[DOCS] Document EQL support in Elasticsearch #51057

Closed

Assignees

Labels

:Analytics/EQLdocs"" muted="" aria-describedby="MDU6TGFiZWwyMzcxNQ==-tooltip :R5b96b:">>docsMetaTeam:DocsTeam:QL (Deprecated)

opened

on Jan 15, 2020

This is a meta issue to track the progress of documentation efforts for EQL support in Elasticsearch.
To monitor ongoing development, see #49581.

High-level content plan

Top-level EQL page (intro + nav) [DOCS] Add top-level EQL docs page. Adds EQL requirements page. #51334
EQL requirements [DOCS] Add top-level EQL docs page. Adds EQL requirements page. #51334
Run an EQL search [DOCS] Add basic EQL search tutorial docs #51574
- Add a Beats tip [DOCS] Adds Beats tip to EQL search docs #53292
- Specify timestamp and event type fields [DOCS] Add parameter examples to EQL search tutorial #52953
- Filter using query DSL [DOCS] Add parameter examples to EQL search tutorial #52953
- Async search [DOCS] EQL: Document async search submits #56704
EQL syntax reference [DOCS] Add EQL syntax page #51821
- Basic syntax (https://eql.readthedocs.io/en/latest/query-guide/index.html) [DOCS] Add EQL syntax page #51821
EQL function reference
- add [DOCS] EQL: Document math functions #55810
- between [DOCS] EQL: Document between function #54950
- cidrMatch [DOCS] EQL: Document cidrMatch function #54216
- concat [DOCS] EQL: Document concat function #56239
- divide [DOCS] EQL: Document math functions #55810
- endsWith [DOCS] EQL: Document endsWith function #54521
- indexOf [DOCS] EQL: Document indexOf function #55071
- length [DOCS] EQL: Document length function #54225
- match [DOCS] EQL: Document match function #56134
- modulo [DOCS] EQL: Document math functions #55810
- multiply [DOCS] EQL: Document math functions #55810
- number[DOCS] EQL: Document number function #56770
- startsWith [DOCS] EQL: Document startsWith function #54518
- string [DOCS] EQL: Document string function #55086
- stringContains [DOCS] EQL: Document stringContains function #54968
- substring [7.x] [DOCS] EQL: Document substring function (#53867) #54203
- subtract [DOCS] EQL: Document math functions #55810
- wildcard [DOCS] EQL: Document wildcard function #54086
EQL pipe reference [DOCS] EQL: Document head and tail pipes #58673
- head [DOCS] EQL: Document head and tail pipes #58673
- tail [DOCS] EQL: Document head and tail pipes #58673
Limitations (EQL features not supported in ES) [DOCS] Add EQL limitations page #52001
EQL search API documentation [DOCS] Document EQL search REST API #52384

Cleanup tasks

Remove/swap dev admonitions [DOCS] EQL: Prepare docs for release #59259
Remove ifdef statements for including docs (cf. [DOCS] Include docs on permanently unreleased branches only #51743, [DOCS] Document EQL search REST API #52384) [DOCS] EQL: Prepare docs for release #59259

Metadata

Assignees

jrodewig

Labels

:Analytics/EQLdocs"" muted="" aria-describedby="MDU6TGFiZWwyMzcxNQ==-tooltip :Ra5pmb:">>docsMetaTeam:DocsTeam:QL (Deprecated)

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests