Skip to content

[DOCS] Add top-level EQL docs page. Adds EQL requirements page. #51334

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jan 27, 2020
Merged

[DOCS] Add top-level EQL docs page. Adds EQL requirements page. #51334

merged 3 commits into from
Jan 27, 2020

Conversation

jrodewig
Copy link
Contributor

Changes

  • Creates a top-level page for EQL in the ES reference.
    This page contains a high-level introduction and will include a nav for other EQL docs pages as they're built.

  • Creates a requirements page.
    This page outlines the fields needed to use EQL in ES.

Note to reviewers

This PR isn't intended to encompass all needed EQL docs. I'll be working incrementally to add new pages. However, the overview page is a required first step for adding those new pages.
@jrodewig jrodewig added >docs General docs changes WIP :Analytics/EQL EQL querying labels Jan 22, 2020
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-docs (>docs)
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-search (:Search/EQL)
@jrodewig
[DOCS] Add top-level EQL docs page. Adds EQL requirements page.
49dbcaa 
* **Creates a top-level page for EQL in the ES reference.** This page contains a high-level introduction and will include a nav for other EQL docs pages as they're built. * **Creates a requirements page.** This page outlines the fields needed to use EQL in ES.
@jrodewig jrodewig changed the title [DOCS] Add top-level EQL page and requirements [DOCS] Add top-level EQL docs page. Adds EQL requirements page. Jan 22, 2020
@jrodewig jrodewig mentioned this pull request Jan 22, 2020
Closed
35 tasks
aleksmaus
aleksmaus approved these changes Jan 22, 2020
View reviewed changes
Copy link
Contributor

@aleksmaus aleksmaus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, Thank you!
@jrodewig jrodewig removed the WIP label Jan 23, 2020
@jrodewig jrodewig marked this pull request as ready for review January 23, 2020 14:52
jrodewig
jrodewig commented Jan 23, 2020
View reviewed changes
docs/reference/eql/index.asciidoc
Comment on lines +24 to +26
* Use {es} for threat hunting or other security use cases
* Search time-series data or logs, such as network or system logs
* Want an easy way to explore relationships between events
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@sethpayne Do you think this covers most of our major use cases for EQL within ES?
@jrodewig
Copy link
Contributor Author

@elasticmachine update branch
@jrodewig
Copy link
Contributor Author

Thanks @aleksmaus!
@jrodewig jrodewig merged commit 0a31b67 into elastic:master Jan 27, 2020
@jrodewig jrodewig deleted the docs__eql-top-reqs branch January 27, 2020 21:03
jrodewig added a commit that referenced this pull request Jan 27, 2020
@jrodewig
[DOCS] Add top-level EQL docs page. Adds EQL requirements page. (#51334)
65f49d0 
* Creates a top-level page for EQL in the ES reference. This page contains a high-level introduction and will include a nav for other EQL docs pages as they're built. * Creates a requirements page. This page outlines the fields needed to use EQL in ES.
@jrodewig
Copy link
Contributor Author

Backport commits

master 0a31b67
7.x 65f49d0
@aleksmaus aleksmaus mentioned this pull request Jan 29, 2020
Closed
5 tasks
@jrodewig jrodewig removed the v7.7.0 label Jan 30, 2020
@jrodewig jrodewig removed the v8.0.0 label Jan 30, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

:Analytics/EQL EQL querying >docs General docs changes

3 participants

@jrodewig @elasticmachine @aleksmaus