[Maps] search bar docs (#34315) (#34491)

* [Maps] search bar docs * rename indexes to indicies and other text refinement feedback * add example queries * remove unused image * Update docs/maps/search.asciidoc Co-Authored-By: nreese <reese.nathan@gmail.com> * Update docs/maps/search.asciidoc Co-Authored-By: nreese <reese.nathan@gmail.com> * Update docs/maps/search.asciidoc Co-Authored-By: nreese <reese.nathan@gmail.com> * Update docs/maps/search.asciidoc Co-Authored-By: nreese <reese.nathan@gmail.com> * Update docs/maps/search.asciidoc Co-Authored-By: nreese <reese.nathan@gmail.com> * Update docs/maps/search.asciidoc Co-Authored-By: nreese <reese.nathan@gmail.com> * Update docs/maps/search.asciidoc Co-Authored-By: nreese <reese.nathan@gmail.com>
2025-04-24 01:38:56 -04:00 · 2019-04-03 16:16:49 -06:00 · 2019-04-03 16:16:49 -06:00 · 51ee25a149
commit 51ee25a149
parent 584bb9ee2f
5 changed files with 58 additions and 0 deletions
--- a/docs/maps/images/global_search_bar.png
+++ b/docs/maps/images/global_search_bar.png
--- a/docs/maps/images/global_search_multiple_indices_query1.png
+++ b/docs/maps/images/global_search_multiple_indices_query1.png
--- a/docs/maps/images/global_search_multiple_indices_query2.png
+++ b/docs/maps/images/global_search_multiple_indices_query2.png
--- a/docs/maps/index.asciidoc
+++ b/docs/maps/index.asciidoc
@ -18,3 +18,4 @@ include::maps-getting-started.asciidoc[]
 include::heatmap-layer.asciidoc[]
 include::tile-layer.asciidoc[]
 include::vector-layer.asciidoc[]
+include::search.asciidoc[]
--- a/docs/maps/search.asciidoc
+++ b/docs/maps/search.asciidoc
@ -0,0 +1,57 @@
+[role="xpack"]
+[[maps-search]]
+== Searching your data
+
+The **Maps** application embeds the query bar for real-time ad hoc search.
+Only layers requesting data from {es} are filtered when you submit a search request.
+
+You can create a layer that requests data from {es} from the following:
+
+* <<vector-layer>> with:
+
+** Documents source
+
+** Grid aggregation source
+
+** <<terms-join>>
+
+* <<heatmap-layer>> with Grid aggregation source
+
+[role="screenshot"]
+image::maps/images/global_search_bar.png[]
+
+
+[float]
+=== Searching across multiple indices
+
+Your map might contain multiple {es} indices.
+This can occur when your map contains two or more layers with {es} sources from different indices.
+This can also occur with a single layer with an {es} source and a <<terms-join>>.
+
+Searching across multiple indices might sometimes result in empty layers.
+The most common cause for empty layers are searches for a field that exists in one index, but does not exist in other indices.
+Add {ref}/mapping-index-field.html[_index] to your search to include documents from indices that do not contain a search field.
+
+For example, suppose you have a vector layer showing the `kibana_sample_data_logs` documents
+and another vector layer with `kibana_sample_data_flights` documents.
+(See <<add-sample-data, adding sample data>>
+to install the `kibana_sample_data_logs` and `kibana_sample_data_flights` indices.)
+
+If you query for
+--------------------------------------------------
+machine.os.keyword : "osx"
+--------------------------------------------------
+the `kibana_sample_data_flights` layer is empty because the index
+`kibana_sample_data_flights` does not contain the field `machine.os.keyword` and no documents match the query.
+
+[role="screenshot"]
+image::maps/images/global_search_multiple_indices_query1.png[]
+
+If you instead query for
+--------------------------------------------------
+machine.os.keyword : "osx" or _index : "kibana_sample_data_flights"
+--------------------------------------------------
+the `kibana_sample_data_flights` layer includes data.
+
+[role="screenshot"]
+image::maps/images/global_search_multiple_indices_query2.png[]