls the time to wait for the transform to start
-
stop_transform
(transform_id, params=None, headers=None)¶ Stops one or more transforms. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/stop-transform.html
Parameters: - transform_id – The id of the transform to stop
- allow_no_match – Whether to ignore if a wildcard expression matches no transforms. (This includes _all string or when no transforms have been specified)
- force – Whether to force stop a failed transform or not. Default to false
- timeout – Controls the time to wait until the transform has stopped. Default to 30 seconds
- wait_for_checkpoint – Whether to wait for the transform to reach a checkpoint before stopping. Default to false
- wait_for_completion – Whether to wait for the transform to fully stop before returning or not. Default to false
-
update_transform
(transform_id, body, params=None, headers=None)¶ Updates certain properties of a transform. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/update-transform.html
Parameters: - transform_id – The id of the transform.
- body – The update transform definition
- defer_validation – If validations should be deferred until transform starts, defaults to false.
-
Deprecation APIs¶
Deprecation API used to retrieve information about different cluster, node, and index level settings that use deprecated features that will be removed or changed in the next major version.
-
class
elasticsearch.client.deprecation.
DeprecationClient
(client)¶ -
info
(index=None, params=None, headers=None)¶ https://www.elastic.co/guide/en/migration/7.x/migration-api-deprecation.html
Parameters: index – Index pattern
-