github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-06-28 11:05:39 -04:00
Code Issues Projects Releases Packages Wiki Activity
kibana/docs
History
Kevin Lacabane 0b3f4fbd3c
[eem] _search endpoint / initial entity manager UI (#199609) 
## Summary

- create `_search` endpoint to discover entities with esql queries. It
currently reads sources of the provided `type` from
`kibana_entity_definitions` index. Run this query to insert a
definition:
```
POST kibana_entity_definitions/_doc
{
    "entity_type": "service",
    "index_patterns": ["remote_cluster:logs-*"],
    "metadata_fields": [],
    "identity_fields": ["service.name"],
    "filters": [],
    "timestamp_field": "@timestamp"
}
```

By default `_search` will look at data in the last 5m. The lookup period
can be overriden by providing `start`/`end` parameters in ISO format. It
also accepts a `limit` to specify the number of entities returned which
defaults to 10

```
POST kbn:/internal/entities/v2/_search
{
    "type": "service",
    "start": "2024-11-19T20:40:00.000Z",
    "end": "2024-11-19T20:50:00.000Z",
    "limit": 20
}
```

- create `_search/preview` endpoint to preview output of entity sources
without persisting them
 
- create UI to preview results of an entity definition at
`/app/entity_manager`. The application is living in its own plugin at
`observability_solution/entity_manager_app`
![Screenshot 2024-11-11 at 11 37
18](https://github.com/user-attachments/assets/f284342d-21a3-4ba1-be94-38cff311266c)

---------

Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Milton Hultgren <miltonhultgren@gmail.com>
2024-11-22 16:12:04 +01:00
..
api [Synthetics] Refactor bulk delete monitor and params routes !! (#195420) 2024-11-07 10:51:56 +01:00
canvas [Docs] Update nav instructions and sample data installation to accommodate for the solution views (#199163) 2024-11-08 11:10:32 +01:00
concepts [Docs] Update nav instructions and sample data installation to accommodate for the solution views (#199163) 2024-11-08 11:10:32 +01:00
dev-tools [Docs] Update nav instructions and sample data installation to accommodate for the solution views (#199163) 2024-11-08 11:10:32 +01:00
developer [eem] _search endpoint / initial entity manager UI (#199609) 2024-11-22 16:12:04 +01:00
development/plugins/expressions/public Remove old doc generation system for core APIs (#134313) 2022-06-21 17:43:17 +02:00
discover [Docs] Discover docs updates (#198423) 2024-11-08 12:12:05 +01:00
fleet [Docs] Update nav instructions and sample data installation to accommodate for the solution views (#199163) 2024-11-08 11:10:32 +01:00
getting-started [Docs] Update nav instructions and sample data installation to accommodate for the solution views (#199163) 2024-11-08 11:10:32 +01:00
management [DOCS] Remove inference connector docs (#198633) 2024-11-12 11:56:37 -06:00
maps [Docs] Update nav instructions and sample data installation to accommodate for the solution views (#199163) 2024-11-08 11:10:32 +01:00
migration [Docs] Reset release files for 9.0 (#199519) 2024-11-22 10:24:10 +01:00
observability Remove APM documentation from Kibana repo and Guide (#179981) 2024-08-06 20:08:07 +00:00
osquery [Docs] Update nav instructions and sample data installation to accommodate for the solution views (#199163) 2024-11-08 11:10:32 +01:00
search [DOCS] Search AI assistant (#199602) 2024-11-12 10:21:31 +00:00
settings [Reporting] Remove "download CSV" export type functionality, Part 2 (#201010) 2024-11-22 08:04:56 -07:00
setup [Docs] Reset release files for 9.0 (#199519) 2024-11-22 10:24:10 +01:00
siem (Doc-) duplicate sections to SIEM docs (#188376) 2024-08-08 16:45:22 -04:00
spaces [Docs] Update spaces docs with new solution view and permissions settings (#195648) 2024-10-21 11:06:03 +02:00
user [Docs] Reset release files for 9.0 (#199519) 2024-11-22 10:24:10 +01:00
accessibility.asciidoc
action-type-template.asciidoc [DOCS][API] Add TheHive connector config and secrets (#192424) 2024-09-11 16:39:55 -07:00
CHANGELOG.asciidoc [Docs] Reset release files for 9.0 (#199519) 2024-11-22 10:24:10 +01:00
gs-index.asciidoc [DOCS] Remove or move book-scoped attributes (#155210) 2023-04-20 09:12:09 -07:00
index.asciidoc [Docs] remove Kibana book-scoped variables (#178676) 2024-03-14 11:53:33 -04:00
index.x.asciidoc
landing-page.asciidoc [DOCS] Search landing page updates (#196131) 2024-10-14 15:53:21 +02:00
limitations.asciidoc [DOCS] Reallocates limitations to point-of-use (#79582) 2020-11-19 10:49:27 -06:00
migration.asciidoc [Docs] Reset release files for 9.0 (#199519) 2024-11-22 10:24:10 +01:00
redirects.asciidoc [Docs] Reset release files for 9.0 (#199519) 2024-11-22 10:24:10 +01:00
rule-type-template.asciidoc [DOCS] Create and manage rule action frequencies (#150957) 2023-02-23 13:16:46 -08:00
template.asciidoc [DOCS] Remove snapshot and restore docs (#114836) 2021-11-16 16:59:24 -05:00
upgrade-notes.asciidoc [Docs] Reset release files for 9.0 (#199519) 2024-11-22 10:24:10 +01:00