API Reference

edit

bulk

edit

Allows to perform multiple index/update/delete operations in a single request.

Endpoint documentation

client.bulk({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string): Default index for items which don’t provide one
    • operations (Optional, { index, create, update, delete } | { detect_noop, doc, doc_as_upsert, script, scripted_upsert, _source, upsert } | object[])
    • pipeline (Optional, string): The pipeline id to preprocess incoming documents with
    • refresh (Optional, Enum(true | false | "wait_for")): If true then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false (the default) then do nothing with refreshes.
    • routing (Optional, string): Specific routing value
    • _source (Optional, boolean | string | string[]): True or false to return the _source field or not, or default list of fields to return, can be overridden on each sub-request
    • _source_excludes (Optional, string | string[]): Default list of fields to exclude from the returned _source field, can be overridden on each sub-request
    • _source_includes (Optional, string | string[]): Default list of fields to extract and return from the _source field, can be overridden on each sub-request
    • timeout (Optional, string | -1 | 0): Explicit operation timeout
    • wait_for_active_shards (Optional, number | Enum("all" | "index-setting")): Sets the number of shard copies that must be active before proceeding with the bulk operation. Defaults to 1, meaning the primary shard only. Set to all for all shard copies, otherwise set to any non-negative value less than or equal to the total number of copies for the shard (number of replicas + 1)
    • require_alias (Optional, boolean): Sets require_alias for all incoming documents. Defaults to unset (false)

clear_scroll

edit

Explicitly clears the search context for a scroll.

Endpoint documentation

client.clearScroll({ ... })

Arguments

edit
  • Request (object):

    • scroll_id (Optional, string | string[]): A list of scroll IDs to clear

close_point_in_time

edit

Close a point in time

Endpoint documentation

client.closePointInTime({ id })

Arguments

edit
  • Request (object):

    • id (string)

count

edit

Returns number of documents matching a query.

Endpoint documentation

client.count({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): A list of indices to restrict the results
    • query (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type })
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • analyzer (Optional, string): The analyzer to use for the query string
    • analyze_wildcard (Optional, boolean): Specify whether wildcard and prefix queries should be analyzed (default: false)
    • default_operator (Optional, Enum("and" | "or")): The default operator for query string query (AND or OR)
    • df (Optional, string): The field to use as default where no field prefix is given in the query string
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • ignore_throttled (Optional, boolean): Whether specified concrete, expanded or aliased indices should be ignored when throttled
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • lenient (Optional, boolean): Specify whether format-based query failures (such as providing text to a numeric field) should be ignored
    • min_score (Optional, number): Include only documents with a specific _score value in the result
    • preference (Optional, string): Specify the node or shard the operation should be performed on (default: random)
    • routing (Optional, string): A list of specific routing values
    • terminate_after (Optional, number): The maximum count for each shard, upon reaching which the query execution will terminate early
    • q (Optional, string): Query in the Lucene query string syntax

create

edit

Creates a new document in the index.

Returns a 409 response when a document with a same ID already exists in the index.

Endpoint documentation

client.create({ id, index })

Arguments

edit
  • Request (object):

    • id (string): Document ID
    • index (string): The name of the index
    • document (Optional, object): A document.
    • pipeline (Optional, string): The pipeline id to preprocess incoming documents with
    • refresh (Optional, Enum(true | false | "wait_for")): If true then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false (the default) then do nothing with refreshes.
    • routing (Optional, string): Specific routing value
    • timeout (Optional, string | -1 | 0): Explicit operation timeout
    • version (Optional, number): Explicit version number for concurrency control
    • version_type (Optional, Enum("internal" | "external" | "external_gte" | "force")): Specific version type
    • wait_for_active_shards (Optional, number | Enum("all" | "index-setting")): Sets the number of shard copies that must be active before proceeding with the index operation. Defaults to 1, meaning the primary shard only. Set to all for all shard copies, otherwise set to any non-negative value less than or equal to the total number of copies for the shard (number of replicas + 1)

delete

edit

Removes a document from the index.

Endpoint documentation

client.delete({ id, index })

Arguments

edit
  • Request (object):

    • id (string): The document ID
    • index (string): The name of the index
    • if_primary_term (Optional, number): only perform the delete operation if the last operation that has changed the document has the specified primary term
    • if_seq_no (Optional, number): only perform the delete operation if the last operation that has changed the document has the specified sequence number
    • refresh (Optional, Enum(true | false | "wait_for")): If true then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false (the default) then do nothing with refreshes.
    • routing (Optional, string): Specific routing value
    • timeout (Optional, string | -1 | 0): Explicit operation timeout
    • version (Optional, number): Explicit version number for concurrency control
    • version_type (Optional, Enum("internal" | "external" | "external_gte" | "force")): Specific version type
    • wait_for_active_shards (Optional, number | Enum("all" | "index-setting")): Sets the number of shard copies that must be active before proceeding with the delete operation. Defaults to 1, meaning the primary shard only. Set to all for all shard copies, otherwise set to any non-negative value less than or equal to the total number of copies for the shard (number of replicas + 1)

delete_by_query

edit

Deletes documents matching the provided query.

Endpoint documentation

client.deleteByQuery({ index })

Arguments

edit
  • Request (object):

    • index (string | string[]): A list of index names to search; use _all or empty string to perform the operation on all indices
    • max_docs (Optional, number)
    • query (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type })
    • slice (Optional, { field, id, max })
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • analyzer (Optional, string): The analyzer to use for the query string
    • analyze_wildcard (Optional, boolean): Specify whether wildcard and prefix queries should be analyzed (default: false)
    • conflicts (Optional, Enum("abort" | "proceed")): What to do when the delete by query hits version conflicts?
    • default_operator (Optional, Enum("and" | "or")): The default operator for query string query (AND or OR)
    • df (Optional, string): The field to use as default where no field prefix is given in the query string
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • from (Optional, number): Starting offset (default: 0)
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • lenient (Optional, boolean): Specify whether format-based query failures (such as providing text to a numeric field) should be ignored
    • preference (Optional, string): Specify the node or shard the operation should be performed on (default: random)
    • refresh (Optional, boolean): Should the affected indexes be refreshed?
    • request_cache (Optional, boolean): Specify if request cache should be used for this request or not, defaults to index level setting
    • requests_per_second (Optional, float): The throttle for this request in sub-requests per second. -1 means no throttle.
    • routing (Optional, string): A list of specific routing values
    • q (Optional, string): Query in the Lucene query string syntax
    • scroll (Optional, string | -1 | 0): Specify how long a consistent view of the index should be maintained for scrolled search
    • scroll_size (Optional, number): Size on the scroll request powering the delete by query
    • search_timeout (Optional, string | -1 | 0): Explicit timeout for each search request. Defaults to no timeout.
    • search_type (Optional, Enum("query_then_fetch" | "dfs_query_then_fetch")): Search operation type
    • slices (Optional, number | Enum("auto")): The number of slices this task should be divided into. Defaults to 1, meaning the task isn’t sliced into subtasks. Can be set to auto.
    • sort (Optional, string[]): A list of <field>:<direction> pairs
    • stats (Optional, string[]): Specific tag of the request for logging and statistical purposes
    • terminate_after (Optional, number): The maximum number of documents to collect for each shard, upon reaching which the query execution will terminate early.
    • timeout (Optional, string | -1 | 0): Time each individual bulk request should wait for shards that are unavailable.
    • version (Optional, boolean): Specify whether to return document version as part of a hit
    • wait_for_active_shards (Optional, number | Enum("all" | "index-setting")): Sets the number of shard copies that must be active before proceeding with the delete by query operation. Defaults to 1, meaning the primary shard only. Set to all for all shard copies, otherwise set to any non-negative value less than or equal to the total number of copies for the shard (number of replicas + 1)
    • wait_for_completion (Optional, boolean): Should the request should block until the delete by query is complete.

delete_by_query_rethrottle

edit

Changes the number of requests per second for a particular Delete By Query operation.

Endpoint documentation

client.deleteByQueryRethrottle({ task_id })

Arguments

edit
  • Request (object):

    • task_id (string | number): The task id to rethrottle
    • requests_per_second (Optional, float): The throttle to set on this request in floating sub-requests per second. -1 means set no throttle.

delete_script

edit

Deletes a script.

Endpoint documentation

client.deleteScript({ id })

Arguments

edit
  • Request (object):

    • id (string): Script ID
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • timeout (Optional, string | -1 | 0): Explicit operation timeout

exists

edit

Returns information about whether a document exists in an index.

Endpoint documentation

client.exists({ id, index })

Arguments

edit
  • Request (object):

    • id (string): The document ID
    • index (string): The name of the index
    • preference (Optional, string): Specify the node or shard the operation should be performed on (default: random)
    • realtime (Optional, boolean): Specify whether to perform the operation in realtime or search mode
    • refresh (Optional, boolean): Refresh the shard containing the document before performing the operation
    • routing (Optional, string): Specific routing value
    • _source (Optional, boolean | string | string[]): True or false to return the _source field or not, or a list of fields to return
    • _source_excludes (Optional, string | string[]): A list of fields to exclude from the returned _source field
    • _source_includes (Optional, string | string[]): A list of fields to extract and return from the _source field
    • stored_fields (Optional, string | string[]): A list of stored fields to return in the response
    • version (Optional, number): Explicit version number for concurrency control
    • version_type (Optional, Enum("internal" | "external" | "external_gte" | "force")): Specific version type

exists_source

edit

Returns information about whether a document source exists in an index.

Endpoint documentation

client.existsSource({ id, index })

Arguments

edit
  • Request (object):

    • id (string): The document ID
    • index (string): The name of the index
    • preference (Optional, string): Specify the node or shard the operation should be performed on (default: random)
    • realtime (Optional, boolean): Specify whether to perform the operation in realtime or search mode
    • refresh (Optional, boolean): Refresh the shard containing the document before performing the operation
    • routing (Optional, string): Specific routing value
    • _source (Optional, boolean | string | string[]): True or false to return the _source field or not, or a list of fields to return
    • _source_excludes (Optional, string | string[]): A list of fields to exclude from the returned _source field
    • _source_includes (Optional, string | string[]): A list of fields to extract and return from the _source field
    • version (Optional, number): Explicit version number for concurrency control
    • version_type (Optional, Enum("internal" | "external" | "external_gte" | "force")): Specific version type

explain

edit

Returns information about why a specific matches (or doesn’t match) a query.

Endpoint documentation

client.explain({ id, index })

Arguments

edit
  • Request (object):

    • id (string): The document ID
    • index (string): The name of the index
    • query (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type })
    • analyzer (Optional, string): The analyzer for the query string query
    • analyze_wildcard (Optional, boolean): Specify whether wildcards and prefix queries in the query string query should be analyzed (default: false)
    • default_operator (Optional, Enum("and" | "or")): The default operator for query string query (AND or OR)
    • df (Optional, string): The default field for query string query (default: _all)
    • lenient (Optional, boolean): Specify whether format-based query failures (such as providing text to a numeric field) should be ignored
    • preference (Optional, string): Specify the node or shard the operation should be performed on (default: random)
    • routing (Optional, string): Specific routing value
    • _source (Optional, boolean | string | string[]): True or false to return the _source field or not, or a list of fields to return
    • _source_excludes (Optional, string | string[]): A list of fields to exclude from the returned _source field
    • _source_includes (Optional, string | string[]): A list of fields to extract and return from the _source field
    • stored_fields (Optional, string | string[]): A list of stored fields to return in the response
    • q (Optional, string): Query in the Lucene query string syntax

field_caps

edit

Returns the information about the capabilities of fields among multiple indices.

Endpoint documentation

client.fieldCaps({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): List of data streams, indices, and aliases used to limit the request. Supports wildcards (*). To target all data streams and indices, omit this parameter or use * or _all.
    • fields (Optional, string | string[]): List of fields to retrieve capabilities for. Wildcard (*) expressions are supported.
    • index_filter (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type }): Allows to filter indices if the provided query rewrites to match_none on every shard.
    • runtime_mappings (Optional, Record<string, { fetch_fields, format, input_field, target_field, target_index, script, type }>): Defines ad-hoc runtime fields in the request similar to the way it is done in search requests. These fields exist only as part of the query and take precedence over fields defined with the same name in the index mappings.
    • allow_no_indices (Optional, boolean): If false, the request returns an error if any wildcard expression, index alias, or _all value targets only missing or closed indices. This behavior applies even if the request targets other open indices. For example, a request targeting foo*,bar* returns an error if an index starts with foo but no index starts with bar.
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Type of index that wildcard patterns can match. If the request can target data streams, this argument determines whether wildcard expressions match hidden data streams. Supports a list of values, such as open,hidden.
    • ignore_unavailable (Optional, boolean): If true, missing or closed indices are not included in the response.
    • include_unmapped (Optional, boolean): If true, unmapped fields are included in the response.
    • filters (Optional, string): An optional set of filters: can include +metadata,-metadata,-nested,-multifield,-parent
    • types (Optional, string[]): Only return results for fields that have one of the types in the list

get

edit

Returns a document.

Endpoint documentation

client.get({ id, index })

Arguments

edit
  • Request (object):

    • id (string): Unique identifier of the document.
    • index (string): Name of the index that contains the document.
    • preference (Optional, string): Specifies the node or shard the operation should be performed on. Random by default.
    • realtime (Optional, boolean): Boolean) If true, the request is real-time as opposed to near-real-time.
    • refresh (Optional, boolean): If true, Elasticsearch refreshes the affected shards to make this operation visible to search. If false, do nothing with refreshes.
    • routing (Optional, string): Target the specified primary shard.
    • _source (Optional, boolean | string | string[]): True or false to return the _source field or not, or a list of fields to return.
    • _source_excludes (Optional, string | string[]): A list of source fields to exclude in the response.
    • _source_includes (Optional, string | string[]): A list of source fields to include in the response.
    • stored_fields (Optional, string | string[]): A list of stored fields to return in the response
    • version (Optional, number): Explicit version number for concurrency control. The specified version must match the current version of the document for the request to succeed.
    • version_type (Optional, Enum("internal" | "external" | "external_gte" | "force")): Specific version type: internal, external, external_gte.

get_script

edit

Returns a script.

Endpoint documentation

client.getScript({ id })

Arguments

edit
  • Request (object):

    • id (string): Script ID
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master

get_script_context

edit

Returns all script contexts.

Endpoint documentation

client.getScriptContext()

get_script_languages

edit

Returns available script types, languages and contexts

Endpoint documentation

client.getScriptLanguages()

get_source

edit

Returns the source of a document.

Endpoint documentation

client.getSource({ id, index })

Arguments

edit
  • Request (object):

    • id (string): Unique identifier of the document.
    • index (string): Name of the index that contains the document.
    • preference (Optional, string): Specifies the node or shard the operation should be performed on. Random by default.
    • realtime (Optional, boolean): Boolean) If true, the request is real-time as opposed to near-real-time.
    • refresh (Optional, boolean): If true, Elasticsearch refreshes the affected shards to make this operation visible to search. If false, do nothing with refreshes.
    • routing (Optional, string): Target the specified primary shard.
    • _source (Optional, boolean | string | string[]): True or false to return the _source field or not, or a list of fields to return.
    • _source_excludes (Optional, string | string[]): A list of source fields to exclude in the response.
    • _source_includes (Optional, string | string[]): A list of source fields to include in the response.
    • stored_fields (Optional, string | string[])
    • version (Optional, number): Explicit version number for concurrency control. The specified version must match the current version of the document for the request to succeed.
    • version_type (Optional, Enum("internal" | "external" | "external_gte" | "force")): Specific version type: internal, external, external_gte.

health_report

edit

Returns the health of the cluster.

Endpoint documentation

client.healthReport({ ... })

Arguments

edit
  • Request (object):

    • feature (Optional, string | string[]): A feature of the cluster, as returned by the top-level health report API.
    • timeout (Optional, string | -1 | 0): Explicit operation timeout.
    • verbose (Optional, boolean): Opt-in for more information about the health of the system.
    • size (Optional, number): Limit the number of affected resources the health report API returns.

index

edit

Creates or updates a document in an index.

Endpoint documentation

client.index({ index })

Arguments

edit
  • Request (object):

    • index (string): The name of the index
    • id (Optional, string): Document ID
    • document (Optional, object): A document.
    • if_primary_term (Optional, number): only perform the index operation if the last operation that has changed the document has the specified primary term
    • if_seq_no (Optional, number): only perform the index operation if the last operation that has changed the document has the specified sequence number
    • op_type (Optional, Enum("index" | "create")): Explicit operation type. Defaults to index for requests with an explicit document ID, and to `create`for requests without an explicit document ID
    • pipeline (Optional, string): The pipeline id to preprocess incoming documents with
    • refresh (Optional, Enum(true | false | "wait_for")): If true then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false (the default) then do nothing with refreshes.
    • routing (Optional, string): Specific routing value
    • timeout (Optional, string | -1 | 0): Explicit operation timeout
    • version (Optional, number): Explicit version number for concurrency control
    • version_type (Optional, Enum("internal" | "external" | "external_gte" | "force")): Specific version type
    • wait_for_active_shards (Optional, number | Enum("all" | "index-setting")): Sets the number of shard copies that must be active before proceeding with the index operation. Defaults to 1, meaning the primary shard only. Set to all for all shard copies, otherwise set to any non-negative value less than or equal to the total number of copies for the shard (number of replicas + 1)
    • require_alias (Optional, boolean): When true, requires destination to be an alias. Default is false

info

edit

Returns basic information about the cluster.

Endpoint documentation

client.info()

knn_search

edit

Performs a kNN search.

Endpoint documentation

client.knnSearch({ index, knn })

Arguments

edit
  • Request (object):

    • index (string | string[]): A list of index names to search; use _all or to perform the operation on all indices
    • knn ({ field, query_vector, k, num_candidates }): kNN query to execute
    • _source (Optional, boolean | { excludes, includes }): Indicates which source fields are returned for matching documents. These fields are returned in the hits._source property of the search response.
    • docvalue_fields (Optional, { field, format, include_unmapped }[]): The request returns doc values for field names matching these patterns in the hits.fields property of the response. Accepts wildcard (*) patterns.
    • stored_fields (Optional, string | string[]): List of stored fields to return as part of a hit. If no fields are specified, no stored fields are included in the response. If this field is specified, the _source parameter defaults to false. You can pass _source: true to return both source fields and stored fields in the search response.
    • fields (Optional, string | string[]): The request returns values for field names matching these patterns in the hits.fields property of the response. Accepts wildcard (*) patterns.
    • filter (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type } | { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type }[]): Query to filter the documents that can match. The kNN search will return the top k documents that also match this filter. The value can be a single query or a list of queries. If filter isn’t provided, all documents are allowed to match.
    • routing (Optional, string): A list of specific routing values

mget

edit

Allows to get multiple documents in one request.

Endpoint documentation

client.mget({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string): Name of the index to retrieve documents from when ids are specified, or when a document in the docs array does not specify an index.
    • docs (Optional, { _id, _index, routing, _source, stored_fields, version, version_type }[]): The documents you want to retrieve. Required if no index is specified in the request URI.
    • ids (Optional, string | string[]): The IDs of the documents you want to retrieve. Allowed when the index is specified in the request URI.
    • preference (Optional, string): Specifies the node or shard the operation should be performed on. Random by default.
    • realtime (Optional, boolean): If true, the request is real-time as opposed to near-real-time.
    • refresh (Optional, boolean): If true, the request refreshes relevant shards before retrieving documents.
    • routing (Optional, string): Custom value used to route operations to a specific shard.
    • _source (Optional, boolean | string | string[]): True or false to return the _source field or not, or a list of fields to return.
    • _source_excludes (Optional, string | string[]): A list of source fields to exclude from the response. You can also use this parameter to exclude fields from the subset specified in _source_includes query parameter.
    • _source_includes (Optional, string | string[]): A list of source fields to include in the response. If this parameter is specified, only these source fields are returned. You can exclude fields from this subset using the _source_excludes query parameter. If the _source parameter is false, this parameter is ignored.
    • stored_fields (Optional, string | string[]): If true, retrieves the document fields stored in the index rather than the document _source.

msearch

edit

Allows to execute several search operations in one request.

Endpoint documentation

client.msearch({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): List of data streams, indices, and index aliases to search.
    • searches (Optional, { allow_no_indices, expand_wildcards, ignore_unavailable, index, preference, request_cache, routing, search_type, ccs_minimize_roundtrips, allow_partial_search_results, ignore_throttled } | { aggregations, collapse, query, explain, ext, stored_fields, docvalue_fields, knn, from, highlight, indices_boost, min_score, post_filter, profile, rescore, script_fields, search_after, size, sort, _source, fields, terminate_after, stats, timeout, track_scores, track_total_hits, version, runtime_mappings, seq_no_primary_term, pit, suggest }[])
    • allow_no_indices (Optional, boolean): If false, the request returns an error if any wildcard expression, index alias, or _all value targets only missing or closed indices. This behavior applies even if the request targets other open indices. For example, a request targeting foo*,bar* returns an error if an index starts with foo but no index starts with bar.
    • ccs_minimize_roundtrips (Optional, boolean): If true, network roundtrips between the coordinating node and remote clusters are minimized for cross-cluster search requests.
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Type of index that wildcard expressions can match. If the request can target data streams, this argument determines whether wildcard expressions match hidden data streams.
    • ignore_throttled (Optional, boolean): If true, concrete, expanded or aliased indices are ignored when frozen.
    • ignore_unavailable (Optional, boolean): If true, missing or closed indices are not included in the response.
    • max_concurrent_searches (Optional, number): Maximum number of concurrent searches the multi search API can execute.
    • max_concurrent_shard_requests (Optional, number): Maximum number of concurrent shard requests that each sub-search request executes per node.
    • pre_filter_shard_size (Optional, number): Defines a threshold that enforces a pre-filter roundtrip to prefilter search shards based on query rewriting if the number of shards the search request expands to exceeds the threshold. This filter roundtrip can limit the number of shards significantly if for instance a shard can not match any documents based on its rewrite method i.e., if date filters are mandatory to match but the shard bounds and the query are disjoint.
    • rest_total_hits_as_int (Optional, boolean): If true, hits.total are returned as an integer in the response. Defaults to false, which returns an object.
    • routing (Optional, string): Custom routing value used to route search operations to a specific shard.
    • search_type (Optional, Enum("query_then_fetch" | "dfs_query_then_fetch")): Indicates whether global term and document frequencies should be used when scoring returned documents.
    • typed_keys (Optional, boolean): Specifies whether aggregation and suggester names should be prefixed by their respective types in the response.

msearch_template

edit

Allows to execute several search template operations in one request.

Endpoint documentation

client.msearchTemplate({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): A list of index names to use as default
    • search_templates (Optional, { allow_no_indices, expand_wildcards, ignore_unavailable, index, preference, request_cache, routing, search_type, ccs_minimize_roundtrips, allow_partial_search_results, ignore_throttled } | { aggregations, collapse, query, explain, ext, stored_fields, docvalue_fields, knn, from, highlight, indices_boost, min_score, post_filter, profile, rescore, script_fields, search_after, size, sort, _source, fields, terminate_after, stats, timeout, track_scores, track_total_hits, version, runtime_mappings, seq_no_primary_term, pit, suggest }[])
    • ccs_minimize_roundtrips (Optional, boolean): Indicates whether network round-trips should be minimized as part of cross-cluster search requests execution
    • max_concurrent_searches (Optional, number): Controls the maximum number of concurrent searches the multi search api will execute
    • search_type (Optional, Enum("query_then_fetch" | "dfs_query_then_fetch")): Search operation type
    • rest_total_hits_as_int (Optional, boolean): Indicates whether hits.total should be rendered as an integer or an object in the rest search response
    • typed_keys (Optional, boolean): Specify whether aggregation and suggester names should be prefixed by their respective types in the response

mtermvectors

edit

Returns multiple termvectors in one request.

Endpoint documentation

client.mtermvectors({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string): The index in which the document resides.
    • docs (Optional, { _id, _index, routing, _source, stored_fields, version, version_type }[])
    • ids (Optional, string[])
    • fields (Optional, string | string[]): A list of fields to return. Applies to all returned documents unless otherwise specified in body "params" or "docs".
    • field_statistics (Optional, boolean): Specifies if document count, sum of document frequencies and sum of total term frequencies should be returned. Applies to all returned documents unless otherwise specified in body "params" or "docs".
    • offsets (Optional, boolean): Specifies if term offsets should be returned. Applies to all returned documents unless otherwise specified in body "params" or "docs".
    • payloads (Optional, boolean): Specifies if term payloads should be returned. Applies to all returned documents unless otherwise specified in body "params" or "docs".
    • positions (Optional, boolean): Specifies if term positions should be returned. Applies to all returned documents unless otherwise specified in body "params" or "docs".
    • preference (Optional, string): Specify the node or shard the operation should be performed on (default: random) .Applies to all returned documents unless otherwise specified in body "params" or "docs".
    • realtime (Optional, boolean): Specifies if requests are real-time as opposed to near-real-time (default: true).
    • routing (Optional, string): Specific routing value. Applies to all returned documents unless otherwise specified in body "params" or "docs".
    • term_statistics (Optional, boolean): Specifies if total term frequency and document frequency should be returned. Applies to all returned documents unless otherwise specified in body "params" or "docs".
    • version (Optional, number): Explicit version number for concurrency control
    • version_type (Optional, Enum("internal" | "external" | "external_gte" | "force")): Specific version type

open_point_in_time

edit

Open a point in time that can be used in subsequent searches

Endpoint documentation

client.openPointInTime({ index, keep_alive })

Arguments

edit
  • Request (object):

    • index (string | string[]): A list of index names to open point in time; use _all or empty string to perform the operation on all indices
    • keep_alive (string | -1 | 0): Specific the time to live for the point in time
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • preference (Optional, string): Specify the node or shard the operation should be performed on (default: random)
    • routing (Optional, string): Specific routing value
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.

ping

edit

Returns whether the cluster is running.

Endpoint documentation

client.ping()

put_script

edit

Creates or updates a script.

Endpoint documentation

client.putScript({ id, script })

Arguments

edit
  • Request (object):

    • id (string): Script ID
    • script ({ lang, options, source })
    • context (Optional, string): Script context
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • timeout (Optional, string | -1 | 0): Explicit operation timeout

rank_eval

edit

Allows to evaluate the quality of ranked search results over a set of typical search queries

Endpoint documentation

client.rankEval({ requests })

Arguments

edit
  • Request (object):

    • requests ({ id, request, ratings, template_id, params }[]): A set of typical search requests, together with their provided ratings.
    • index (Optional, string | string[]): List of data streams, indices, and index aliases used to limit the request. Wildcard (*) expressions are supported. To target all data streams and indices in a cluster, omit this parameter or use _all or *.
    • metric (Optional, { precision, recall, mean_reciprocal_rank, dcg, expected_reciprocal_rank }): Definition of the evaluation metric to calculate.
    • allow_no_indices (Optional, boolean): If false, the request returns an error if any wildcard expression, index alias, or _all value targets only missing or closed indices. This behavior applies even if the request targets other open indices. For example, a request targeting foo*,bar* returns an error if an index starts with foo but no index starts with bar.
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • ignore_unavailable (Optional, boolean): If true, missing or closed indices are not included in the response.
    • search_type (Optional, string): Search operation type

reindex

edit

Allows to copy documents from one index to another, optionally filtering the source documents by a query, changing the destination index settings, or fetching the documents from a remote cluster.

Endpoint documentation

client.reindex({ dest, source })

Arguments

edit
  • Request (object):

    • dest ({ index, op_type, pipeline, routing, version_type })
    • source ({ index, query, remote, size, slice, sort, _source, runtime_mappings })
    • conflicts (Optional, Enum("abort" | "proceed"))
    • max_docs (Optional, number)
    • script (Optional, { lang, options, source } | { id })
    • size (Optional, number)
    • refresh (Optional, boolean): Should the affected indexes be refreshed?
    • requests_per_second (Optional, float): The throttle to set on this request in sub-requests per second. -1 means no throttle.
    • scroll (Optional, string | -1 | 0): Control how long to keep the search context alive
    • slices (Optional, number | Enum("auto")): The number of slices this task should be divided into. Defaults to 1, meaning the task isn’t sliced into subtasks. Can be set to auto.
    • timeout (Optional, string | -1 | 0): Time each individual bulk request should wait for shards that are unavailable.
    • wait_for_active_shards (Optional, number | Enum("all" | "index-setting")): Sets the number of shard copies that must be active before proceeding with the reindex operation. Defaults to 1, meaning the primary shard only. Set to all for all shard copies, otherwise set to any non-negative value less than or equal to the total number of copies for the shard (number of replicas + 1)
    • wait_for_completion (Optional, boolean): Should the request should block until the reindex is complete.
    • require_alias (Optional, boolean)

reindex_rethrottle

edit

Changes the number of requests per second for a particular Reindex operation.

Endpoint documentation

client.reindexRethrottle({ task_id })

Arguments

edit
  • Request (object):

    • task_id (string): The task id to rethrottle
    • requests_per_second (Optional, float): The throttle to set on this request in floating sub-requests per second. -1 means set no throttle.

render_search_template

edit

Allows to use the Mustache language to pre-render a search definition.

Endpoint documentation

client.renderSearchTemplate({ ... })

Arguments

edit
  • Request (object):

    • id (Optional, string): The id of the stored search template
    • file (Optional, string)
    • params (Optional, Record<string, User-defined value>)
    • source (Optional, string)

scripts_painless_execute

edit

Allows an arbitrary script to be executed and a result to be returned

Endpoint documentation

client.scriptsPainlessExecute({ ... })

Arguments

edit
  • Request (object):

    • context (Optional, string)
    • context_setup (Optional, { document, index, query })
    • script (Optional, { lang, options, source })

scroll

edit

Allows to retrieve a large numbers of results from a single search request.

Endpoint documentation

client.scroll({ scroll_id })

Arguments

edit
  • Request (object):

    • scroll_id (string): Scroll ID of the search.
    • scroll (Optional, string | -1 | 0): Period to retain the search context for scrolling.
    • rest_total_hits_as_int (Optional, boolean): If true, the API response’s hit.total property is returned as an integer. If false, the API response’s hit.total property is returned as an object.

search

edit

Returns results matching a query.

Endpoint documentation

client.search({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): A list of index names to search; use _all or empty string to perform the operation on all indices
    • aggregations (Optional, Record<string, { aggregations, meta, adjacency_matrix, auto_date_histogram, avg, avg_bucket, boxplot, bucket_script, bucket_selector, bucket_sort, bucket_count_ks_test, bucket_correlation, cardinality, categorize_text, children, composite, cumulative_cardinality, cumulative_sum, date_histogram, date_range, derivative, diversified_sampler, extended_stats, extended_stats_bucket, frequent_item_sets, filter, filters, geo_bounds, geo_centroid, geo_distance, geohash_grid, geo_line, geotile_grid, geohex_grid, global, histogram, ip_range, ip_prefix, inference, line, matrix_stats, max, max_bucket, median_absolute_deviation, min, min_bucket, missing, moving_avg, moving_percentiles, moving_fn, multi_terms, nested, normalize, parent, percentile_ranks, percentiles, percentiles_bucket, range, rare_terms, rate, reverse_nested, sampler, scripted_metric, serial_diff, significant_terms, significant_text, stats, stats_bucket, string_stats, sum, sum_bucket, terms, top_hits, t_test, top_metrics, value_count, weighted_avg, variable_width_histogram }>)
    • collapse (Optional, { field, inner_hits, max_concurrent_group_searches, collapse })
    • explain (Optional, boolean): If true, returns detailed information about score computation as part of a hit.
    • ext (Optional, Record<string, User-defined value>): Configuration of search extensions defined by Elasticsearch plugins.
    • from (Optional, number): Starting document offset. By default, you cannot page through more than 10,000 hits using the from and size parameters. To page through more hits, use the search_after parameter.
    • highlight (Optional, { encoder, fields })
    • track_total_hits (Optional, boolean | number): Number of hits matching the query to count accurately. If true, the exact number of hits is returned at the cost of some performance. If false, the response does not include the total number of hits matching the query. Defaults to 10,000 hits.
    • indices_boost (Optional, Record<string, number>[]): Boosts the _score of documents from specified indices.
    • docvalue_fields (Optional, { field, format, include_unmapped }[]): Array of wildcard (*) patterns. The request returns doc values for field names matching these patterns in the hits.fields property of the response.
    • knn (Optional, { field, query_vector, query_vector_builder, k, num_candidates, boost, filter, similarity } | { field, query_vector, query_vector_builder, k, num_candidates, boost, filter, similarity }[]): Defines the approximate kNN search to run.
    • rank (Optional, { rrf }): Defines the Reciprocal Rank Fusion (RRF) to use
    • min_score (Optional, number): Minimum _score for matching documents. Documents with a lower _score are not included in the search results.
    • post_filter (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type })
    • profile (Optional, boolean)
    • query (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type }): Defines the search definition using the Query DSL.
    • rescore (Optional, { query, window_size } | { query, window_size }[])
    • script_fields (Optional, Record<string, { script, ignore_failure }>): Retrieve a script evaluation (based on different fields) for each hit.
    • search_after (Optional, number | number | string | boolean | null | User-defined value[])
    • size (Optional, number): The number of hits to return. By default, you cannot page through more than 10,000 hits using the from and size parameters. To page through more hits, use the search_after parameter.
    • slice (Optional, { field, id, max })
    • sort (Optional, string | { _score, _doc, _geo_distance, _script } | string | { _score, _doc, _geo_distance, _script }[])
    • _source (Optional, boolean | { excludes, includes }): Indicates which source fields are returned for matching documents. These fields are returned in the hits._source property of the search response.
    • fields (Optional, { field, format, include_unmapped }[]): Array of wildcard (*) patterns. The request returns values for field names matching these patterns in the hits.fields property of the response.
    • suggest (Optional, { text })
    • terminate_after (Optional, number): Maximum number of documents to collect for each shard. If a query reaches this limit, Elasticsearch terminates the query early. Elasticsearch collects documents before sorting. Defaults to 0, which does not terminate query execution early.
    • timeout (Optional, string): Specifies the period of time to wait for a response from each shard. If no response is received before the timeout expires, the request fails and returns an error. Defaults to no timeout.
    • track_scores (Optional, boolean): If true, calculate and return document scores, even if the scores are not used for sorting.
    • version (Optional, boolean): If true, returns document version as part of a hit.
    • seq_no_primary_term (Optional, boolean): If true, returns sequence number and primary term of the last modification of each hit. See Optimistic concurrency control.
    • stored_fields (Optional, string | string[]): List of stored fields to return as part of a hit. If no fields are specified, no stored fields are included in the response. If this field is specified, the _source parameter defaults to false. You can pass _source: true to return both source fields and stored fields in the search response.
    • pit (Optional, { id, keep_alive }): Limits the search to a point in time (PIT). If you provide a PIT, you cannot specify an <index> in the request path.
    • runtime_mappings (Optional, Record<string, { fetch_fields, format, input_field, target_field, target_index, script, type }>): Defines one or more runtime fields in the search request. These fields take precedence over mapped fields with the same name.
    • stats (Optional, string[]): Stats groups to associate with the search. Each group maintains a statistics aggregation for its associated searches. You can retrieve these stats using the indices stats API.
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • allow_partial_search_results (Optional, boolean): Indicate if an error should be returned if there is a partial search failure or timeout
    • analyzer (Optional, string): The analyzer to use for the query string
    • analyze_wildcard (Optional, boolean): Specify whether wildcard and prefix queries should be analyzed (default: false)
    • batched_reduce_size (Optional, number): The number of shard results that should be reduced at once on the coordinating node. This value should be used as a protection mechanism to reduce the memory overhead per search request if the potential number of shards in the request can be large.
    • ccs_minimize_roundtrips (Optional, boolean): Indicates whether network round-trips should be minimized as part of cross-cluster search requests execution
    • default_operator (Optional, Enum("and" | "or")): The default operator for query string query (AND or OR)
    • df (Optional, string): The field to use as default where no field prefix is given in the query string
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • ignore_throttled (Optional, boolean): Whether specified concrete, expanded or aliased indices should be ignored when throttled
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • lenient (Optional, boolean): Specify whether format-based query failures (such as providing text to a numeric field) should be ignored
    • max_concurrent_shard_requests (Optional, number): The number of concurrent shard requests per node this search executes concurrently. This value should be used to limit the impact of the search on the cluster in order to limit the number of concurrent shard requests
    • min_compatible_shard_node (Optional, string): The minimum compatible version that all shards involved in search should have for this request to be successful
    • preference (Optional, string): Specify the node or shard the operation should be performed on (default: random)
    • pre_filter_shard_size (Optional, number): A threshold that enforces a pre-filter roundtrip to prefilter search shards based on query rewriting if the number of shards the search request expands to exceeds the threshold. This filter roundtrip can limit the number of shards significantly if for instance a shard can not match any documents based on its rewrite method ie. if date filters are mandatory to match but the shard bounds and the query are disjoint.
    • request_cache (Optional, boolean): Specify if request cache should be used for this request or not, defaults to index level setting
    • routing (Optional, string): A list of specific routing values
    • scroll (Optional, string | -1 | 0): Specify how long a consistent view of the index should be maintained for scrolled search
    • search_type (Optional, Enum("query_then_fetch" | "dfs_query_then_fetch")): Search operation type
    • suggest_field (Optional, string): Specifies which field to use for suggestions.
    • suggest_mode (Optional, Enum("missing" | "popular" | "always")): Specify suggest mode
    • suggest_size (Optional, number): How many suggestions to return in response
    • suggest_text (Optional, string): The source text for which the suggestions should be returned.
    • typed_keys (Optional, boolean): Specify whether aggregation and suggester names should be prefixed by their respective types in the response
    • rest_total_hits_as_int (Optional, boolean): Indicates whether hits.total should be rendered as an integer or an object in the rest search response
    • _source_excludes (Optional, string | string[]): A list of fields to exclude from the returned _source field
    • _source_includes (Optional, string | string[]): A list of fields to extract and return from the _source field
    • q (Optional, string): Query in the Lucene query string syntax

search_mvt

edit

Searches a vector tile for geospatial values. Returns results as a binary Mapbox vector tile.

Endpoint documentation

client.searchMvt({ index, field, zoom, x, y })

Arguments

edit
  • Request (object):

    • index (string | string[]): List of data streams, indices, or aliases to search
    • field (string): Field containing geospatial data to return
    • zoom (number): Zoom level for the vector tile to search
    • x (number): X coordinate for the vector tile to search
    • y (number): Y coordinate for the vector tile to search
    • aggs (Optional, Record<string, { aggregations, meta, adjacency_matrix, auto_date_histogram, avg, avg_bucket, boxplot, bucket_script, bucket_selector, bucket_sort, bucket_count_ks_test, bucket_correlation, cardinality, categorize_text, children, composite, cumulative_cardinality, cumulative_sum, date_histogram, date_range, derivative, diversified_sampler, extended_stats, extended_stats_bucket, frequent_item_sets, filter, filters, geo_bounds, geo_centroid, geo_distance, geohash_grid, geo_line, geotile_grid, geohex_grid, global, histogram, ip_range, ip_prefix, inference, line, matrix_stats, max, max_bucket, median_absolute_deviation, min, min_bucket, missing, moving_avg, moving_percentiles, moving_fn, multi_terms, nested, normalize, parent, percentile_ranks, percentiles, percentiles_bucket, range, rare_terms, rate, reverse_nested, sampler, scripted_metric, serial_diff, significant_terms, significant_text, stats, stats_bucket, string_stats, sum, sum_bucket, terms, top_hits, t_test, top_metrics, value_count, weighted_avg, variable_width_histogram }>): Sub-aggregations for the geotile_grid.

Supports the following aggregation types: - avg - cardinality - max - min - sum buffer (Optional, number): Size, in pixels, of a clipping buffer outside the tile. This allows renderers to avoid outline artifacts from geometries that extend past the extent of the tile. exact_bounds (Optional, boolean): If false, the meta layer’s feature is the bounding box of the tile. If true, the meta layer’s feature is a bounding box resulting from a geo_bounds aggregation. The aggregation runs on <field> values that intersect the <zoom>/<x>/<y> tile with wrap_longitude set to false. The resulting bounding box may be larger than the vector tile. extent (Optional, number): Size, in pixels, of a side of the tile. Vector tiles are square with equal sides. fields (Optional, string | string[]): Fields to return in the hits layer. Supports wildcards (*). This parameter does not support fields with array values. Fields with array values may return inconsistent results. grid_agg (Optional, Enum("geotile" | "geohex")): Aggregation used to create a grid for the field. grid_precision (Optional, number): Additional zoom levels available through the aggs layer. For example, if <zoom> is 7 and grid_precision is 8, you can zoom in up to level 15. Accepts 0-8. If 0, results don’t include the aggs layer. grid_type (Optional, Enum("grid" | "point" | "centroid")): Determines the geometry type for features in the aggs layer. In the aggs layer, each feature represents a geotile_grid cell. If grid each feature is a Polygon of the cells bounding box. If point each feature is a Point that is the centroid of the cell. query (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type }): Query DSL used to filter documents for the search. runtime_mappings (Optional, Record<string, { fetch_fields, format, input_field, target_field, target_index, script, type }>): Defines one or more runtime fields in the search request. These fields take precedence over mapped fields with the same name. size (Optional, number): Maximum number of features to return in the hits layer. Accepts 0-10000. If 0, results don’t include the hits layer. sort (Optional, string | { _score, _doc, _geo_distance, _script } | string | { _score, _doc, _geo_distance, _script }[]): Sorts features in the hits layer. By default, the API calculates a bounding box for each feature. It sorts features based on this box’s diagonal length, from longest to shortest. track_total_hits (Optional, boolean | number): Number of hits matching the query to count accurately. If true, the exact number of hits is returned at the cost of some performance. If false, the response does not include the total number of hits matching the query. * *with_labels (Optional, boolean): If true, the hits and aggs layers will contain additional point features representing suggested label positions for the original features.

search_shards

edit

Returns information about the indices and shards that a search request would be executed against.

Endpoint documentation

client.searchShards({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): A list of index names to search; use _all or empty string to perform the operation on all indices
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • local (Optional, boolean): Return local information, do not retrieve the state from master node (default: false)
    • preference (Optional, string): Specify the node or shard the operation should be performed on (default: random)
    • routing (Optional, string): Specific routing value

search_template

edit

Allows to use the Mustache language to pre-render a search definition.

Endpoint documentation

client.searchTemplate({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): List of data streams, indices, and aliases to search. Supports wildcards (*).
    • explain (Optional, boolean)
    • id (Optional, string): ID of the search template to use. If no source is specified, this parameter is required.
    • params (Optional, Record<string, User-defined value>)
    • profile (Optional, boolean)
    • source (Optional, string): An inline search template. Supports the same parameters as the search API’s request body. Also supports Mustache variables. If no id is specified, this parameter is required.
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • ccs_minimize_roundtrips (Optional, boolean): Indicates whether network round-trips should be minimized as part of cross-cluster search requests execution
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • ignore_throttled (Optional, boolean): Whether specified concrete, expanded or aliased indices should be ignored when throttled
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • preference (Optional, string): Specify the node or shard the operation should be performed on (default: random)
    • routing (Optional, string): Custom value used to route operations to a specific shard.
    • scroll (Optional, string | -1 | 0): Specifies how long a consistent view of the index should be maintained for scrolled search.
    • search_type (Optional, Enum("query_then_fetch" | "dfs_query_then_fetch")): The type of the search operation.
    • rest_total_hits_as_int (Optional, boolean): If true, hits.total are rendered as an integer in the response.
    • typed_keys (Optional, boolean): Specify whether aggregation and suggester names should be prefixed by their respective types in the response

terms_enum

edit

The terms enum API can be used to discover terms in the index that begin with the provided string. It is designed for low-latency look-ups used in auto-complete scenarios.

Endpoint documentation

client.termsEnum({ index, field })

Arguments

edit
  • Request (object):

    • index (string): List of data streams, indices, and index aliases to search. Wildcard (*) expressions are supported.
    • field (string): The string to match at the start of indexed terms. If not provided, all terms in the field are considered.
    • size (Optional, number): How many matching terms to return.
    • timeout (Optional, string | -1 | 0): The maximum length of time to spend collecting results. Defaults to "1s" (one second). If the timeout is exceeded the complete flag set to false in the response and the results may be partial or empty.
    • case_insensitive (Optional, boolean): When true the provided search string is matched against index terms without case sensitivity.
    • index_filter (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type }): Allows to filter an index shard if the provided query rewrites to match_none.
    • string (Optional, string): The string after which terms in the index should be returned. Allows for a form of pagination if the last result from one request is passed as the search_after parameter for a subsequent request.
    • search_after (Optional, string)

termvectors

edit

Returns information and statistics about terms in the fields of a particular document.

Endpoint documentation

client.termvectors({ index })

Arguments

edit
  • Request (object):

    • index (string): The index in which the document resides.
    • id (Optional, string): The id of the document, when not specified a doc param should be supplied.
    • doc (Optional, object): A document.
    • filter (Optional, { max_doc_freq, max_num_terms, max_term_freq, max_word_length, min_doc_freq, min_term_freq, min_word_length })
    • per_field_analyzer (Optional, Record<string, string>)
    • fields (Optional, string | string[]): A list of fields to return.
    • field_statistics (Optional, boolean): Specifies if document count, sum of document frequencies and sum of total term frequencies should be returned.
    • offsets (Optional, boolean): Specifies if term offsets should be returned.
    • payloads (Optional, boolean): Specifies if term payloads should be returned.
    • positions (Optional, boolean): Specifies if term positions should be returned.
    • preference (Optional, string): Specify the node or shard the operation should be performed on (default: random).
    • realtime (Optional, boolean): Specifies if request is real-time as opposed to near-real-time (default: true).
    • routing (Optional, string): Specific routing value.
    • term_statistics (Optional, boolean): Specifies if total term frequency and document frequency should be returned.
    • version (Optional, number): Explicit version number for concurrency control
    • version_type (Optional, Enum("internal" | "external" | "external_gte" | "force")): Specific version type

update

edit

Updates a document with a script or partial document.

Endpoint documentation

client.update({ id, index })

Arguments

edit
  • Request (object):

    • id (string): Document ID
    • index (string): The name of the index
    • detect_noop (Optional, boolean): Set to false to disable setting result in the response to noop if no change to the document occurred.
    • doc (Optional, object): A partial update to an existing document.
    • doc_as_upsert (Optional, boolean): Set to true to use the contents of doc as the value of upsert
    • script (Optional, { lang, options, source } | { id }): Script to execute to update the document.
    • scripted_upsert (Optional, boolean): Set to true to execute the script whether or not the document exists.
    • _source (Optional, boolean | { excludes, includes }): Set to false to disable source retrieval. You can also specify a comma-separated list of the fields you want to retrieve.
    • upsert (Optional, object): If the document does not already exist, the contents of upsert are inserted as a new document. If the document exists, the script is executed.
    • if_primary_term (Optional, number): Only perform the operation if the document has this primary term.
    • if_seq_no (Optional, number): Only perform the operation if the document has this sequence number.
    • lang (Optional, string): The script language.
    • refresh (Optional, Enum(true | false | "wait_for")): If true, Elasticsearch refreshes the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false do nothing with refreshes.
    • require_alias (Optional, boolean): If true, the destination must be an index alias.
    • retry_on_conflict (Optional, number): Specify how many times should the operation be retried when a conflict occurs.
    • routing (Optional, string): Custom value used to route operations to a specific shard.
    • timeout (Optional, string | -1 | 0): Period to wait for dynamic mapping updates and active shards. This guarantees Elasticsearch waits for at least the timeout before failing. The actual wait time could be longer, particularly when multiple waits occur.
    • wait_for_active_shards (Optional, number | Enum("all" | "index-setting")): The number of shard copies that must be active before proceeding with the operations. Set to all or any positive integer up to the total number of shards in the index (number_of_replicas+1). Defaults to 1 meaning the primary shard.
    • _source_excludes (Optional, string | string[]): Specify the source fields you want to exclude.
    • _source_includes (Optional, string | string[]): Specify the source fields you want to retrieve.

update_by_query

edit

Performs an update on every document in the index without changing the source, for example to pick up a mapping change.

Endpoint documentation

client.updateByQuery({ index })

Arguments

edit
  • Request (object):

    • index (string | string[]): A list of index names to search; use _all or empty string to perform the operation on all indices
    • max_docs (Optional, number)
    • query (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type })
    • script (Optional, { lang, options, source } | { id })
    • slice (Optional, { field, id, max })
    • conflicts (Optional, Enum("abort" | "proceed"))
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • analyzer (Optional, string): The analyzer to use for the query string
    • analyze_wildcard (Optional, boolean): Specify whether wildcard and prefix queries should be analyzed (default: false)
    • default_operator (Optional, Enum("and" | "or")): The default operator for query string query (AND or OR)
    • df (Optional, string): The field to use as default where no field prefix is given in the query string
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • from (Optional, number): Starting offset (default: 0)
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • lenient (Optional, boolean): Specify whether format-based query failures (such as providing text to a numeric field) should be ignored
    • pipeline (Optional, string): Ingest pipeline to set on index requests made by this action. (default: none)
    • preference (Optional, string): Specify the node or shard the operation should be performed on (default: random)
    • refresh (Optional, boolean): Should the affected indexes be refreshed?
    • request_cache (Optional, boolean): Specify if request cache should be used for this request or not, defaults to index level setting
    • requests_per_second (Optional, float): The throttle to set on this request in sub-requests per second. -1 means no throttle.
    • routing (Optional, string): A list of specific routing values
    • scroll (Optional, string | -1 | 0): Specify how long a consistent view of the index should be maintained for scrolled search
    • scroll_size (Optional, number): Size on the scroll request powering the update by query
    • search_timeout (Optional, string | -1 | 0): Explicit timeout for each search request. Defaults to no timeout.
    • search_type (Optional, Enum("query_then_fetch" | "dfs_query_then_fetch")): Search operation type
    • slices (Optional, number | Enum("auto")): The number of slices this task should be divided into. Defaults to 1, meaning the task isn’t sliced into subtasks. Can be set to auto.
    • sort (Optional, string[]): A list of <field>:<direction> pairs
    • stats (Optional, string[]): Specific tag of the request for logging and statistical purposes
    • terminate_after (Optional, number): The maximum number of documents to collect for each shard, upon reaching which the query execution will terminate early.
    • timeout (Optional, string | -1 | 0): Time each individual bulk request should wait for shards that are unavailable.
    • version (Optional, boolean): Specify whether to return document version as part of a hit
    • version_type (Optional, boolean): Should the document increment the version number (internal) on hit or not (reindex)
    • wait_for_active_shards (Optional, number | Enum("all" | "index-setting")): Sets the number of shard copies that must be active before proceeding with the update by query operation. Defaults to 1, meaning the primary shard only. Set to all for all shard copies, otherwise set to any non-negative value less than or equal to the total number of copies for the shard (number of replicas + 1)
    • wait_for_completion (Optional, boolean): Should the request should block until the update by query operation is complete.

update_by_query_rethrottle

edit

Changes the number of requests per second for a particular Update By Query operation.

Endpoint documentation

client.updateByQueryRethrottle({ task_id })

Arguments

edit
  • Request (object):

    • task_id (string): The task id to rethrottle
    • requests_per_second (Optional, float): The throttle to set on this request in floating sub-requests per second. -1 means set no throttle.

async_search

edit

delete

edit

Deletes an async search by ID. If the search is still running, the search request will be cancelled. Otherwise, the saved search results are deleted.

Endpoint documentation

client.asyncSearch.delete({ id })

Arguments

edit
  • Request (object):

    • id (string): The async search ID

get

edit

Retrieves the results of a previously submitted async search request given its ID.

Endpoint documentation

client.asyncSearch.get({ id })

Arguments

edit
  • Request (object):

    • id (string): The async search ID
    • keep_alive (Optional, string | -1 | 0): Specify the time interval in which the results (partial or final) for this search will be available
    • typed_keys (Optional, boolean): Specify whether aggregation and suggester names should be prefixed by their respective types in the response
    • wait_for_completion_timeout (Optional, string | -1 | 0): Specify the time that the request should block waiting for the final response

status

edit

Retrieves the status of a previously submitted async search request given its ID.

Endpoint documentation

client.asyncSearch.status({ id })

Arguments

edit
  • Request (object):

    • id (string): The async search ID

submit

edit

Executes a search request asynchronously.

Endpoint documentation

client.asyncSearch.submit({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): A list of index names to search; use _all or empty string to perform the operation on all indices
    • aggregations (Optional, Record<string, { aggregations, meta, adjacency_matrix, auto_date_histogram, avg, avg_bucket, boxplot, bucket_script, bucket_selector, bucket_sort, bucket_count_ks_test, bucket_correlation, cardinality, categorize_text, children, composite, cumulative_cardinality, cumulative_sum, date_histogram, date_range, derivative, diversified_sampler, extended_stats, extended_stats_bucket, frequent_item_sets, filter, filters, geo_bounds, geo_centroid, geo_distance, geohash_grid, geo_line, geotile_grid, geohex_grid, global, histogram, ip_range, ip_prefix, inference, line, matrix_stats, max, max_bucket, median_absolute_deviation, min, min_bucket, missing, moving_avg, moving_percentiles, moving_fn, multi_terms, nested, normalize, parent, percentile_ranks, percentiles, percentiles_bucket, range, rare_terms, rate, reverse_nested, sampler, scripted_metric, serial_diff, significant_terms, significant_text, stats, stats_bucket, string_stats, sum, sum_bucket, terms, top_hits, t_test, top_metrics, value_count, weighted_avg, variable_width_histogram }>)
    • collapse (Optional, { field, inner_hits, max_concurrent_group_searches, collapse })
    • explain (Optional, boolean): If true, returns detailed information about score computation as part of a hit.
    • ext (Optional, Record<string, User-defined value>): Configuration of search extensions defined by Elasticsearch plugins.
    • from (Optional, number): Starting document offset. By default, you cannot page through more than 10,000 hits using the from and size parameters. To page through more hits, use the search_after parameter.
    • highlight (Optional, { encoder, fields })
    • track_total_hits (Optional, boolean | number): Number of hits matching the query to count accurately. If true, the exact number of hits is returned at the cost of some performance. If false, the response does not include the total number of hits matching the query. Defaults to 10,000 hits.
    • indices_boost (Optional, Record<string, number>[]): Boosts the _score of documents from specified indices.
    • docvalue_fields (Optional, { field, format, include_unmapped }[]): Array of wildcard (*) patterns. The request returns doc values for field names matching these patterns in the hits.fields property of the response.
    • knn (Optional, { field, query_vector, query_vector_builder, k, num_candidates, boost, filter, similarity } | { field, query_vector, query_vector_builder, k, num_candidates, boost, filter, similarity }[]): Defines the approximate kNN search to run.
    • min_score (Optional, number): Minimum _score for matching documents. Documents with a lower _score are not included in the search results.
    • post_filter (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type })
    • profile (Optional, boolean)
    • query (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type }): Defines the search definition using the Query DSL.
    • rescore (Optional, { query, window_size } | { query, window_size }[])
    • script_fields (Optional, Record<string, { script, ignore_failure }>): Retrieve a script evaluation (based on different fields) for each hit.
    • search_after (Optional, number | number | string | boolean | null | User-defined value[])
    • size (Optional, number): The number of hits to return. By default, you cannot page through more than 10,000 hits using the from and size parameters. To page through more hits, use the search_after parameter.
    • slice (Optional, { field, id, max })
    • sort (Optional, string | { _score, _doc, _geo_distance, _script } | string | { _score, _doc, _geo_distance, _script }[])
    • _source (Optional, boolean | { excludes, includes }): Indicates which source fields are returned for matching documents. These fields are returned in the hits._source property of the search response.
    • fields (Optional, { field, format, include_unmapped }[]): Array of wildcard (*) patterns. The request returns values for field names matching these patterns in the hits.fields property of the response.
    • suggest (Optional, { text })
    • terminate_after (Optional, number): Maximum number of documents to collect for each shard. If a query reaches this limit, Elasticsearch terminates the query early. Elasticsearch collects documents before sorting. Defaults to 0, which does not terminate query execution early.
    • timeout (Optional, string): Specifies the period of time to wait for a response from each shard. If no response is received before the timeout expires, the request fails and returns an error. Defaults to no timeout.
    • track_scores (Optional, boolean): If true, calculate and return document scores, even if the scores are not used for sorting.
    • version (Optional, boolean): If true, returns document version as part of a hit.
    • seq_no_primary_term (Optional, boolean): If true, returns sequence number and primary term of the last modification of each hit. See Optimistic concurrency control.
    • stored_fields (Optional, string | string[]): List of stored fields to return as part of a hit. If no fields are specified, no stored fields are included in the response. If this field is specified, the _source parameter defaults to false. You can pass _source: true to return both source fields and stored fields in the search response.
    • pit (Optional, { id, keep_alive }): Limits the search to a point in time (PIT). If you provide a PIT, you cannot specify an <index> in the request path.
    • runtime_mappings (Optional, Record<string, { fetch_fields, format, input_field, target_field, target_index, script, type }>): Defines one or more runtime fields in the search request. These fields take precedence over mapped fields with the same name.
    • stats (Optional, string[]): Stats groups to associate with the search. Each group maintains a statistics aggregation for its associated searches. You can retrieve these stats using the indices stats API.
    • wait_for_completion_timeout (Optional, string | -1 | 0): Specify the time that the request should block waiting for the final response
    • keep_on_completion (Optional, boolean): Control whether the response should be stored in the cluster if it completed within the provided [wait_for_completion] time (default: false)
    • keep_alive (Optional, string | -1 | 0): Update the time interval in which the results (partial or final) for this search will be available
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • allow_partial_search_results (Optional, boolean): Indicate if an error should be returned if there is a partial search failure or timeout
    • analyzer (Optional, string): The analyzer to use for the query string
    • analyze_wildcard (Optional, boolean): Specify whether wildcard and prefix queries should be analyzed (default: false)
    • batched_reduce_size (Optional, number): The number of shard results that should be reduced at once on the coordinating node. This value should be used as the granularity at which progress results will be made available.
    • ccs_minimize_roundtrips (Optional, boolean)
    • default_operator (Optional, Enum("and" | "or")): The default operator for query string query (AND or OR)
    • df (Optional, string): The field to use as default where no field prefix is given in the query string
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • ignore_throttled (Optional, boolean): Whether specified concrete, expanded or aliased indices should be ignored when throttled
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • lenient (Optional, boolean): Specify whether format-based query failures (such as providing text to a numeric field) should be ignored
    • max_concurrent_shard_requests (Optional, number): The number of concurrent shard requests per node this search executes concurrently. This value should be used to limit the impact of the search on the cluster in order to limit the number of concurrent shard requests
    • min_compatible_shard_node (Optional, string)
    • preference (Optional, string): Specify the node or shard the operation should be performed on (default: random)
    • pre_filter_shard_size (Optional, number)
    • request_cache (Optional, boolean): Specify if request cache should be used for this request or not, defaults to true
    • routing (Optional, string): A list of specific routing values
    • scroll (Optional, string | -1 | 0)
    • search_type (Optional, Enum("query_then_fetch" | "dfs_query_then_fetch")): Search operation type
    • suggest_field (Optional, string): Specifies which field to use for suggestions.
    • suggest_mode (Optional, Enum("missing" | "popular" | "always")): Specify suggest mode
    • suggest_size (Optional, number): How many suggestions to return in response
    • suggest_text (Optional, string): The source text for which the suggestions should be returned.
    • typed_keys (Optional, boolean): Specify whether aggregation and suggester names should be prefixed by their respective types in the response
    • rest_total_hits_as_int (Optional, boolean)
    • _source_excludes (Optional, string | string[]): A list of fields to exclude from the returned _source field
    • _source_includes (Optional, string | string[]): A list of fields to extract and return from the _source field
    • q (Optional, string): Query in the Lucene query string syntax

cat

edit

aliases

edit

Shows information about currently configured aliases to indices including filter and routing infos.

Endpoint documentation

client.cat.aliases({ ... })

Arguments

edit
  • Request (object):

    • name (Optional, string | string[]): A list of alias names to return
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.

allocation

edit

Provides a snapshot of how many shards are allocated to each data node and how much disk space they are using.

Endpoint documentation

client.cat.allocation({ ... })

Arguments

edit
  • Request (object):

    • node_id (Optional, string | string[]): A list of node IDs or names to limit the returned information
    • bytes (Optional, Enum("b" | "kb" | "mb" | "gb" | "tb" | "pb")): The unit in which to display byte values

component_templates

edit

Returns information about existing component_templates templates.

Endpoint documentation

client.cat.componentTemplates({ ... })

Arguments

edit
  • Request (object):

    • name (Optional, string): A pattern that returned component template names must match

count

edit

Provides quick access to the document count of the entire cluster, or individual indices.

Endpoint documentation

client.cat.count({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): A list of index names to limit the returned information

fielddata

edit

Shows how much heap memory is currently being used by fielddata on every data node in the cluster.

Endpoint documentation

client.cat.fielddata({ ... })

Arguments

edit
  • Request (object):

    • fields (Optional, string | string[]): A list of fields to return the fielddata size
    • bytes (Optional, Enum("b" | "kb" | "mb" | "gb" | "tb" | "pb")): The unit in which to display byte values

health

edit

Returns a concise representation of the cluster health.

Endpoint documentation

client.cat.health({ ... })

Arguments

edit
  • Request (object):

    • ts (Optional, boolean): Set to false to disable timestamping

help

edit

Returns help for the Cat APIs.

Endpoint documentation

client.cat.help()

indices

edit

Returns information about indices: number of primaries and replicas, document counts, disk size, …​

Endpoint documentation

client.cat.indices({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): A list of index names to limit the returned information
    • bytes (Optional, Enum("b" | "kb" | "mb" | "gb" | "tb" | "pb")): The unit in which to display byte values
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • health (Optional, Enum("green" | "yellow" | "red")): A health status ("green", "yellow", or "red" to filter only indices matching the specified health status
    • include_unloaded_segments (Optional, boolean): If set to true segment stats will include stats for segments that are not currently loaded into memory
    • pri (Optional, boolean): Set to true to return stats only for primary shards
    • time (Optional, Enum("nanos" | "micros" | "ms" | "s" | "m" | "h" | "d")): The unit in which to display time values

master

edit

Returns information about the master node.

Endpoint documentation

client.cat.master()

ml_data_frame_analytics

edit

Gets configuration and usage information about data frame analytics jobs.

Endpoint documentation

client.cat.mlDataFrameAnalytics({ ... })

Arguments

edit
  • Request (object):

    • id (Optional, string): The ID of the data frame analytics to fetch
    • allow_no_match (Optional, boolean): Whether to ignore if a wildcard expression matches no configs. (This includes _all string or when no configs have been specified)
    • bytes (Optional, Enum("b" | "kb" | "mb" | "gb" | "tb" | "pb")): The unit in which to display byte values
    • h (Optional, Enum("assignment_explanation" | "create_time" | "description" | "dest_index" | "failure_reason" | "id" | "model_memory_limit" | "node.address" | "node.ephemeral_id" | "node.id" | "node.name" | "progress" | "source_index" | "state" | "type" | "version") | Enum("assignment_explanation" | "create_time" | "description" | "dest_index" | "failure_reason" | "id" | "model_memory_limit" | "node.address" | "node.ephemeral_id" | "node.id" | "node.name" | "progress" | "source_index" | "state" | "type" | "version")[]): List of column names to display.
    • s (Optional, Enum("assignment_explanation" | "create_time" | "description" | "dest_index" | "failure_reason" | "id" | "model_memory_limit" | "node.address" | "node.ephemeral_id" | "node.id" | "node.name" | "progress" | "source_index" | "state" | "type" | "version") | Enum("assignment_explanation" | "create_time" | "description" | "dest_index" | "failure_reason" | "id" | "model_memory_limit" | "node.address" | "node.ephemeral_id" | "node.id" | "node.name" | "progress" | "source_index" | "state" | "type" | "version")[]): List of column names or column aliases used to sort the response.
    • time (Optional, string | -1 | 0): Unit used to display time values.

ml_datafeeds

edit

Gets configuration and usage information about datafeeds.

Endpoint documentation

client.cat.mlDatafeeds({ ... })

Arguments

edit
  • Request (object):

    • datafeed_id (Optional, string): A numerical character string that uniquely identifies the datafeed.
    • allow_no_match (Optional, boolean): Specifies what to do when the request:
  • Contains wildcard expressions and there are no datafeeds that match.
  • Contains the _all string or no identifiers and there are no matches.
  • Contains wildcard expressions and there are only partial matches.

If true, the API returns an empty datafeeds array when there are no matches and the subset of results when there are partial matches. If false, the API returns a 404 status code when there are no matches or only partial matches. h (Optional, Enum("ae" | "bc" | "id" | "na" | "ne" | "ni" | "nn" | "sba" | "sc" | "seah" | "st" | "s") | Enum("ae" | "bc" | "id" | "na" | "ne" | "ni" | "nn" | "sba" | "sc" | "seah" | "st" | "s")[]): List of column names to display. s (Optional, Enum("ae" | "bc" | "id" | "na" | "ne" | "ni" | "nn" | "sba" | "sc" | "seah" | "st" | "s") | Enum("ae" | "bc" | "id" | "na" | "ne" | "ni" | "nn" | "sba" | "sc" | "seah" | "st" | "s")[]): List of column names or column aliases used to sort the response. * *time (Optional, Enum("nanos" | "micros" | "ms" | "s" | "m" | "h" | "d")): The unit used to display time values.

ml_jobs

edit

Gets configuration and usage information about anomaly detection jobs.

Endpoint documentation

client.cat.mlJobs({ ... })

Arguments

edit
  • Request (object):

    • job_id (Optional, string): Identifier for the anomaly detection job.
    • allow_no_match (Optional, boolean): Specifies what to do when the request:
  • Contains wildcard expressions and there are no jobs that match.
  • Contains the _all string or no identifiers and there are no matches.
  • Contains wildcard expressions and there are only partial matches.

If true, the API returns an empty jobs array when there are no matches and the subset of results when there are partial matches. If false, the API returns a 404 status code when there are no matches or only partial matches. bytes (Optional, Enum("b" | "kb" | "mb" | "gb" | "tb" | "pb")): The unit used to display byte values. h (Optional, Enum("assignment_explanation" | "buckets.count" | "buckets.time.exp_avg" | "buckets.time.exp_avg_hour" | "buckets.time.max" | "buckets.time.min" | "buckets.time.total" | "data.buckets" | "data.earliest_record" | "data.empty_buckets" | "data.input_bytes" | "data.input_fields" | "data.input_records" | "data.invalid_dates" | "data.last" | "data.last_empty_bucket" | "data.last_sparse_bucket" | "data.latest_record" | "data.missing_fields" | "data.out_of_order_timestamps" | "data.processed_fields" | "data.processed_records" | "data.sparse_buckets" | "forecasts.memory.avg" | "forecasts.memory.max" | "forecasts.memory.min" | "forecasts.memory.total" | "forecasts.records.avg" | "forecasts.records.max" | "forecasts.records.min" | "forecasts.records.total" | "forecasts.time.avg" | "forecasts.time.max" | "forecasts.time.min" | "forecasts.time.total" | "forecasts.total" | "id" | "model.bucket_allocation_failures" | "model.by_fields" | "model.bytes" | "model.bytes_exceeded" | "model.categorization_status" | "model.categorized_doc_count" | "model.dead_category_count" | "model.failed_category_count" | "model.frequent_category_count" | "model.log_time" | "model.memory_limit" | "model.memory_status" | "model.over_fields" | "model.partition_fields" | "model.rare_category_count" | "model.timestamp" | "model.total_category_count" | "node.address" | "node.ephemeral_id" | "node.id" | "node.name" | "opened_time" | "state") | Enum("assignment_explanation" | "buckets.count" | "buckets.time.exp_avg" | "buckets.time.exp_avg_hour" | "buckets.time.max" | "buckets.time.min" | "buckets.time.total" | "data.buckets" | "data.earliest_record" | "data.empty_buckets" | "data.input_bytes" | "data.input_fields" | "data.input_records" | "data.invalid_dates" | "data.last" | "data.last_empty_bucket" | "data.last_sparse_bucket" | "data.latest_record" | "data.missing_fields" | "data.out_of_order_timestamps" | "data.processed_fields" | "data.processed_records" | "data.sparse_buckets" | "forecasts.memory.avg" | "forecasts.memory.max" | "forecasts.memory.min" | "forecasts.memory.total" | "forecasts.records.avg" | "forecasts.records.max" | "forecasts.records.min" | "forecasts.records.total" | "forecasts.time.avg" | "forecasts.time.max" | "forecasts.time.min" | "forecasts.time.total" | "forecasts.total" | "id" | "model.bucket_allocation_failures" | "model.by_fields" | "model.bytes" | "model.bytes_exceeded" | "model.categorization_status" | "model.categorized_doc_count" | "model.dead_category_count" | "model.failed_category_count" | "model.frequent_category_count" | "model.log_time" | "model.memory_limit" | "model.memory_status" | "model.over_fields" | "model.partition_fields" | "model.rare_category_count" | "model.timestamp" | "model.total_category_count" | "node.address" | "node.ephemeral_id" | "node.id" | "node.name" | "opened_time" | "state")[]): List of column names to display. s (Optional, Enum("assignment_explanation" | "buckets.count" | "buckets.time.exp_avg" | "buckets.time.exp_avg_hour" | "buckets.time.max" | "buckets.time.min" | "buckets.time.total" | "data.buckets" | "data.earliest_record" | "data.empty_buckets" | "data.input_bytes" | "data.input_fields" | "data.input_records" | "data.invalid_dates" | "data.last" | "data.last_empty_bucket" | "data.last_sparse_bucket" | "data.latest_record" | "data.missing_fields" | "data.out_of_order_timestamps" | "data.processed_fields" | "data.processed_records" | "data.sparse_buckets" | "forecasts.memory.avg" | "forecasts.memory.max" | "forecasts.memory.min" | "forecasts.memory.total" | "forecasts.records.avg" | "forecasts.records.max" | "forecasts.records.min" | "forecasts.records.total" | "forecasts.time.avg" | "forecasts.time.max" | "forecasts.time.min" | "forecasts.time.total" | "forecasts.total" | "id" | "model.bucket_allocation_failures" | "model.by_fields" | "model.bytes" | "model.bytes_exceeded" | "model.categorization_status" | "model.categorized_doc_count" | "model.dead_category_count" | "model.failed_category_count" | "model.frequent_category_count" | "model.log_time" | "model.memory_limit" | "model.memory_status" | "model.over_fields" | "model.partition_fields" | "model.rare_category_count" | "model.timestamp" | "model.total_category_count" | "node.address" | "node.ephemeral_id" | "node.id" | "node.name" | "opened_time" | "state") | Enum("assignment_explanation" | "buckets.count" | "buckets.time.exp_avg" | "buckets.time.exp_avg_hour" | "buckets.time.max" | "buckets.time.min" | "buckets.time.total" | "data.buckets" | "data.earliest_record" | "data.empty_buckets" | "data.input_bytes" | "data.input_fields" | "data.input_records" | "data.invalid_dates" | "data.last" | "data.last_empty_bucket" | "data.last_sparse_bucket" | "data.latest_record" | "data.missing_fields" | "data.out_of_order_timestamps" | "data.processed_fields" | "data.processed_records" | "data.sparse_buckets" | "forecasts.memory.avg" | "forecasts.memory.max" | "forecasts.memory.min" | "forecasts.memory.total" | "forecasts.records.avg" | "forecasts.records.max" | "forecasts.records.min" | "forecasts.records.total" | "forecasts.time.avg" | "forecasts.time.max" | "forecasts.time.min" | "forecasts.time.total" | "forecasts.total" | "id" | "model.bucket_allocation_failures" | "model.by_fields" | "model.bytes" | "model.bytes_exceeded" | "model.categorization_status" | "model.categorized_doc_count" | "model.dead_category_count" | "model.failed_category_count" | "model.frequent_category_count" | "model.log_time" | "model.memory_limit" | "model.memory_status" | "model.over_fields" | "model.partition_fields" | "model.rare_category_count" | "model.timestamp" | "model.total_category_count" | "node.address" | "node.ephemeral_id" | "node.id" | "node.name" | "opened_time" | "state")[]): List of column names or column aliases used to sort the response. time (Optional, Enum("nanos" | "micros" | "ms" | "s" | "m" | "h" | "d")): The unit used to display time values.

ml_trained_models

edit

Gets configuration and usage information about inference trained models.

Endpoint documentation

client.cat.mlTrainedModels({ ... })

Arguments

edit
  • Request (object):

    • model_id (Optional, string): The ID of the trained models stats to fetch
    • allow_no_match (Optional, boolean): Whether to ignore if a wildcard expression matches no trained models. (This includes _all string or when no trained models have been specified)
    • bytes (Optional, Enum("b" | "kb" | "mb" | "gb" | "tb" | "pb")): The unit in which to display byte values
    • h (Optional, Enum("create_time" | "created_by" | "data_frame_analytics_id" | "description" | "heap_size" | "id" | "ingest.count" | "ingest.current" | "ingest.failed" | "ingest.pipelines" | "ingest.time" | "license" | "operations" | "version") | Enum("create_time" | "created_by" | "data_frame_analytics_id" | "description" | "heap_size" | "id" | "ingest.count" | "ingest.current" | "ingest.failed" | "ingest.pipelines" | "ingest.time" | "license" | "operations" | "version")[]): List of column names to display
    • s (Optional, Enum("create_time" | "created_by" | "data_frame_analytics_id" | "description" | "heap_size" | "id" | "ingest.count" | "ingest.current" | "ingest.failed" | "ingest.pipelines" | "ingest.time" | "license" | "operations" | "version") | Enum("create_time" | "created_by" | "data_frame_analytics_id" | "description" | "heap_size" | "id" | "ingest.count" | "ingest.current" | "ingest.failed" | "ingest.pipelines" | "ingest.time" | "license" | "operations" | "version")[]): List of column names or column aliases to sort by
    • from (Optional, number): skips a number of trained models
    • size (Optional, number): specifies a max number of trained models to get

nodeattrs

edit

Returns information about custom node attributes.

Endpoint documentation

client.cat.nodeattrs()

nodes

edit

Returns basic statistics about performance of cluster nodes.

Endpoint documentation

client.cat.nodes({ ... })

Arguments

edit
  • Request (object):

    • bytes (Optional, Enum("b" | "kb" | "mb" | "gb" | "tb" | "pb")): The unit in which to display byte values
    • full_id (Optional, boolean | string): Return the full node ID instead of the shortened version (default: false)

pending_tasks

edit

Returns a concise representation of the cluster pending tasks.

Endpoint documentation

client.cat.pendingTasks()

plugins

edit

Returns information about installed plugins across nodes node.

Endpoint documentation

client.cat.plugins()

recovery

edit

Returns information about index shard recoveries, both on-going completed.

Endpoint documentation

client.cat.recovery({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): List or wildcard expression of index names to limit the returned information
    • active_only (Optional, boolean): If true, the response only includes ongoing shard recoveries
    • bytes (Optional, Enum("b" | "kb" | "mb" | "gb" | "tb" | "pb")): The unit in which to display byte values
    • detailed (Optional, boolean): If true, the response includes detailed information about shard recoveries

repositories

edit

Returns information about snapshot repositories registered in the cluster.

Endpoint documentation

client.cat.repositories()

segments

edit

Provides low-level information about the segments in the shards of an index.

Endpoint documentation

client.cat.segments({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): A list of index names to limit the returned information
    • bytes (Optional, Enum("b" | "kb" | "mb" | "gb" | "tb" | "pb")): The unit in which to display byte values

shards

edit

Provides a detailed view of shard allocation on nodes.

Endpoint documentation

client.cat.shards({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): A list of index names to limit the returned information
    • bytes (Optional, Enum("b" | "kb" | "mb" | "gb" | "tb" | "pb")): The unit in which to display byte values

snapshots

edit

Returns all snapshots in a specific repository.

Endpoint documentation

client.cat.snapshots({ ... })

Arguments

edit
  • Request (object):

    • repository (Optional, string | string[]): Name of repository from which to fetch the snapshot information
    • ignore_unavailable (Optional, boolean): Set to true to ignore unavailable snapshots

tasks

edit

Returns information about the tasks currently executing on one or more nodes in the cluster.

Endpoint documentation

client.cat.tasks({ ... })

Arguments

edit
  • Request (object):

    • actions (Optional, string[]): A list of actions that should be returned. Leave empty to return all.
    • detailed (Optional, boolean): Return detailed task information (default: false)
    • node_id (Optional, string[])
    • parent_task (Optional, number)

templates

edit

Returns information about existing templates.

Endpoint documentation

client.cat.templates({ ... })

Arguments

edit
  • Request (object):

    • name (Optional, string): A pattern that returned template names must match

thread_pool

edit

Returns cluster-wide thread pool statistics per node. By default the active, queue and rejected statistics are returned for all thread pools.

Endpoint documentation

client.cat.threadPool({ ... })

Arguments

edit
  • Request (object):

    • thread_pool_patterns (Optional, string | string[]): List of thread pool names used to limit the request. Accepts wildcard expressions.
    • time (Optional, Enum("nanos" | "micros" | "ms" | "s" | "m" | "h" | "d")): Unit used to display time values.

transforms

edit

Gets configuration and usage information about transforms.

Endpoint documentation

client.cat.transforms({ ... })

Arguments

edit
  • Request (object):

    • transform_id (Optional, string): The id of the transform for which to get stats. _all or * implies all transforms
    • allow_no_match (Optional, boolean): Whether to ignore if a wildcard expression matches no transforms. (This includes _all string or when no transforms have been specified)
    • from (Optional, number): skips a number of transform configs, defaults to 0
    • h (Optional, Enum("changes_last_detection_time" | "checkpoint" | "checkpoint_duration_time_exp_avg" | "checkpoint_progress" | "create_time" | "delete_time" | "description" | "dest_index" | "documents_deleted" | "documents_indexed" | "docs_per_second" | "documents_processed" | "frequency" | "id" | "index_failure" | "index_time" | "index_total" | "indexed_documents_exp_avg" | "last_search_time" | "max_page_search_size" | "pages_processed" | "pipeline" | "processed_documents_exp_avg" | "processing_time" | "reason" | "search_failure" | "search_time" | "search_total" | "source_index" | "state" | "transform_type" | "trigger_count" | "version") | Enum("changes_last_detection_time" | "checkpoint" | "checkpoint_duration_time_exp_avg" | "checkpoint_progress" | "create_time" | "delete_time" | "description" | "dest_index" | "documents_deleted" | "documents_indexed" | "docs_per_second" | "documents_processed" | "frequency" | "id" | "index_failure" | "index_time" | "index_total" | "indexed_documents_exp_avg" | "last_search_time" | "max_page_search_size" | "pages_processed" | "pipeline" | "processed_documents_exp_avg" | "processing_time" | "reason" | "search_failure" | "search_time" | "search_total" | "source_index" | "state" | "transform_type" | "trigger_count" | "version")[]): List of column names to display.
    • s (Optional, Enum("changes_last_detection_time" | "checkpoint" | "checkpoint_duration_time_exp_avg" | "checkpoint_progress" | "create_time" | "delete_time" | "description" | "dest_index" | "documents_deleted" | "documents_indexed" | "docs_per_second" | "documents_processed" | "frequency" | "id" | "index_failure" | "index_time" | "index_total" | "indexed_documents_exp_avg" | "last_search_time" | "max_page_search_size" | "pages_processed" | "pipeline" | "processed_documents_exp_avg" | "processing_time" | "reason" | "search_failure" | "search_time" | "search_total" | "source_index" | "state" | "transform_type" | "trigger_count" | "version") | Enum("changes_last_detection_time" | "checkpoint" | "checkpoint_duration_time_exp_avg" | "checkpoint_progress" | "create_time" | "delete_time" | "description" | "dest_index" | "documents_deleted" | "documents_indexed" | "docs_per_second" | "documents_processed" | "frequency" | "id" | "index_failure" | "index_time" | "index_total" | "indexed_documents_exp_avg" | "last_search_time" | "max_page_search_size" | "pages_processed" | "pipeline" | "processed_documents_exp_avg" | "processing_time" | "reason" | "search_failure" | "search_time" | "search_total" | "source_index" | "state" | "transform_type" | "trigger_count" | "version")[]): List of column names or column aliases used to sort the response.
    • time (Optional, Enum("nanos" | "micros" | "ms" | "s" | "m" | "h" | "d")): Unit used to display time values.
    • size (Optional, number): specifies a max number of transforms to get, defaults to 100

ccr

edit

delete_auto_follow_pattern

edit

Deletes auto-follow patterns.

Endpoint documentation

client.ccr.deleteAutoFollowPattern({ name })

Arguments

edit
  • Request (object):

    • name (string): The name of the auto follow pattern.

follow

edit

Creates a new follower index configured to follow the referenced leader index.

Endpoint documentation

client.ccr.follow({ index })

Arguments

edit
  • Request (object):

    • index (string): The name of the follower index
    • leader_index (Optional, string)
    • max_outstanding_read_requests (Optional, number)
    • max_outstanding_write_requests (Optional, number)
    • max_read_request_operation_count (Optional, number)
    • max_read_request_size (Optional, string)
    • max_retry_delay (Optional, string | -1 | 0)
    • max_write_buffer_count (Optional, number)
    • max_write_buffer_size (Optional, string)
    • max_write_request_operation_count (Optional, number)
    • max_write_request_size (Optional, string)
    • read_poll_timeout (Optional, string | -1 | 0)
    • remote_cluster (Optional, string)
    • wait_for_active_shards (Optional, number | Enum("all" | "index-setting")): Sets the number of shard copies that must be active before returning. Defaults to 0. Set to all for all shard copies, otherwise set to any non-negative value less than or equal to the total number of copies for the shard (number of replicas + 1)

follow_info

edit

Retrieves information about all follower indices, including parameters and status for each follower index

Endpoint documentation

client.ccr.followInfo({ index })

Arguments

edit
  • Request (object):

    • index (string | string[]): A list of index patterns; use _all to perform the operation on all indices

follow_stats

edit

Retrieves follower stats. return shard-level stats about the following tasks associated with each shard for the specified indices.

Endpoint documentation

client.ccr.followStats({ index })

Arguments

edit
  • Request (object):

    • index (string | string[]): A list of index patterns; use _all to perform the operation on all indices

forget_follower

edit

Removes the follower retention leases from the leader.

Endpoint documentation

client.ccr.forgetFollower({ index })

Arguments

edit
  • Request (object):

    • index (string): the name of the leader index for which specified follower retention leases should be removed
    • follower_cluster (Optional, string)
    • follower_index (Optional, string)
    • follower_index_uuid (Optional, string)
    • leader_remote_cluster (Optional, string)

get_auto_follow_pattern

edit

Gets configured auto-follow patterns. Returns the specified auto-follow pattern collection.

Endpoint documentation

client.ccr.getAutoFollowPattern({ ... })

Arguments

edit
  • Request (object):

    • name (Optional, string): Specifies the auto-follow pattern collection that you want to retrieve. If you do not specify a name, the API returns information for all collections.

pause_auto_follow_pattern

edit

Pauses an auto-follow pattern

Endpoint documentation

client.ccr.pauseAutoFollowPattern({ name })

Arguments

edit
  • Request (object):

    • name (string): The name of the auto follow pattern that should pause discovering new indices to follow.

pause_follow

edit

Pauses a follower index. The follower index will not fetch any additional operations from the leader index.

Endpoint documentation

client.ccr.pauseFollow({ index })

Arguments

edit
  • Request (object):

    • index (string): The name of the follower index that should pause following its leader index.

put_auto_follow_pattern

edit

Creates a new named collection of auto-follow patterns against a specified remote cluster. Newly created indices on the remote cluster matching any of the specified patterns will be automatically configured as follower indices.

Endpoint documentation

client.ccr.putAutoFollowPattern({ name, remote_cluster })

Arguments

edit
  • Request (object):

    • name (string): The name of the collection of auto-follow patterns.
    • remote_cluster (string): The remote cluster containing the leader indices to match against.
    • follow_index_pattern (Optional, string): The name of follower index. The template {{leader_index}} can be used to derive the name of the follower index from the name of the leader index. When following a data stream, use {{leader_index}}; CCR does not support changes to the names of a follower data stream’s backing indices.
    • leader_index_patterns (Optional, string[]): An array of simple index patterns to match against indices in the remote cluster specified by the remote_cluster field.
    • leader_index_exclusion_patterns (Optional, string[]): An array of simple index patterns that can be used to exclude indices from being auto-followed. Indices in the remote cluster whose names are matching one or more leader_index_patterns and one or more leader_index_exclusion_patterns won’t be followed.
    • max_outstanding_read_requests (Optional, number): The maximum number of outstanding reads requests from the remote cluster.
    • settings (Optional, Record<string, User-defined value>): Settings to override from the leader index. Note that certain settings can not be overrode (e.g., index.number_of_shards).
    • max_outstanding_write_requests (Optional, number): The maximum number of outstanding reads requests from the remote cluster.
    • read_poll_timeout (Optional, string | -1 | 0): The maximum time to wait for new operations on the remote cluster when the follower index is synchronized with the leader index. When the timeout has elapsed, the poll for operations will return to the follower so that it can update some statistics. Then the follower will immediately attempt to read from the leader again.
    • max_read_request_operation_count (Optional, number): The maximum number of operations to pull per read from the remote cluster.
    • max_read_request_size (Optional, number | string): The maximum size in bytes of per read of a batch of operations pulled from the remote cluster.
    • max_retry_delay (Optional, string | -1 | 0): The maximum time to wait before retrying an operation that failed exceptionally. An exponential backoff strategy is employed when retrying.
    • max_write_buffer_count (Optional, number): The maximum number of operations that can be queued for writing. When this limit is reached, reads from the remote cluster will be deferred until the number of queued operations goes below the limit.
    • max_write_buffer_size (Optional, number | string): The maximum total bytes of operations that can be queued for writing. When this limit is reached, reads from the remote cluster will be deferred until the total bytes of queued operations goes below the limit.
    • max_write_request_operation_count (Optional, number): The maximum number of operations per bulk write request executed on the follower.
    • max_write_request_size (Optional, number | string): The maximum total bytes of operations per bulk write request executed on the follower.

resume_auto_follow_pattern

edit

Resumes an auto-follow pattern that has been paused

Endpoint documentation

client.ccr.resumeAutoFollowPattern({ name })

Arguments

edit
  • Request (object):

    • name (string): The name of the auto follow pattern to resume discovering new indices to follow.

resume_follow

edit

Resumes a follower index that has been paused

Endpoint documentation

client.ccr.resumeFollow({ index })

Arguments

edit
  • Request (object):

    • index (string): The name of the follow index to resume following.
    • max_outstanding_read_requests (Optional, number)
    • max_outstanding_write_requests (Optional, number)
    • max_read_request_operation_count (Optional, number)
    • max_read_request_size (Optional, string)
    • max_retry_delay (Optional, string | -1 | 0)
    • max_write_buffer_count (Optional, number)
    • max_write_buffer_size (Optional, string)
    • max_write_request_operation_count (Optional, number)
    • max_write_request_size (Optional, string)
    • read_poll_timeout (Optional, string | -1 | 0)

stats

edit

Gets all stats related to cross-cluster replication.

Endpoint documentation

client.ccr.stats()

unfollow

edit

Stops the following task associated with a follower index and removes index metadata and settings associated with cross-cluster replication.

Endpoint documentation

client.ccr.unfollow({ index })

Arguments

edit
  • Request (object):

    • index (string): The name of the follower index that should be turned into a regular index.

cluster

edit

allocation_explain

edit

Provides explanations for shard allocations in the cluster.

Endpoint documentation

client.cluster.allocationExplain({ ... })

Arguments

edit
  • Request (object):

    • current_node (Optional, string): Specifies the node ID or the name of the node to only explain a shard that is currently located on the specified node.
    • index (Optional, string): Specifies the name of the index that you would like an explanation for.
    • primary (Optional, boolean): If true, returns explanation for the primary shard for the given shard ID.
    • shard (Optional, number): Specifies the ID of the shard that you would like an explanation for.
    • include_disk_info (Optional, boolean): If true, returns information about disk usage and shard sizes.
    • include_yes_decisions (Optional, boolean): If true, returns YES decisions in explanation.

delete_component_template

edit

Deletes a component template

Endpoint documentation

client.cluster.deleteComponentTemplate({ name })

Arguments

edit
  • Request (object):

    • name (string | string[]): List or wildcard expression of component template names used to limit the request.
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • timeout (Optional, string | -1 | 0): Explicit operation timeout

delete_voting_config_exclusions

edit

Clears cluster voting config exclusions.

Endpoint documentation

client.cluster.deleteVotingConfigExclusions({ ... })

Arguments

edit
  • Request (object):

    • wait_for_removal (Optional, boolean): Specifies whether to wait for all excluded nodes to be removed from the cluster before clearing the voting configuration exclusions list. Defaults to true, meaning that all excluded nodes must be removed from the cluster before this API takes any action. If set to false then the voting configuration exclusions list is cleared even if some excluded nodes are still in the cluster.

exists_component_template

edit

Returns information about whether a particular component template exist

Endpoint documentation

client.cluster.existsComponentTemplate({ name })

Arguments

edit
  • Request (object):

    • name (string | string[]): List of component template names used to limit the request. Wildcard (*) expressions are supported.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.
    • local (Optional, boolean): If true, the request retrieves information from the local node only. Defaults to false, which means information is retrieved from the master node.

get_component_template

edit

Returns one or more component templates

Endpoint documentation

client.cluster.getComponentTemplate({ ... })

Arguments

edit
  • Request (object):

    • name (Optional, string): The comma separated names of the component templates
    • flat_settings (Optional, boolean)
    • local (Optional, boolean): Return local information, do not retrieve the state from master node (default: false)
    • master_timeout (Optional, string | -1 | 0): Explicit operation timeout for connection to master node
    • include_defaults (Optional, boolean): Return all default configurations for the component template (default: false)

get_settings

edit

Returns cluster settings.

Endpoint documentation

client.cluster.getSettings({ ... })

Arguments

edit
  • Request (object):

    • flat_settings (Optional, boolean): Return settings in flat format (default: false)
    • include_defaults (Optional, boolean): Whether to return all default clusters setting.
    • master_timeout (Optional, string | -1 | 0): Explicit operation timeout for connection to master node
    • timeout (Optional, string | -1 | 0): Explicit operation timeout

health

edit

Returns basic information about the health of the cluster.

Endpoint documentation

client.cluster.health({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): List of data streams, indices, and index aliases used to limit the request. Wildcard expressions (*) are supported. To target all data streams and indices in a cluster, omit this parameter or use _all or *.
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • level (Optional, Enum("cluster" | "indices" | "shards")): Can be one of cluster, indices or shards. Controls the details level of the health information returned.
    • local (Optional, boolean): If true, the request retrieves information from the local node only. Defaults to false, which means information is retrieved from the master node.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.
    • timeout (Optional, string | -1 | 0): Period to wait for a response. If no response is received before the timeout expires, the request fails and returns an error.
    • wait_for_active_shards (Optional, number | Enum("all" | "index-setting")): A number controlling to how many active shards to wait for, all to wait for all shards in the cluster to be active, or 0 to not wait.
    • wait_for_events (Optional, Enum("immediate" | "urgent" | "high" | "normal" | "low" | "languid")): Can be one of immediate, urgent, high, normal, low, languid. Wait until all currently queued events with the given priority are processed.
    • wait_for_nodes (Optional, string | number): The request waits until the specified number N of nodes is available. It also accepts >=N, ⇐N, >N and <N. Alternatively, it is possible to use ge(N), le(N), gt(N) and lt(N) notation.
    • wait_for_no_initializing_shards (Optional, boolean): A boolean value which controls whether to wait (until the timeout provided) for the cluster to have no shard initializations. Defaults to false, which means it will not wait for initializing shards.
    • wait_for_no_relocating_shards (Optional, boolean): A boolean value which controls whether to wait (until the timeout provided) for the cluster to have no shard relocations. Defaults to false, which means it will not wait for relocating shards.
    • wait_for_status (Optional, Enum("green" | "yellow" | "red")): One of green, yellow or red. Will wait (until the timeout provided) until the status of the cluster changes to the one provided or better, i.e. green > yellow > red. By default, will not wait for any status.

pending_tasks

edit

Returns a list of any cluster-level changes (e.g. create index, update mapping, allocate or fail shard) which have not yet been executed.

Endpoint documentation

client.cluster.pendingTasks({ ... })

Arguments

edit
  • Request (object):

    • local (Optional, boolean): Return local information, do not retrieve the state from master node (default: false)
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master

post_voting_config_exclusions

edit

Updates the cluster voting config exclusions by node ids or node names.

Endpoint documentation

client.cluster.postVotingConfigExclusions({ ... })

Arguments

edit
  • Request (object):

    • node_names (Optional, string | string[]): A list of the names of the nodes to exclude from the voting configuration. If specified, you may not also specify node_ids.
    • node_ids (Optional, string | string[]): A list of the persistent ids of the nodes to exclude from the voting configuration. If specified, you may not also specify node_names.
    • timeout (Optional, string | -1 | 0): When adding a voting configuration exclusion, the API waits for the specified nodes to be excluded from the voting configuration before returning. If the timeout expires before the appropriate condition is satisfied, the request fails and returns an error.

put_component_template

edit

Creates or updates a component template

Endpoint documentation

client.cluster.putComponentTemplate({ name, template })

Arguments

edit
  • Request (object):

    • name (string): The name of the template
    • template ({ aliases, mappings, settings, defaults, data_stream, lifecycle }): The template to be applied which includes mappings, settings, or aliases configuration.
    • version (Optional, number): Version number used to manage component templates externally. This number isn’t automatically generated or incremented by Elasticsearch.
    • _meta (Optional, Record<string, User-defined value>): Optional user metadata about the component template. May have any contents. This map is not automatically generated by Elasticsearch.
    • allow_auto_create (Optional, boolean): This setting overrides the value of the action.auto_create_index cluster setting. If set to true in a template, then indices can be automatically created using that template even if auto-creation of indices is disabled via actions.auto_create_index. If set to false then data streams matching the template must always be explicitly created.
    • create (Optional, boolean): Whether the index template should only be added if new or can also replace an existing one
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master

put_settings

edit

Updates the cluster settings.

Endpoint documentation

client.cluster.putSettings({ ... })

Arguments

edit
  • Request (object):

    • persistent (Optional, Record<string, User-defined value>)
    • transient (Optional, Record<string, User-defined value>)
    • flat_settings (Optional, boolean): Return settings in flat format (default: false)
    • master_timeout (Optional, string | -1 | 0): Explicit operation timeout for connection to master node
    • timeout (Optional, string | -1 | 0): Explicit operation timeout

remote_info

edit

Returns the information about configured remote clusters.

Endpoint documentation

client.cluster.remoteInfo()

reroute

edit

Allows to manually change the allocation of individual shards in the cluster.

Endpoint documentation

client.cluster.reroute({ ... })

Arguments

edit
  • Request (object):

    • commands (Optional, { cancel, move, allocate_replica, allocate_stale_primary, allocate_empty_primary }[]): Defines the commands to perform.
    • dry_run (Optional, boolean): If true, then the request simulates the operation only and returns the resulting state.
    • explain (Optional, boolean): If true, then the response contains an explanation of why the commands can or cannot be executed.
    • metric (Optional, string | string[]): Limits the information returned to the specified metrics.
    • retry_failed (Optional, boolean): If true, then retries allocation of shards that are blocked due to too many subsequent allocation failures.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.
    • timeout (Optional, string | -1 | 0): Period to wait for a response. If no response is received before the timeout expires, the request fails and returns an error.

state

edit

Returns a comprehensive information about the state of the cluster.

Endpoint documentation

client.cluster.state({ ... })

Arguments

edit
  • Request (object):

    • metric (Optional, string | string[]): Limit the information returned to the specified metrics
    • index (Optional, string | string[]): A list of index names; use _all or empty string to perform the operation on all indices
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • flat_settings (Optional, boolean): Return settings in flat format (default: false)
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • local (Optional, boolean): Return local information, do not retrieve the state from master node (default: false)
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • wait_for_metadata_version (Optional, number): Wait for the metadata version to be equal or greater than the specified metadata version
    • wait_for_timeout (Optional, string | -1 | 0): The maximum time to wait for wait_for_metadata_version before timing out

stats

edit

Returns high-level overview of cluster statistics.

Endpoint documentation

client.cluster.stats({ ... })

Arguments

edit
  • Request (object):

    • node_id (Optional, string | string[]): List of node filters used to limit returned information. Defaults to all nodes in the cluster.
    • flat_settings (Optional, boolean): Return settings in flat format (default: false)
    • timeout (Optional, string | -1 | 0): Period to wait for each node to respond. If a node does not respond before its timeout expires, the response does not include its stats. However, timed out nodes are included in the response’s _nodes.failed property. Defaults to no timeout.

dangling_indices

edit

delete_dangling_index

edit

Deletes the specified dangling index

Endpoint documentation

client.danglingIndices.deleteDanglingIndex({ index_uuid, accept_data_loss })

Arguments

edit
  • Request (object):

    • index_uuid (string): The UUID of the dangling index
    • accept_data_loss (boolean): Must be set to true in order to delete the dangling index
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • timeout (Optional, string | -1 | 0): Explicit operation timeout

import_dangling_index

edit

Imports the specified dangling index

Endpoint documentation

client.danglingIndices.importDanglingIndex({ index_uuid, accept_data_loss })

Arguments

edit
  • Request (object):

    • index_uuid (string): The UUID of the dangling index
    • accept_data_loss (boolean): Must be set to true in order to import the dangling index
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • timeout (Optional, string | -1 | 0): Explicit operation timeout

list_dangling_indices

edit

Returns all dangling indices.

Endpoint documentation

client.danglingIndices.listDanglingIndices()

enrich

edit

delete_policy

edit

Deletes an existing enrich policy and its enrich index.

Endpoint documentation

client.enrich.deletePolicy({ name })

Arguments

edit
  • Request (object):

    • name (string): The name of the enrich policy

execute_policy

edit

Creates the enrich index for an existing enrich policy.

Endpoint documentation

client.enrich.executePolicy({ name })

Arguments

edit
  • Request (object):

    • name (string): The name of the enrich policy
    • wait_for_completion (Optional, boolean): Should the request should block until the execution is complete.

get_policy

edit

Gets information about an enrich policy.

Endpoint documentation

client.enrich.getPolicy({ ... })

Arguments

edit
  • Request (object):

    • name (Optional, string | string[]): A list of enrich policy names

put_policy

edit

Creates a new enrich policy.

Endpoint documentation

client.enrich.putPolicy({ name })

Arguments

edit
  • Request (object):

    • name (string): The name of the enrich policy
    • geo_match (Optional, { enrich_fields, indices, match_field, query, name, elasticsearch_version })
    • match (Optional, { enrich_fields, indices, match_field, query, name, elasticsearch_version })
    • range (Optional, { enrich_fields, indices, match_field, query, name, elasticsearch_version })

stats

edit

Gets enrich coordinator statistics and information about enrich policies that are currently executing.

Endpoint documentation

client.enrich.stats()

eql

edit

delete

edit

Deletes an async EQL search by ID. If the search is still running, the search request will be cancelled. Otherwise, the saved search results are deleted.

Endpoint documentation

client.eql.delete({ id })

Arguments

edit
  • Request (object):

    • id (string): Identifier for the search to delete.

get

edit

Returns async results from previously executed Event Query Language (EQL) search

Endpoint documentation

client.eql.get({ id })

Arguments

edit
  • Request (object):

    • id (string): Identifier for the search.
    • keep_alive (Optional, string | -1 | 0): Period for which the search and its results are stored on the cluster. Defaults to the keep_alive value set by the search’s EQL search API request.
    • wait_for_completion_timeout (Optional, string | -1 | 0): Timeout duration to wait for the request to finish. Defaults to no timeout, meaning the request waits for complete search results.

get_status

edit

Returns the status of a previously submitted async or stored Event Query Language (EQL) search

Endpoint documentation

client.eql.getStatus({ id })

Arguments

edit
  • Request (object):

    • id (string): Identifier for the search.

search

edit

Returns results matching a query expressed in Event Query Language (EQL)

Endpoint documentation

client.eql.search({ index, query })

Arguments

edit
  • Request (object):

    • index (string | string[]): The name of the index to scope the operation
    • query (string): EQL query you wish to run.
    • case_sensitive (Optional, boolean)
    • event_category_field (Optional, string): Field containing the event classification, such as process, file, or network.
    • tiebreaker_field (Optional, string): Field used to sort hits with the same timestamp in ascending order
    • timestamp_field (Optional, string): Field containing event timestamp. Default "@timestamp"
    • fetch_size (Optional, number): Maximum number of events to search at a time for sequence queries.
    • filter (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type } | { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type }[]): Query, written in Query DSL, used to filter the events on which the EQL query runs.
    • keep_alive (Optional, string | -1 | 0)
    • keep_on_completion (Optional, boolean)
    • wait_for_completion_timeout (Optional, string | -1 | 0)
    • size (Optional, number): For basic queries, the maximum number of matching events to return. Defaults to 10
    • fields (Optional, { field, format, include_unmapped } | { field, format, include_unmapped }[]): Array of wildcard (*) patterns. The response returns values for field names matching these patterns in the fields property of each hit.
    • result_position (Optional, Enum("tail" | "head"))
    • runtime_mappings (Optional, Record<string, { fetch_fields, format, input_field, target_field, target_index, script, type }>)
    • allow_no_indices (Optional, boolean)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[])
    • ignore_unavailable (Optional, boolean): If true, missing or closed indices are not included in the response.

features

edit

get_features

edit

Gets a list of features which can be included in snapshots using the feature_states field when creating a snapshot

Endpoint documentation

client.features.getFeatures()

reset_features

edit

Resets the internal state of features, usually by deleting system indices

Endpoint documentation

client.features.resetFeatures()

fleet

edit

global_checkpoints

edit

Returns the current global checkpoints for an index. This API is design for internal use by the fleet server project.

Endpoint documentation

client.fleet.globalCheckpoints({ index })

Arguments

edit
  • Request (object):

    • index (string | string): A single index or index alias that resolves to a single index.
    • wait_for_advance (Optional, boolean): A boolean value which controls whether to wait (until the timeout) for the global checkpoints to advance past the provided checkpoints.
    • wait_for_index (Optional, boolean): A boolean value which controls whether to wait (until the timeout) for the target index to exist and all primary shards be active. Can only be true when wait_for_advance is true.
    • checkpoints (Optional, number[]): A comma separated list of previous global checkpoints. When used in combination with wait_for_advance, the API will only return once the global checkpoints advances past the checkpoints. Providing an empty list will cause Elasticsearch to immediately return the current global checkpoints.
    • timeout (Optional, string | -1 | 0): Period to wait for a global checkpoints to advance past checkpoints.

msearch

edit

Multi Search API where the search will only be executed after specified checkpoints are available due to a refresh. This API is designed for internal use by the fleet server project.

client.fleet.msearch({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string): A single target to search. If the target is an index alias, it must resolve to a single index.
    • searches (Optional, { allow_no_indices, expand_wildcards, ignore_unavailable, index, preference, request_cache, routing, search_type, ccs_minimize_roundtrips, allow_partial_search_results, ignore_throttled } | { aggregations, collapse, query, explain, ext, stored_fields, docvalue_fields, knn, from, highlight, indices_boost, min_score, post_filter, profile, rescore, script_fields, search_after, size, sort, _source, fields, terminate_after, stats, timeout, track_scores, track_total_hits, version, runtime_mappings, seq_no_primary_term, pit, suggest }[])
    • allow_no_indices (Optional, boolean): If false, the request returns an error if any wildcard expression, index alias, or _all value targets only missing or closed indices. This behavior applies even if the request targets other open indices. For example, a request targeting foo*,bar* returns an error if an index starts with foo but no index starts with bar.
    • ccs_minimize_roundtrips (Optional, boolean): If true, network roundtrips between the coordinating node and remote clusters are minimized for cross-cluster search requests.
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Type of index that wildcard expressions can match. If the request can target data streams, this argument determines whether wildcard expressions match hidden data streams.
    • ignore_throttled (Optional, boolean): If true, concrete, expanded or aliased indices are ignored when frozen.
    • ignore_unavailable (Optional, boolean): If true, missing or closed indices are not included in the response.
    • max_concurrent_searches (Optional, number): Maximum number of concurrent searches the multi search API can execute.
    • max_concurrent_shard_requests (Optional, number): Maximum number of concurrent shard requests that each sub-search request executes per node.
    • pre_filter_shard_size (Optional, number): Defines a threshold that enforces a pre-filter roundtrip to prefilter search shards based on query rewriting if the number of shards the search request expands to exceeds the threshold. This filter roundtrip can limit the number of shards significantly if for instance a shard can not match any documents based on its rewrite method i.e., if date filters are mandatory to match but the shard bounds and the query are disjoint.
    • search_type (Optional, Enum("query_then_fetch" | "dfs_query_then_fetch")): Indicates whether global term and document frequencies should be used when scoring returned documents.
    • rest_total_hits_as_int (Optional, boolean): If true, hits.total are returned as an integer in the response. Defaults to false, which returns an object.
    • typed_keys (Optional, boolean): Specifies whether aggregation and suggester names should be prefixed by their respective types in the response.
    • wait_for_checkpoints (Optional, number[]): A comma separated list of checkpoints. When configured, the search API will only be executed on a shard after the relevant checkpoint has become visible for search. Defaults to an empty list which will cause Elasticsearch to immediately execute the search.
    • allow_partial_search_results (Optional, boolean): If true, returns partial results if there are shard request timeouts or [shard failures](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-replication.html#shard-failures). If false, returns an error with no partial results. Defaults to the configured cluster setting search.default_allow_partial_results which is true by default.

search

edit

Search API where the search will only be executed after specified checkpoints are available due to a refresh. This API is designed for internal use by the fleet server project.

client.fleet.search({ index })

Arguments

edit
  • Request (object):

    • index (string | string): A single target to search. If the target is an index alias, it must resolve to a single index.
    • aggregations (Optional, Record<string, { aggregations, meta, adjacency_matrix, auto_date_histogram, avg, avg_bucket, boxplot, bucket_script, bucket_selector, bucket_sort, bucket_count_ks_test, bucket_correlation, cardinality, categorize_text, children, composite, cumulative_cardinality, cumulative_sum, date_histogram, date_range, derivative, diversified_sampler, extended_stats, extended_stats_bucket, frequent_item_sets, filter, filters, geo_bounds, geo_centroid, geo_distance, geohash_grid, geo_line, geotile_grid, geohex_grid, global, histogram, ip_range, ip_prefix, inference, line, matrix_stats, max, max_bucket, median_absolute_deviation, min, min_bucket, missing, moving_avg, moving_percentiles, moving_fn, multi_terms, nested, normalize, parent, percentile_ranks, percentiles, percentiles_bucket, range, rare_terms, rate, reverse_nested, sampler, scripted_metric, serial_diff, significant_terms, significant_text, stats, stats_bucket, string_stats, sum, sum_bucket, terms, top_hits, t_test, top_metrics, value_count, weighted_avg, variable_width_histogram }>)
    • collapse (Optional, { field, inner_hits, max_concurrent_group_searches, collapse })
    • explain (Optional, boolean): If true, returns detailed information about score computation as part of a hit.
    • ext (Optional, Record<string, User-defined value>): Configuration of search extensions defined by Elasticsearch plugins.
    • from (Optional, number): Starting document offset. By default, you cannot page through more than 10,000 hits using the from and size parameters. To page through more hits, use the search_after parameter.
    • highlight (Optional, { encoder, fields })
    • track_total_hits (Optional, boolean | number): Number of hits matching the query to count accurately. If true, the exact number of hits is returned at the cost of some performance. If false, the response does not include the total number of hits matching the query. Defaults to 10,000 hits.
    • indices_boost (Optional, Record<string, number>[]): Boosts the _score of documents from specified indices.
    • docvalue_fields (Optional, { field, format, include_unmapped }[]): Array of wildcard (*) patterns. The request returns doc values for field names matching these patterns in the hits.fields property of the response.
    • min_score (Optional, number): Minimum _score for matching documents. Documents with a lower _score are not included in the search results.
    • post_filter (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type })
    • profile (Optional, boolean)
    • query (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type }): Defines the search definition using the Query DSL.
    • rescore (Optional, { query, window_size } | { query, window_size }[])
    • script_fields (Optional, Record<string, { script, ignore_failure }>): Retrieve a script evaluation (based on different fields) for each hit.
    • search_after (Optional, number | number | string | boolean | null | User-defined value[])
    • size (Optional, number): The number of hits to return. By default, you cannot page through more than 10,000 hits using the from and size parameters. To page through more hits, use the search_after parameter.
    • slice (Optional, { field, id, max })
    • sort (Optional, string | { _score, _doc, _geo_distance, _script } | string | { _score, _doc, _geo_distance, _script }[])
    • _source (Optional, boolean | { excludes, includes }): Indicates which source fields are returned for matching documents. These fields are returned in the hits._source property of the search response.
    • fields (Optional, { field, format, include_unmapped }[]): Array of wildcard (*) patterns. The request returns values for field names matching these patterns in the hits.fields property of the response.
    • suggest (Optional, { text })
    • terminate_after (Optional, number): Maximum number of documents to collect for each shard. If a query reaches this limit, Elasticsearch terminates the query early. Elasticsearch collects documents before sorting. Defaults to 0, which does not terminate query execution early.
    • timeout (Optional, string): Specifies the period of time to wait for a response from each shard. If no response is received before the timeout expires, the request fails and returns an error. Defaults to no timeout.
    • track_scores (Optional, boolean): If true, calculate and return document scores, even if the scores are not used for sorting.
    • version (Optional, boolean): If true, returns document version as part of a hit.
    • seq_no_primary_term (Optional, boolean): If true, returns sequence number and primary term of the last modification of each hit. See Optimistic concurrency control.
    • stored_fields (Optional, string | string[]): List of stored fields to return as part of a hit. If no fields are specified, no stored fields are included in the response. If this field is specified, the _source parameter defaults to false. You can pass _source: true to return both source fields and stored fields in the search response.
    • pit (Optional, { id, keep_alive }): Limits the search to a point in time (PIT). If you provide a PIT, you cannot specify an <index> in the request path.
    • runtime_mappings (Optional, Record<string, { fetch_fields, format, input_field, target_field, target_index, script, type }>): Defines one or more runtime fields in the search request. These fields take precedence over mapped fields with the same name.
    • stats (Optional, string[]): Stats groups to associate with the search. Each group maintains a statistics aggregation for its associated searches. You can retrieve these stats using the indices stats API.
    • allow_no_indices (Optional, boolean)
    • analyzer (Optional, string)
    • analyze_wildcard (Optional, boolean)
    • batched_reduce_size (Optional, number)
    • ccs_minimize_roundtrips (Optional, boolean)
    • default_operator (Optional, Enum("and" | "or"))
    • df (Optional, string)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[])
    • ignore_throttled (Optional, boolean)
    • ignore_unavailable (Optional, boolean)
    • lenient (Optional, boolean)
    • max_concurrent_shard_requests (Optional, number)
    • min_compatible_shard_node (Optional, string)
    • preference (Optional, string)
    • pre_filter_shard_size (Optional, number)
    • request_cache (Optional, boolean)
    • routing (Optional, string)
    • scroll (Optional, string | -1 | 0)
    • search_type (Optional, Enum("query_then_fetch" | "dfs_query_then_fetch"))
    • suggest_field (Optional, string): Specifies which field to use for suggestions.
    • suggest_mode (Optional, Enum("missing" | "popular" | "always"))
    • suggest_size (Optional, number)
    • suggest_text (Optional, string): The source text for which the suggestions should be returned.
    • typed_keys (Optional, boolean)
    • rest_total_hits_as_int (Optional, boolean)
    • _source_excludes (Optional, string | string[])
    • _source_includes (Optional, string | string[])
    • q (Optional, string)
    • wait_for_checkpoints (Optional, number[]): A comma separated list of checkpoints. When configured, the search API will only be executed on a shard after the relevant checkpoint has become visible for search. Defaults to an empty list which will cause Elasticsearch to immediately execute the search.
    • allow_partial_search_results (Optional, boolean): If true, returns partial results if there are shard request timeouts or [shard failures](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-replication.html#shard-failures). If false, returns an error with no partial results. Defaults to the configured cluster setting search.default_allow_partial_results which is true by default.

graph

edit

explore

edit

Explore extracted and summarized information about the documents and terms in an index.

Endpoint documentation

client.graph.explore({ index })

Arguments

edit
  • Request (object):

    • index (string | string[]): A list of index names to search; use _all or empty string to perform the operation on all indices
    • connections (Optional, { connections, query, vertices })
    • controls (Optional, { sample_diversity, sample_size, timeout, use_significance })
    • query (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type })
    • vertices (Optional, { exclude, field, include, min_doc_count, shard_min_doc_count, size }[])
    • routing (Optional, string): Specific routing value
    • timeout (Optional, string | -1 | 0): Explicit operation timeout

ilm

edit

delete_lifecycle

edit

Deletes the specified lifecycle policy definition. A currently used policy cannot be deleted.

Endpoint documentation

client.ilm.deleteLifecycle({ policy })

Arguments

edit
  • Request (object):

    • policy (string): Identifier for the policy.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.
    • timeout (Optional, string | -1 | 0): Period to wait for a response. If no response is received before the timeout expires, the request fails and returns an error.

explain_lifecycle

edit

Retrieves information about the index’s current lifecycle state, such as the currently executing phase, action, and step.

Endpoint documentation

client.ilm.explainLifecycle({ index })

Arguments

edit
  • Request (object):

    • index (string): List of data streams, indices, and aliases to target. Supports wildcards (*). To target all data streams and indices, use * or _all.
    • only_errors (Optional, boolean): Filters the returned indices to only indices that are managed by ILM and are in an error state, either due to an encountering an error while executing the policy, or attempting to use a policy that does not exist.
    • only_managed (Optional, boolean): Filters the returned indices to only indices that are managed by ILM.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.
    • timeout (Optional, string | -1 | 0): Period to wait for a response. If no response is received before the timeout expires, the request fails and returns an error.

get_lifecycle

edit

Returns the specified policy definition. Includes the policy version and last modified date.

Endpoint documentation

client.ilm.getLifecycle({ ... })

Arguments

edit
  • Request (object):

    • policy (Optional, string): Identifier for the policy.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.
    • timeout (Optional, string | -1 | 0): Period to wait for a response. If no response is received before the timeout expires, the request fails and returns an error.

get_status

edit

Retrieves the current index lifecycle management (ILM) status.

Endpoint documentation

client.ilm.getStatus()

migrate_to_data_tiers

edit

Migrates the indices and ILM policies away from custom node attribute allocation routing to data tiers routing

Endpoint documentation

client.ilm.migrateToDataTiers({ ... })

Arguments

edit
  • Request (object):

    • legacy_template_to_delete (Optional, string)
    • node_attribute (Optional, string)
    • dry_run (Optional, boolean): If true, simulates the migration from node attributes based allocation filters to data tiers, but does not perform the migration. This provides a way to retrieve the indices and ILM policies that need to be migrated.

move_to_step

edit

Manually moves an index into the specified step and executes that step.

Endpoint documentation

client.ilm.moveToStep({ index })

Arguments

edit
  • Request (object):

    • index (string): The name of the index whose lifecycle step is to change
    • current_step (Optional, { action, name, phase })
    • next_step (Optional, { action, name, phase })

put_lifecycle

edit

Creates a lifecycle policy

Endpoint documentation

client.ilm.putLifecycle({ policy })

Arguments

edit
  • Request (object):

    • policy (string): Identifier for the policy.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.
    • timeout (Optional, string | -1 | 0): Period to wait for a response. If no response is received before the timeout expires, the request fails and returns an error.

remove_policy

edit

Removes the assigned lifecycle policy and stops managing the specified index

Endpoint documentation

client.ilm.removePolicy({ index })

Arguments

edit
  • Request (object):

    • index (string): The name of the index to remove policy on

retry

edit

Retries executing the policy for an index that is in the ERROR step.

Endpoint documentation

client.ilm.retry({ index })

Arguments

edit
  • Request (object):

    • index (string): The name of the indices (comma-separated) whose failed lifecycle step is to be retry

start

edit

Start the index lifecycle management (ILM) plugin.

Endpoint documentation

client.ilm.start({ ... })

Arguments

edit
  • Request (object):

    • master_timeout (Optional, string | -1 | 0)
    • timeout (Optional, string | -1 | 0)

stop

edit

Halts all lifecycle management operations and stops the index lifecycle management (ILM) plugin

Endpoint documentation

client.ilm.stop({ ... })

Arguments

edit
  • Request (object):

    • master_timeout (Optional, string | -1 | 0)
    • timeout (Optional, string | -1 | 0)

indices

edit

add_block

edit

Adds a block to an index.

Endpoint documentation

client.indices.addBlock({ index, block })

Arguments

edit
  • Request (object):

    • index (string): A comma separated list of indices to add a block to
    • block (Enum("metadata" | "read" | "read_only" | "write")): The block to add (one of read, write, read_only or metadata)
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • timeout (Optional, string | -1 | 0): Explicit operation timeout

analyze

edit

Performs the analysis process on a text and return the tokens breakdown of the text.

Endpoint documentation

client.indices.analyze({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string): The name of the index to scope the operation
    • analyzer (Optional, string)
    • attributes (Optional, string[])
    • char_filter (Optional, string | { type } | { type, mappings, mappings_path } | { type, flags, pattern, replacement } | { type, mode, name } | { type, normalize_kana, normalize_kanji }[])
    • explain (Optional, boolean)
    • field (Optional, string)
    • filter (Optional, string | { type, preserve_original } | { type, common_words, common_words_path, ignore_case, query_mode } | { type, filter, script } | { type, delimiter, encoding } | { type, max_gram, min_gram, side, preserve_original } | { type, articles, articles_path, articles_case } | { type, max_output_size, separator } | { type, dedup, dictionary, locale, longest_only } | { type } | { type, mode, types } | { type, keep_words, keep_words_case, keep_words_path } | { type, ignore_case, keywords, keywords_path, keywords_pattern } | { type } | { type, max, min } | { type, consume_all_tokens, max_token_count } | { type, language } | { type, filters, preserve_original } | { type, max_gram, min_gram, preserve_original } | { type, stoptags } | { type, patterns, preserve_original } | { type, all, flags, pattern, replacement } | { type } | { type, script } | { type } | { type } | { type, filler_token, max_shingle_size, min_shingle_size, output_unigrams, output_unigrams_if_no_shingles, token_separator } | { type, language } | { type, rules, rules_path } | { type, language } | { type, ignore_case, remove_trailing, stopwords, stopwords_path } | { type, expand, format, lenient, synonyms, synonyms_path, tokenizer, updateable } | { type, expand, format, lenient, synonyms, synonyms_path, tokenizer, updateable } | { type } | { type, length } | { type, only_on_same_position } | { type } | { type, adjust_offsets, catenate_all, catenate_numbers, catenate_words, generate_number_parts, generate_word_parts, ignore_keywords, preserve_original, protected_words, protected_words_path, split_on_case_change, split_on_numerics, stem_english_possessive, type_table, type_table_path } | { type, catenate_all, catenate_numbers, catenate_words, generate_number_parts, generate_word_parts, preserve_original, protected_words, protected_words_path, split_on_case_change, split_on_numerics, stem_english_possessive, type_table, type_table_path } | { type, minimum_length } | { type, use_romaji } | { type, stoptags } | { type, rule_files } | { type, alternate, caseFirst, caseLevel, country, decomposition, hiraganaQuaternaryMode, language, numeric, rules, strength, variableTop, variant } | { type, unicode_set_filter } | { type, name } | { type, dir, id } | { type, encoder, languageset, max_code_len, name_type, replace, rule_type } | { type }[])
    • normalizer (Optional, string)
    • text (Optional, string | string[])
    • tokenizer (Optional, string | { type, tokenize_on_chars, max_token_length } | { type, custom_token_chars, max_gram, min_gram, token_chars } | { type, buffer_size } | { type } | { type } | { type, custom_token_chars, max_gram, min_gram, token_chars } | { type, decompound_mode, discard_punctuation, user_dictionary, user_dictionary_rules } | { type, buffer_size, delimiter, replacement, reverse, skip } | { type, max_token_length } | { type, max_token_length } | { type, max_token_length } | { type, discard_punctuation, mode, nbest_cost, nbest_examples, user_dictionary, user_dictionary_rules, discard_compound_token } | { type, flags, group, pattern } | { type, rule_files })

clear_cache

edit

Clears all or specific caches for one or more indices.

Endpoint documentation

client.indices.clearCache({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): A list of index name to limit the operation
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • fielddata (Optional, boolean): Clear field data
    • fields (Optional, string | string[]): A list of fields to clear when using the fielddata parameter (default: all)
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • query (Optional, boolean): Clear query caches
    • request (Optional, boolean): Clear request cache

clone

edit

Clones an index

Endpoint documentation

client.indices.clone({ index, target })

Arguments

edit
  • Request (object):

    • index (string): The name of the source index to clone
    • target (string): The name of the target index to clone into
    • aliases (Optional, Record<string, { filter, index_routing, is_hidden, is_write_index, routing, search_routing }>)
    • settings (Optional, Record<string, User-defined value>)
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • timeout (Optional, string | -1 | 0): Explicit operation timeout
    • wait_for_active_shards (Optional, number | Enum("all" | "index-setting")): Set the number of active shards to wait for on the cloned index before the operation returns.

close

edit

Closes an index.

Endpoint documentation

client.indices.close({ index })

Arguments

edit
  • Request (object):

    • index (string | string[]): A comma separated list of indices to close
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • timeout (Optional, string | -1 | 0): Explicit operation timeout
    • wait_for_active_shards (Optional, number | Enum("all" | "index-setting")): Sets the number of active shards to wait for before the operation returns.

create

edit

Creates an index with optional settings and mappings.

Endpoint documentation

client.indices.create({ index })

Arguments

edit
  • Request (object):

    • index (string): The name of the index
    • aliases (Optional, Record<string, { filter, index_routing, is_hidden, is_write_index, routing, search_routing }>)
    • mappings (Optional, { all_field, date_detection, dynamic, dynamic_date_formats, dynamic_templates, _field_names, index_field, _meta, numeric_detection, properties, _routing, _size, _source, runtime, enabled, _data_stream_timestamp }): Mapping for fields in the index. If specified, this mapping can include:

      • Field names
      • Field data types
      • Mapping parameters
    • settings (Optional, { index, mode, routing_path, soft_deletes, sort, number_of_shards, number_of_replicas, number_of_routing_shards, check_on_startup, codec, routing_partition_size, load_fixed_bitset_filters_eagerly, hidden, auto_expand_replicas, merge, search, refresh_interval, max_result_window, max_inner_result_window, max_rescore_window, max_docvalue_fields_search, max_script_fields, max_ngram_diff, max_shingle_diff, blocks, max_refresh_listeners, analyze, highlight, max_terms_count, max_regex_length, routing, gc_deletes, default_pipeline, final_pipeline, lifecycle, provided_name, creation_date, creation_date_string, uuid, version, verified_before_close, format, max_slices_per_scroll, translog, query_string, priority, top_metrics_max_size, analysis, settings, time_series, shards, queries, similarity, mapping, indexing.slowlog, indexing_pressure, store })
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • timeout (Optional, string | -1 | 0): Explicit operation timeout
    • wait_for_active_shards (Optional, number | Enum("all" | "index-setting")): Set the number of active shards to wait for before the operation returns.

create_data_stream

edit

Creates a data stream

Endpoint documentation

client.indices.createDataStream({ name })

Arguments

edit
  • Request (object):

    • name (string): The name of the data stream

data_streams_stats

edit

Provides statistics on operations happening in a data stream.

Endpoint documentation

client.indices.dataStreamsStats({ ... })

Arguments

edit
  • Request (object):

    • name (Optional, string): A list of data stream names; use _all or empty string to perform the operation on all data streams
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[])

delete

edit

Deletes an index.

Endpoint documentation

client.indices.delete({ index })

Arguments

edit
  • Request (object):

    • index (string | string[]): A list of indices to delete; use _all or * string to delete all indices
    • allow_no_indices (Optional, boolean): Ignore if a wildcard expression resolves to no concrete indices (default: false)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether wildcard expressions should get expanded to open, closed, or hidden indices
    • ignore_unavailable (Optional, boolean): Ignore unavailable indexes (default: false)
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • timeout (Optional, string | -1 | 0): Explicit operation timeout

delete_alias

edit

Deletes an alias.

Endpoint documentation

client.indices.deleteAlias({ index, name })

Arguments

edit
  • Request (object):

    • index (string | string[]): A list of index names (supports wildcards); use _all for all indices
    • name (string | string[]): A list of aliases to delete (supports wildcards); use _all to delete all aliases for the specified indices.
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • timeout (Optional, string | -1 | 0): Explicit timestamp for the document

delete_data_lifecycle

edit

Deletes the data lifecycle of the selected data streams.

Endpoint documentation

client.indices.deleteDataLifecycle({ name })

Arguments

edit
  • Request (object):

    • name (string | string[]): A list of data streams of which the data lifecycle will be deleted; use * to get all data streams
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether wildcard expressions should get expanded to open or closed indices (default: open)
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • timeout (Optional, string | -1 | 0): Explicit timestamp for the document

delete_data_stream

edit

Deletes a data stream.

Endpoint documentation

client.indices.deleteDataStream({ name })

Arguments

edit
  • Request (object):

    • name (string | string[]): A list of data streams to delete; use * to delete all data streams
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether wildcard expressions should get expanded to open or closed indices (default: open)

delete_index_template

edit

Deletes an index template.

Endpoint documentation

client.indices.deleteIndexTemplate({ name })

Arguments

edit
  • Request (object):

    • name (string | string[]): List of index template names used to limit the request. Wildcard (*) expressions are supported.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.
    • timeout (Optional, string | -1 | 0): Period to wait for a response. If no response is received before the timeout expires, the request fails and returns an error.

delete_template

edit

Deletes an index template.

Endpoint documentation

client.indices.deleteTemplate({ name })

Arguments

edit
  • Request (object):

    • name (string): The name of the template
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • timeout (Optional, string | -1 | 0): Explicit operation timeout

disk_usage

edit

Analyzes the disk usage of each field of an index or data stream

Endpoint documentation

client.indices.diskUsage({ index })

Arguments

edit
  • Request (object):

    • index (string | string[]): List of data streams, indices, and aliases used to limit the request. It’s recommended to execute this API with a single index (or the latest backing index of a data stream) as the API consumes resources significantly.
    • allow_no_indices (Optional, boolean): If false, the request returns an error if any wildcard expression, index alias, or _all value targets only missing or closed indices. This behavior applies even if the request targets other open indices. For example, a request targeting foo*,bar* returns an error if an index starts with foo but no index starts with bar.
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Type of index that wildcard patterns can match. If the request can target data streams, this argument determines whether wildcard expressions match hidden data streams. Supports a list of values, such as open,hidden.
    • flush (Optional, boolean): If true, the API performs a flush before analysis. If false, the response may not include uncommitted data.
    • ignore_unavailable (Optional, boolean): If true, missing or closed indices are not included in the response.
    • run_expensive_tasks (Optional, boolean): Analyzing field disk usage is resource-intensive. To use the API, this parameter must be set to true.

downsample

edit

Downsample an index

Endpoint documentation

client.indices.downsample({ index, target_index })

Arguments

edit
  • Request (object):

    • index (string): The index to downsample
    • target_index (string): The name of the target index to store downsampled data
    • config (Optional, { fixed_interval })

exists

edit

Returns information about whether a particular index exists.

Endpoint documentation

client.indices.exists({ index })

Arguments

edit
  • Request (object):

    • index (string | string[]): A list of index names
    • allow_no_indices (Optional, boolean): Ignore if a wildcard expression resolves to no concrete indices (default: false)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether wildcard expressions should get expanded to open or closed indices (default: open)
    • flat_settings (Optional, boolean): Return settings in flat format (default: false)
    • ignore_unavailable (Optional, boolean): Ignore unavailable indexes (default: false)
    • include_defaults (Optional, boolean): Whether to return all default setting for each of the indices.
    • local (Optional, boolean): Return local information, do not retrieve the state from master node (default: false)

exists_alias

edit

Returns information about whether a particular alias exists.

Endpoint documentation

client.indices.existsAlias({ name })

Arguments

edit
  • Request (object):

    • name (string | string[]): A list of alias names to return
    • index (Optional, string | string[]): A list of index names to filter aliases
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • local (Optional, boolean): Return local information, do not retrieve the state from master node (default: false)

exists_index_template

edit

Returns information about whether a particular index template exists.

Endpoint documentation

client.indices.existsIndexTemplate({ name })

Arguments

edit
  • Request (object):

    • name (string): List of index template names used to limit the request. Wildcard (*) expressions are supported.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.

exists_template

edit

Returns information about whether a particular index template exists.

Endpoint documentation

client.indices.existsTemplate({ name })

Arguments

edit
  • Request (object):

    • name (string | string[]): The comma separated names of the index templates
    • flat_settings (Optional, boolean): Return settings in flat format (default: false)
    • local (Optional, boolean): Return local information, do not retrieve the state from master node (default: false)
    • master_timeout (Optional, string | -1 | 0): Explicit operation timeout for connection to master node

explain_data_lifecycle

edit

Retrieves information about the index’s current DLM lifecycle, such as any potential encountered error, time since creation etc.

Endpoint documentation

client.indices.explainDataLifecycle({ index })

Arguments

edit
  • Request (object):

    • index (string | string[]): The name of the index to explain
    • include_defaults (Optional, boolean): indicates if the API should return the default values the system uses for the index’s lifecycle
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master

field_usage_stats

edit

Returns the field usage stats for each field of an index

Endpoint documentation

client.indices.fieldUsageStats({ index })

Arguments

edit
  • Request (object):

    • index (string | string[]): List or wildcard expression of index names used to limit the request.
    • allow_no_indices (Optional, boolean): If false, the request returns an error if any wildcard expression, index alias, or _all value targets only missing or closed indices. This behavior applies even if the request targets other open indices. For example, a request targeting foo*,bar* returns an error if an index starts with foo but no index starts with bar.
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Type of index that wildcard patterns can match. If the request can target data streams, this argument determines whether wildcard expressions match hidden data streams. Supports a list of values, such as open,hidden.
    • ignore_unavailable (Optional, boolean): If true, missing or closed indices are not included in the response.
    • fields (Optional, string | string[]): List or wildcard expressions of fields to include in the statistics.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.
    • timeout (Optional, string | -1 | 0): Period to wait for a response. If no response is received before the timeout expires, the request fails and returns an error.
    • wait_for_active_shards (Optional, number | Enum("all" | "index-setting")): The number of shard copies that must be active before proceeding with the operation. Set to all or any positive integer up to the total number of shards in the index (number_of_replicas+1).

flush

edit

Performs the flush operation on one or more indices.

Endpoint documentation

client.indices.flush({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): A list of index names; use _all or empty string for all indices
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • force (Optional, boolean): Whether a flush should be forced even if it is not necessarily needed ie. if no changes will be committed to the index. This is useful if transaction log IDs should be incremented even if no uncommitted changes are present. (This setting can be considered as internal)
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • wait_if_ongoing (Optional, boolean): If set to true the flush operation will block until the flush can be executed if another flush operation is already executing. The default is true. If set to false the flush will be skipped iff if another flush operation is already running.

forcemerge

edit

Performs the force merge operation on one or more indices.

Endpoint documentation

client.indices.forcemerge({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): A list of index names; use _all or empty string to perform the operation on all indices
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • flush (Optional, boolean): Specify whether the index should be flushed after performing the operation (default: true)
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • max_num_segments (Optional, number): The number of segments the index should be merged into (default: dynamic)
    • only_expunge_deletes (Optional, boolean): Specify whether the operation should only expunge deleted documents
    • wait_for_completion (Optional, boolean): Should the request wait until the force merge is completed.

get

edit

Returns information about one or more indices.

Endpoint documentation

client.indices.get({ index })

Arguments

edit
  • Request (object):

    • index (string | string[]): List of data streams, indices, and index aliases used to limit the request. Wildcard expressions (*) are supported.
    • allow_no_indices (Optional, boolean): If false, the request returns an error if any wildcard expression, index alias, or _all value targets only missing or closed indices. This behavior applies even if the request targets other open indices. For example, a request targeting foo*,bar* returns an error if an index starts with foo but no index starts with bar.
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Type of index that wildcard expressions can match. If the request can target data streams, this argument determines whether wildcard expressions match hidden data streams. Supports a list of values, such as open,hidden.
    • flat_settings (Optional, boolean): If true, returns settings in flat format.
    • ignore_unavailable (Optional, boolean): If false, requests that target a missing index return an error.
    • include_defaults (Optional, boolean): If true, return all default settings in the response.
    • local (Optional, boolean): If true, the request retrieves information from the local node only. Defaults to false, which means information is retrieved from the master node.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.
    • features (Optional, { name, description } | { name, description }[]): Return only information on specified index features

get_alias

edit

Returns an alias.

Endpoint documentation

client.indices.getAlias({ ... })

Arguments

edit
  • Request (object):

    • name (Optional, string | string[]): A list of alias names to return
    • index (Optional, string | string[]): A list of index names to filter aliases
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • local (Optional, boolean): Return local information, do not retrieve the state from master node (default: false)

get_data_lifecycle

edit

Returns the data lifecycle of the selected data streams.

Endpoint documentation

client.indices.getDataLifecycle({ name })

Arguments

edit
  • Request (object):

    • name (string | string[]): A list of data streams to get; use * to get all data streams
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether wildcard expressions should get expanded to open or closed indices (default: open)
    • include_defaults (Optional, boolean): Return all relevant default configurations for the data stream (default: false)

get_data_stream

edit

Returns data streams.

Endpoint documentation

client.indices.getDataStream({ ... })

Arguments

edit
  • Request (object):

    • name (Optional, string | string[]): A list of data streams to get; use * to get all data streams
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether wildcard expressions should get expanded to open or closed indices (default: open)
    • include_defaults (Optional, boolean): If true, returns all relevant default configurations for the index template.

get_field_mapping

edit

Returns mapping for one or more fields.

Endpoint documentation

client.indices.getFieldMapping({ fields })

Arguments

edit
  • Request (object):

    • fields (string | string[]): A list of fields
    • index (Optional, string | string[]): A list of index names
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • include_defaults (Optional, boolean): Whether the default mapping values should be returned as well
    • local (Optional, boolean): Return local information, do not retrieve the state from master node (default: false)

get_index_template

edit

Returns an index template.

Endpoint documentation

client.indices.getIndexTemplate({ ... })

Arguments

edit
  • Request (object):

    • name (Optional, string): List of index template names used to limit the request. Wildcard (*) expressions are supported.
    • local (Optional, boolean): If true, the request retrieves information from the local node only. Defaults to false, which means information is retrieved from the master node.
    • flat_settings (Optional, boolean): If true, returns settings in flat format.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.
    • include_defaults (Optional, boolean): If true, returns all relevant default configurations for the index template.

get_mapping

edit

Returns mappings for one or more indices.

Endpoint documentation

client.indices.getMapping({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): A list of index names
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • local (Optional, boolean): Return local information, do not retrieve the state from master node (default: false)
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master

get_settings

edit

Returns settings for one or more indices.

Endpoint documentation

client.indices.getSettings({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): A list of index names; use _all or empty string to perform the operation on all indices
    • name (Optional, string | string[]): The name of the settings that should be included
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • flat_settings (Optional, boolean): Return settings in flat format (default: false)
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • include_defaults (Optional, boolean): Whether to return all default setting for each of the indices.
    • local (Optional, boolean): Return local information, do not retrieve the state from master node (default: false)
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master

get_template

edit

Returns an index template.

Endpoint documentation

client.indices.getTemplate({ ... })

Arguments

edit
  • Request (object):

    • name (Optional, string | string[]): The comma separated names of the index templates
    • flat_settings (Optional, boolean): Return settings in flat format (default: false)
    • local (Optional, boolean): Return local information, do not retrieve the state from master node (default: false)
    • master_timeout (Optional, string | -1 | 0): Explicit operation timeout for connection to master node

migrate_to_data_stream

edit

Migrates an alias to a data stream

Endpoint documentation

client.indices.migrateToDataStream({ name })

Arguments

edit
  • Request (object):

    • name (string): The name of the alias to migrate

modify_data_stream

edit

Modifies a data stream

Endpoint documentation

client.indices.modifyDataStream({ actions })

Arguments

edit
  • Request (object):

    • actions ({ add_backing_index, remove_backing_index }[]): Actions to perform.

open

edit

Opens an index.

Endpoint documentation

client.indices.open({ index })

Arguments

edit
  • Request (object):

    • index (string | string[]): A comma separated list of indices to open
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • timeout (Optional, string | -1 | 0): Explicit operation timeout
    • wait_for_active_shards (Optional, number | Enum("all" | "index-setting")): Sets the number of active shards to wait for before the operation returns.

promote_data_stream

edit

Promotes a data stream from a replicated data stream managed by CCR to a regular data stream

Endpoint documentation

client.indices.promoteDataStream({ name })

Arguments

edit
  • Request (object):

    • name (string): The name of the data stream

put_alias

edit

Creates or updates an alias.

Endpoint documentation

client.indices.putAlias({ index, name })

Arguments

edit
  • Request (object):

    • index (string | string[]): A list of index names the alias should point to (supports wildcards); use _all to perform the operation on all indices.
    • name (string): The name of the alias to be created or updated
    • filter (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type })
    • index_routing (Optional, string)
    • is_write_index (Optional, boolean)
    • routing (Optional, string)
    • search_routing (Optional, string)
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • timeout (Optional, string | -1 | 0): Explicit timestamp for the document

put_data_lifecycle

edit

Updates the data lifecycle of the selected data streams.

Endpoint documentation

client.indices.putDataLifecycle({ name })

Arguments

edit
  • Request (object):

    • name (string | string[]): A list of data streams whose lifecycle will be updated; use * to set the lifecycle to all data streams
    • data_retention (Optional, string | -1 | 0)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether wildcard expressions should get expanded to open or closed indices (default: open)
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • timeout (Optional, string | -1 | 0): Explicit timestamp for the document

put_index_template

edit

Creates or updates an index template.

Endpoint documentation

client.indices.putIndexTemplate({ name })

Arguments

edit
  • Request (object):

    • name (string): Index or template name
    • index_patterns (Optional, string | string[])
    • composed_of (Optional, string[])
    • template (Optional, { aliases, mappings, settings, lifecycle })
    • data_stream (Optional, { hidden })
    • priority (Optional, number)
    • version (Optional, number)
    • _meta (Optional, Record<string, User-defined value>)
    • create (Optional, boolean): Whether the index template should only be added if new or can also replace an existing one

put_mapping

edit

Updates the index mappings.

Endpoint documentation

client.indices.putMapping({ index })

Arguments

edit
  • Request (object):

    • index (string | string[]): A list of index names the mapping should be added to (supports wildcards); use _all or omit to add the mapping on all indices.
    • date_detection (Optional, boolean): Controls whether dynamic date detection is enabled.
    • dynamic (Optional, Enum("strict" | "runtime" | true | false)): Controls whether new fields are added dynamically.
    • dynamic_date_formats (Optional, string[]): If date detection is enabled then new string fields are checked against dynamic_date_formats and if the value matches then a new date field is added instead of string.
    • dynamic_templates (Optional, Record<string, { mapping, match, match_mapping_type, match_pattern, path_match, path_unmatch, unmatch }> | Record<string, { mapping, match, match_mapping_type, match_pattern, path_match, path_unmatch, unmatch }>[]): Specify dynamic templates for the mapping.
    • _field_names (Optional, { enabled }): Control whether field names are enabled for the index.
    • _meta (Optional, Record<string, User-defined value>): A mapping type can have custom meta data associated with it. These are not used at all by Elasticsearch, but can be used to store application-specific metadata.
    • numeric_detection (Optional, boolean): Automatically map strings into numeric data types for all fields.
    • properties (Optional, Record<string, { type } | { boost, fielddata, index, null_value, type } | { type, enabled, null_value, boost, coerce, script, on_script_error, ignore_malformed, time_series_metric, analyzer, eager_global_ordinals, index, index_options, index_phrases, index_prefixes, norms, position_increment_gap, search_analyzer, search_quote_analyzer, term_vector, format, precision_step, locale } | { relations, eager_global_ordinals, type } | { boost, eager_global_ordinals, index, index_options, normalizer, norms, null_value, split_queries_on_whitespace, time_series_dimension, type } | { type, fields, meta, copy_to } | { type } | { positive_score_impact, type } | { type } | { analyzer, index, index_options, max_shingle_size, norms, search_analyzer, search_quote_analyzer, term_vector, type } | { analyzer, boost, eager_global_ordinals, fielddata, fielddata_frequency_filter, index, index_options, index_phrases, index_prefixes, norms, position_increment_gap, search_analyzer, search_quote_analyzer, term_vector, type } | { type } | { type, null_value } | { boost, format, ignore_malformed, index, null_value, precision_step, type } | { boost, fielddata, format, ignore_malformed, index, null_value, precision_step, locale, type } | { type, default_metric, metrics, time_series_metric } | { type, dims, similarity, index, index_options } | { boost, depth_limit, doc_values, eager_global_ordinals, index, index_options, null_value, similarity, split_queries_on_whitespace, type } | { enabled, include_in_parent, include_in_root, type } | { enabled, type } | { analyzer, contexts, max_input_length, preserve_position_increments, preserve_separators, search_analyzer, type } | { value, type } | { path, type } | { ignore_malformed, type } | { boost, index, ignore_malformed, null_value, on_script_error, script, time_series_dimension, type } | { type } | { analyzer, boost, index, null_value, enable_position_increments, type } | { ignore_malformed, ignore_z_value, null_value, type } | { coerce, ignore_malformed, ignore_z_value, orientation, strategy, type } | { ignore_malformed, ignore_z_value, null_value, type } | { coerce, ignore_malformed, ignore_z_value, orientation, type } | { type, null_value } | { type, null_value } | { type, null_value } | { type, null_value } | { type, null_value } | { type, null_value } | { type, null_value, scaling_factor } | { type, null_value } | { type, null_value } | { format, type } | { type } | { type } | { type } | { type } | { type }>): Mapping for a field. For new fields, this mapping can include:

      • Field name
      • Field data type
      • Mapping parameters
    • _routing (Optional, { required }): Enable making a routing value required on indexed documents.
    • _source (Optional, { compress, compress_threshold, enabled, excludes, includes, mode }): Control whether the _source field is enabled on the index.
    • runtime (Optional, Record<string, { fetch_fields, format, input_field, target_field, target_index, script, type }>): Mapping of runtime fields for the index.
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • timeout (Optional, string | -1 | 0): Explicit operation timeout
    • write_index_only (Optional, boolean): When true, applies mappings only to the write index of an alias or data stream

put_settings

edit

Updates the index settings.

Endpoint documentation

client.indices.putSettings({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): A list of index names; use _all or empty string to perform the operation on all indices
    • settings (Optional, { index, mode, routing_path, soft_deletes, sort, number_of_shards, number_of_replicas, number_of_routing_shards, check_on_startup, codec, routing_partition_size, load_fixed_bitset_filters_eagerly, hidden, auto_expand_replicas, merge, search, refresh_interval, max_result_window, max_inner_result_window, max_rescore_window, max_docvalue_fields_search, max_script_fields, max_ngram_diff, max_shingle_diff, blocks, max_refresh_listeners, analyze, highlight, max_terms_count, max_regex_length, routing, gc_deletes, default_pipeline, final_pipeline, lifecycle, provided_name, creation_date, creation_date_string, uuid, version, verified_before_close, format, max_slices_per_scroll, translog, query_string, priority, top_metrics_max_size, analysis, settings, time_series, shards, queries, similarity, mapping, indexing.slowlog, indexing_pressure, store })
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • flat_settings (Optional, boolean): Return settings in flat format (default: false)
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • preserve_existing (Optional, boolean): Whether to update existing settings. If set to true existing settings on an index remain unchanged, the default is false
    • timeout (Optional, string | -1 | 0): Explicit operation timeout

put_template

edit

Creates or updates an index template.

Endpoint documentation

client.indices.putTemplate({ name })

Arguments

edit
  • Request (object):

    • name (string): The name of the template
    • aliases (Optional, Record<string, { filter, index_routing, is_hidden, is_write_index, routing, search_routing }>): Aliases for the index.
    • index_patterns (Optional, string | string[]): Array of wildcard expressions used to match the names of indices during creation.
    • mappings (Optional, { all_field, date_detection, dynamic, dynamic_date_formats, dynamic_templates, _field_names, index_field, _meta, numeric_detection, properties, _routing, _size, _source, runtime, enabled, _data_stream_timestamp }): Mapping for fields in the index.
    • order (Optional, number): Order in which Elasticsearch applies this template if index matches multiple templates.

Templates with lower order values are merged first. Templates with higher order values are merged later, overriding templates with lower values. settings (Optional, Record<string, User-defined value>): Configuration options for the index. version (Optional, number): Version number used to manage index templates externally. This number is not automatically generated by Elasticsearch. create (Optional, boolean): If true, this request cannot replace or update existing index templates. flat_settings (Optional, boolean) master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error. timeout (Optional, string | -1 | 0)

recovery

edit

Returns information about ongoing index shard recoveries.

Endpoint documentation

client.indices.recovery({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): A list of index names; use _all or empty string to perform the operation on all indices
    • active_only (Optional, boolean): Display only those recoveries that are currently on-going
    • detailed (Optional, boolean): Whether to display detailed information about shard recovery

refresh

edit

Performs the refresh operation in one or more indices.

Endpoint documentation

client.indices.refresh({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): A list of index names; use _all or empty string to perform the operation on all indices
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)

reload_search_analyzers

edit

Reloads an index’s search analyzers and their resources.

Endpoint documentation

client.indices.reloadSearchAnalyzers({ index })

Arguments

edit
  • Request (object):

    • index (string | string[]): A list of index names to reload analyzers for
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)

resolve_index

edit

Returns information about any matching indices, aliases, and data streams

Endpoint documentation

client.indices.resolveIndex({ name })

Arguments

edit
  • Request (object):

    • name (string | string[]): A list of names or wildcard expressions
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether wildcard expressions should get expanded to open or closed indices (default: open)

rollover

edit

Updates an alias to point to a new index when the existing index is considered to be too large or too old.

Endpoint documentation

client.indices.rollover({ alias })

Arguments

edit
  • Request (object):

    • alias (string): The name of the alias to rollover
    • new_index (Optional, string): The name of the rollover index
    • aliases (Optional, Record<string, { filter, index_routing, is_hidden, is_write_index, routing, search_routing }>)
    • conditions (Optional, { min_age, max_age, max_age_millis, min_docs, max_docs, max_size, max_size_bytes, min_size, min_size_bytes, max_primary_shard_size, max_primary_shard_size_bytes, min_primary_shard_size, min_primary_shard_size_bytes, max_primary_shard_docs, min_primary_shard_docs })
    • mappings (Optional, { all_field, date_detection, dynamic, dynamic_date_formats, dynamic_templates, _field_names, index_field, _meta, numeric_detection, properties, _routing, _size, _source, runtime, enabled, _data_stream_timestamp })
    • settings (Optional, Record<string, User-defined value>)
    • dry_run (Optional, boolean): If set to true the rollover action will only be validated but not actually performed even if a condition matches. The default is false
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • timeout (Optional, string | -1 | 0): Explicit operation timeout
    • wait_for_active_shards (Optional, number | Enum("all" | "index-setting")): Set the number of active shards to wait for on the newly created rollover index before the operation returns.

segments

edit

Provides low-level information about segments in a Lucene index.

Endpoint documentation

client.indices.segments({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): A list of index names; use _all or empty string to perform the operation on all indices
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • verbose (Optional, boolean): Includes detailed memory usage by Lucene.

shard_stores

edit

Provides store information for shard copies of indices.

Endpoint documentation

client.indices.shardStores({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): List of data streams, indices, and aliases used to limit the request.
    • allow_no_indices (Optional, boolean): If false, the request returns an error if any wildcard expression, index alias, or _all value targets only missing or closed indices. This behavior applies even if the request targets other open indices.
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Type of index that wildcard patterns can match. If the request can target data streams, this argument determines whether wildcard expressions match hidden data streams.
    • ignore_unavailable (Optional, boolean): If true, missing or closed indices are not included in the response.
    • status (Optional, Enum("green" | "yellow" | "red" | "all") | Enum("green" | "yellow" | "red" | "all")[]): List of shard health statuses used to limit the request.

shrink

edit

Allow to shrink an existing index into a new index with fewer primary shards.

Endpoint documentation

client.indices.shrink({ index, target })

Arguments

edit
  • Request (object):

    • index (string): The name of the source index to shrink
    • target (string): The name of the target index to shrink into
    • aliases (Optional, Record<string, { filter, index_routing, is_hidden, is_write_index, routing, search_routing }>)
    • settings (Optional, Record<string, User-defined value>)
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • timeout (Optional, string | -1 | 0): Explicit operation timeout
    • wait_for_active_shards (Optional, number | Enum("all" | "index-setting")): Set the number of active shards to wait for on the shrunken index before the operation returns.

simulate_index_template

edit

Simulate matching the given index name against the index templates in the system

Endpoint documentation

client.indices.simulateIndexTemplate({ name })

Arguments

edit
  • Request (object):

    • name (string): Index or template name to simulate
    • allow_auto_create (Optional, boolean)
    • index_patterns (Optional, string | string[])
    • composed_of (Optional, string[])
    • template (Optional, { aliases, mappings, settings, lifecycle })
    • data_stream (Optional, { hidden })
    • priority (Optional, number)
    • version (Optional, number)
    • _meta (Optional, Record<string, User-defined value>)
    • create (Optional, boolean): If true, the template passed in the body is only used if no existing templates match the same index patterns. If false, the simulation uses the template with the highest priority. Note that the template is not permanently added or updated in either case; it is only used for the simulation.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.
    • include_defaults (Optional, boolean): If true, returns all relevant default configurations for the index template.

simulate_template

edit

Simulate resolving the given template name or body

Endpoint documentation

client.indices.simulateTemplate({ ... })

Arguments

edit
  • Request (object):

    • name (Optional, string): Name of the index template to simulate. To test a template configuration before you add it to the cluster, omit this parameter and specify the template configuration in the request body.
    • template (Optional, { index_patterns, composed_of, template, version, priority, _meta, allow_auto_create, data_stream })
    • create (Optional, boolean): If true, the template passed in the body is only used if no existing templates match the same index patterns. If false, the simulation uses the template with the highest priority. Note that the template is not permanently added or updated in either case; it is only used for the simulation.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.
    • include_defaults (Optional, boolean): If true, returns all relevant default configurations for the index template.

split

edit

Allows you to split an existing index into a new index with more primary shards.

Endpoint documentation

client.indices.split({ index, target })

Arguments

edit
  • Request (object):

    • index (string): The name of the source index to split
    • target (string): The name of the target index to split into
    • aliases (Optional, Record<string, { filter, index_routing, is_hidden, is_write_index, routing, search_routing }>)
    • settings (Optional, Record<string, User-defined value>)
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • timeout (Optional, string | -1 | 0): Explicit operation timeout
    • wait_for_active_shards (Optional, number | Enum("all" | "index-setting")): Set the number of active shards to wait for on the shrunken index before the operation returns.

stats

edit

Provides statistics on operations happening in an index.

Endpoint documentation

client.indices.stats({ ... })

Arguments

edit
  • Request (object):

    • metric (Optional, string | string[]): Limit the information returned the specific metrics.
    • index (Optional, string | string[]): A list of index names; use _all or empty string to perform the operation on all indices
    • completion_fields (Optional, string | string[]): List or wildcard expressions of fields to include in fielddata and suggest statistics.
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Type of index that wildcard patterns can match. If the request can target data streams, this argument determines whether wildcard expressions match hidden data streams. Supports a list of values, such as open,hidden.
    • fielddata_fields (Optional, string | string[]): List or wildcard expressions of fields to include in fielddata statistics.
    • fields (Optional, string | string[]): List or wildcard expressions of fields to include in the statistics.
    • forbid_closed_indices (Optional, boolean): If true, statistics are not collected from closed indices.
    • groups (Optional, string | string[]): List of search groups to include in the search statistics.
    • include_segment_file_sizes (Optional, boolean): If true, the call reports the aggregated disk usage of each one of the Lucene index files (only applies if segment stats are requested).
    • include_unloaded_segments (Optional, boolean): If true, the response includes information from segments that are not loaded into memory.
    • level (Optional, Enum("cluster" | "indices" | "shards")): Indicates whether statistics are aggregated at the cluster, index, or shard level.

unfreeze

edit

Unfreezes an index. When a frozen index is unfrozen, the index goes through the normal recovery process and becomes writeable again.

Endpoint documentation

client.indices.unfreeze({ index })

Arguments

edit
  • Request (object):

    • index (string): The name of the index to unfreeze
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • timeout (Optional, string | -1 | 0): Explicit operation timeout
    • wait_for_active_shards (Optional, string): Sets the number of active shards to wait for before the operation returns.

update_aliases

edit

Updates index aliases.

Endpoint documentation

client.indices.updateAliases({ ... })

Arguments

edit
  • Request (object):

    • actions (Optional, { add_backing_index, remove_backing_index }[])
    • master_timeout (Optional, string | -1 | 0): Specify timeout for connection to master
    • timeout (Optional, string | -1 | 0): Request timeout

validate_query

edit

Allows a user to validate a potentially expensive query without executing it.

Endpoint documentation

client.indices.validateQuery({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): A list of index names to restrict the operation; use _all or empty string to perform the operation on all indices
    • query (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type })
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • all_shards (Optional, boolean): Execute validation on all shards instead of one random shard per index
    • analyzer (Optional, string): The analyzer to use for the query string
    • analyze_wildcard (Optional, boolean): Specify whether wildcard and prefix queries should be analyzed (default: false)
    • default_operator (Optional, Enum("and" | "or")): The default operator for query string query (AND or OR)
    • df (Optional, string): The field to use as default where no field prefix is given in the query string
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • explain (Optional, boolean): Return detailed information about the error
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • lenient (Optional, boolean): Specify whether format-based query failures (such as providing text to a numeric field) should be ignored
    • rewrite (Optional, boolean): Provide a more detailed explanation showing the actual Lucene query that will be executed.
    • q (Optional, string): Query in the Lucene query string syntax

ingest

edit

delete_pipeline

edit

Deletes a pipeline.

Endpoint documentation

client.ingest.deletePipeline({ id })

Arguments

edit
  • Request (object):

    • id (string): Pipeline ID
    • master_timeout (Optional, string | -1 | 0): Explicit operation timeout for connection to master node
    • timeout (Optional, string | -1 | 0): Explicit operation timeout

geo_ip_stats

edit

Returns statistical information about geoip databases

Endpoint documentation

client.ingest.geoIpStats()

get_pipeline

edit

Returns a pipeline.

Endpoint documentation

client.ingest.getPipeline({ ... })

Arguments

edit
  • Request (object):

    • id (Optional, string): Comma separated list of pipeline ids. Wildcards supported
    • master_timeout (Optional, string | -1 | 0): Explicit operation timeout for connection to master node
    • summary (Optional, boolean): Return pipelines without their definitions (default: false)

processor_grok

edit

Returns a list of the built-in patterns.

Endpoint documentation

client.ingest.processorGrok()

put_pipeline

edit

Creates or updates a pipeline.

Endpoint documentation

client.ingest.putPipeline({ id })

Arguments

edit
  • Request (object):

    • id (string): ID of the ingest pipeline to create or update.
    • _meta (Optional, Record<string, User-defined value>): Optional metadata about the ingest pipeline. May have any contents. This map is not automatically generated by Elasticsearch.
    • description (Optional, string): Description of the ingest pipeline.
    • on_failure (Optional, { attachment, append, csv, convert, date, date_index_name, dot_expander, enrich, fail, foreach, json, user_agent, kv, geoip, grok, gsub, join, lowercase, remove, rename, script, set, sort, split, trim, uppercase, urldecode, bytes, dissect, set_security_user, pipeline, drop, circle, inference }[]): Processors to run immediately after a processor failure. Each processor supports a processor-level on_failure value. If a processor without an on_failure value fails, Elasticsearch uses this pipeline-level parameter as a fallback. The processors in this parameter run sequentially in the order specified. Elasticsearch will not attempt to run the pipeline’s remaining processors.
    • processors (Optional, { attachment, append, csv, convert, date, date_index_name, dot_expander, enrich, fail, foreach, json, user_agent, kv, geoip, grok, gsub, join, lowercase, remove, rename, script, set, sort, split, trim, uppercase, urldecode, bytes, dissect, set_security_user, pipeline, drop, circle, inference }[]): Processors used to perform transformations on documents before indexing. Processors run sequentially in the order specified.
    • version (Optional, number): Version number used by external systems to track ingest pipelines. This parameter is intended for external systems only. Elasticsearch does not use or validate pipeline version numbers.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.
    • timeout (Optional, string | -1 | 0): Period to wait for a response. If no response is received before the timeout expires, the request fails and returns an error.
    • if_version (Optional, number): Required version for optimistic concurrency control for pipeline updates

simulate

edit

Allows to simulate a pipeline with example documents.

Endpoint documentation

client.ingest.simulate({ ... })

Arguments

edit
  • Request (object):

    • id (Optional, string): Pipeline ID
    • docs (Optional, { _id, _index, _source }[])
    • pipeline (Optional, { description, on_failure, processors, version })
    • verbose (Optional, boolean): Verbose mode. Display data output for each processor in executed pipeline

license

edit

delete

edit

Deletes licensing information for the cluster

Endpoint documentation

client.license.delete()

get

edit

Retrieves licensing information for the cluster

Endpoint documentation

client.license.get({ ... })

Arguments

edit
  • Request (object):

    • accept_enterprise (Optional, boolean): If true, this parameter returns enterprise for Enterprise license types. If false, this parameter returns platinum for both platinum and enterprise license types. This behavior is maintained for backwards compatibility. This parameter is deprecated and will always be set to true in 8.x.
    • local (Optional, boolean): Specifies whether to retrieve local information. The default value is false, which means the information is retrieved from the master node.

get_basic_status

edit

Retrieves information about the status of the basic license.

Endpoint documentation

client.license.getBasicStatus()

get_trial_status

edit

Retrieves information about the status of the trial license.

Endpoint documentation

client.license.getTrialStatus()

post

edit

Updates the license for the cluster.

Endpoint documentation

client.license.post({ ... })

Arguments

edit
  • Request (object):

    • license (Optional, { expiry_date_in_millis, issue_date_in_millis, start_date_in_millis, issued_to, issuer, max_nodes, max_resource_units, signature, type, uid })
    • licenses (Optional, { expiry_date_in_millis, issue_date_in_millis, start_date_in_millis, issued_to, issuer, max_nodes, max_resource_units, signature, type, uid }[]): A sequence of one or more JSON documents containing the license information.
    • acknowledge (Optional, boolean): Specifies whether you acknowledge the license changes.

post_start_basic

edit

Starts an indefinite basic license.

Endpoint documentation

client.license.postStartBasic({ ... })

Arguments

edit
  • Request (object):

    • acknowledge (Optional, boolean): whether the user has acknowledged acknowledge messages (default: false)

post_start_trial

edit

starts a limited time trial license.

Endpoint documentation

client.license.postStartTrial({ ... })

Arguments

edit
  • Request (object):

    • acknowledge (Optional, boolean): whether the user has acknowledged acknowledge messages (default: false)
    • type_query_string (Optional, string)

logstash

edit

delete_pipeline

edit

Deletes Logstash Pipelines used by Central Management

Endpoint documentation

client.logstash.deletePipeline({ id })

Arguments

edit
  • Request (object):

    • id (string): The ID of the Pipeline

get_pipeline

edit

Retrieves Logstash Pipelines used by Central Management

Endpoint documentation

client.logstash.getPipeline({ id })

Arguments

edit
  • Request (object):

    • id (string | string[]): A list of Pipeline IDs

put_pipeline

edit

Adds and updates Logstash Pipelines used for Central Management

Endpoint documentation

client.logstash.putPipeline({ id })

Arguments

edit
  • Request (object):

    • id (string): The ID of the Pipeline
    • pipeline (Optional, { description, on_failure, processors, version })

migration

edit

deprecations

edit

Retrieves information about different cluster, node, and index level settings that use deprecated features that will be removed or changed in the next major version.

Endpoint documentation

client.migration.deprecations({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string): Comma-separate list of data streams or indices to check. Wildcard (*) expressions are supported.

get_feature_upgrade_status

edit

Find out whether system features need to be upgraded or not

Endpoint documentation

client.migration.getFeatureUpgradeStatus()

post_feature_upgrade

edit

Begin upgrades for system features

Endpoint documentation

client.migration.postFeatureUpgrade()

clear_trained_model_deployment_cache

edit

Clear the cached results from a trained model deployment

Endpoint documentation

client.ml.clearTrainedModelDeploymentCache({ model_id })

Arguments

edit
  • Request (object):

    • model_id (string): The unique identifier of the trained model.

close_job

edit

Closes one or more anomaly detection jobs. A job can be opened and closed multiple times throughout its lifecycle.

Endpoint documentation

client.ml.closeJob({ job_id })

Arguments

edit
  • Request (object):

    • job_id (string): Identifier for the anomaly detection job. It can be a job identifier, a group name, or a wildcard expression. You can close multiple anomaly detection jobs in a single API request by using a group name, a list of jobs, or a wildcard expression. You can close all jobs by using _all or by specifying * as the job identifier.
    • allow_no_match (Optional, boolean): Refer to the description for the allow_no_match query parameter.
    • force (Optional, boolean): Refer to the descriptiion for the force query parameter.
    • timeout (Optional, string | -1 | 0): Refer to the description for the timeout query parameter.

delete_calendar

edit

Deletes a calendar.

Endpoint documentation

client.ml.deleteCalendar({ calendar_id })

Arguments

edit
  • Request (object):

    • calendar_id (string): A string that uniquely identifies a calendar.

delete_calendar_event

edit

Deletes scheduled events from a calendar.

Endpoint documentation

client.ml.deleteCalendarEvent({ calendar_id, event_id })

Arguments

edit
  • Request (object):

    • calendar_id (string): The ID of the calendar to modify
    • event_id (string): The ID of the event to remove from the calendar

delete_calendar_job

edit

Deletes anomaly detection jobs from a calendar.

Endpoint documentation

client.ml.deleteCalendarJob({ calendar_id, job_id })

Arguments

edit
  • Request (object):

    • calendar_id (string): A string that uniquely identifies a calendar.
    • job_id (string | string[]): An identifier for the anomaly detection jobs. It can be a job identifier, a group name, or a list of jobs or groups.

delete_data_frame_analytics

edit

Deletes an existing data frame analytics job.

Endpoint documentation

client.ml.deleteDataFrameAnalytics({ id })

Arguments

edit
  • Request (object):

    • id (string): Identifier for the data frame analytics job.
    • force (Optional, boolean): If true, it deletes a job that is not stopped; this method is quicker than stopping and deleting the job.
    • timeout (Optional, string | -1 | 0): The time to wait for the job to be deleted.

delete_datafeed

edit

Deletes an existing datafeed.

Endpoint documentation

client.ml.deleteDatafeed({ datafeed_id })

Arguments

edit
  • Request (object):

    • datafeed_id (string): A numerical character string that uniquely identifies the datafeed. This identifier can contain lowercase alphanumeric characters (a-z and 0-9), hyphens, and underscores. It must start and end with alphanumeric characters.
    • force (Optional, boolean): Use to forcefully delete a started datafeed; this method is quicker than stopping and deleting the datafeed.

delete_expired_data

edit

Deletes expired and unused machine learning data.

Endpoint documentation

client.ml.deleteExpiredData({ ... })

Arguments

edit
  • Request (object):

    • job_id (Optional, string): Identifier for an anomaly detection job. It can be a job identifier, a group name, or a wildcard expression.
    • requests_per_second (Optional, float): The desired requests per second for the deletion processes. The default behavior is no throttling.
    • timeout (Optional, string | -1 | 0): How long can the underlying delete processes run until they are canceled.

delete_filter

edit

Deletes a filter.

Endpoint documentation

client.ml.deleteFilter({ filter_id })

Arguments

edit
  • Request (object):

    • filter_id (string): A string that uniquely identifies a filter.

delete_forecast

edit

Deletes forecasts from a machine learning job.

Endpoint documentation

client.ml.deleteForecast({ job_id })

Arguments

edit
  • Request (object):

    • job_id (string): Identifier for the anomaly detection job.
    • forecast_id (Optional, string): A list of forecast identifiers. If you do not specify this optional parameter or if you specify _all or * the API deletes all forecasts from the job.
    • allow_no_forecasts (Optional, boolean): Specifies whether an error occurs when there are no forecasts. In particular, if this parameter is set to false and there are no forecasts associated with the job, attempts to delete all forecasts return an error.
    • timeout (Optional, string | -1 | 0): Specifies the period of time to wait for the completion of the delete operation. When this period of time elapses, the API fails and returns an error.

delete_job

edit

Deletes an existing anomaly detection job.

Endpoint documentation

client.ml.deleteJob({ job_id })

Arguments

edit
  • Request (object):

    • job_id (string): Identifier for the anomaly detection job.
    • force (Optional, boolean): Use to forcefully delete an opened job; this method is quicker than closing and deleting the job.
    • delete_user_annotations (Optional, boolean): Specifies whether annotations that have been added by the user should be deleted along with any auto-generated annotations when the job is reset.
    • wait_for_completion (Optional, boolean): Specifies whether the request should return immediately or wait until the job deletion completes.

delete_model_snapshot

edit

Deletes an existing model snapshot.

Endpoint documentation

client.ml.deleteModelSnapshot({ job_id, snapshot_id })

Arguments

edit
  • Request (object):

    • job_id (string): Identifier for the anomaly detection job.
    • snapshot_id (string): Identifier for the model snapshot.

delete_trained_model

edit

Deletes an existing trained inference model that is currently not referenced by an ingest pipeline.

Endpoint documentation

client.ml.deleteTrainedModel({ model_id })

Arguments

edit
  • Request (object):

    • model_id (string): The unique identifier of the trained model.
    • force (Optional, boolean): Forcefully deletes a trained model that is referenced by ingest pipelines or has a started deployment.

delete_trained_model_alias

edit

Deletes a model alias that refers to the trained model

Endpoint documentation

client.ml.deleteTrainedModelAlias({ model_alias, model_id })

Arguments

edit
  • Request (object):

    • model_alias (string): The model alias to delete.
    • model_id (string): The trained model ID to which the model alias refers.

estimate_model_memory

edit

Estimates the model memory

Endpoint documentation

client.ml.estimateModelMemory({ ... })

Arguments

edit
  • Request (object):

    • analysis_config (Optional, { bucket_span, categorization_analyzer, categorization_field_name, categorization_filters, detectors, influencers, latency, model_prune_window, multivariate_by_fields, per_partition_categorization, summary_count_field_name }): For a list of the properties that you can specify in the analysis_config component of the body of this API.
    • max_bucket_cardinality (Optional, Record<string, number>): Estimates of the highest cardinality in a single bucket that is observed for influencer fields over the time period that the job analyzes data. To produce a good answer, values must be provided for all influencer fields. Providing values for fields that are not listed as influencers has no effect on the estimation.
    • overall_cardinality (Optional, Record<string, number>): Estimates of the cardinality that is observed for fields over the whole time period that the job analyzes data. To produce a good answer, values must be provided for fields referenced in the by_field_name, over_field_name and partition_field_name of any detectors. Providing values for other fields has no effect on the estimation. It can be omitted from the request if no detectors have a by_field_name, over_field_name or partition_field_name.

evaluate_data_frame

edit

Evaluates the data frame analytics for an annotated index.

Endpoint documentation

client.ml.evaluateDataFrame({ evaluation, index })

Arguments

edit
  • Request (object):

    • evaluation ({ classification, outlier_detection, regression }): Defines the type of evaluation you want to perform.
    • index (string): Defines the index in which the evaluation will be performed.
    • query (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type }): A query clause that retrieves a subset of data from the source index.

explain_data_frame_analytics

edit

Explains a data frame analytics config.

Endpoint documentation

client.ml.explainDataFrameAnalytics({ ... })

Arguments

edit
  • Request (object):

    • id (Optional, string): Identifier for the data frame analytics job. This identifier can contain lowercase alphanumeric characters (a-z and 0-9), hyphens, and underscores. It must start and end with alphanumeric characters.
    • source (Optional, { index, query, runtime_mappings, _source }): The configuration of how to source the analysis data. It requires an index. Optionally, query and _source may be specified.
    • dest (Optional, { index, results_field }): The destination configuration, consisting of index and optionally results_field (ml by default).
    • analysis (Optional, { classification, outlier_detection, regression }): The analysis configuration, which contains the information necessary to perform one of the following types of analysis: classification, outlier detection, or regression.
    • description (Optional, string): A description of the job.
    • model_memory_limit (Optional, string): The approximate maximum amount of memory resources that are permitted for analytical processing. If your elasticsearch.yml file contains an xpack.ml.max_model_memory_limit setting, an error occurs when you try to create data frame analytics jobs that have model_memory_limit values greater than that setting.
    • max_num_threads (Optional, number): The maximum number of threads to be used by the analysis. Using more threads may decrease the time necessary to complete the analysis at the cost of using more CPU. Note that the process may use additional threads for operational functionality other than the analysis itself.
    • analyzed_fields (Optional, { includes, excludes }): Specify includes and/or excludes patterns to select which fields will be included in the analysis. The patterns specified in excludes are applied last, therefore excludes takes precedence. In other words, if the same field is specified in both includes and excludes, then the field will not be included in the analysis.
    • allow_lazy_start (Optional, boolean): Specifies whether this job can start when there is insufficient machine learning node capacity for it to be immediately assigned to a node.

flush_job

edit

Forces any buffered data to be processed by the job.

Endpoint documentation

client.ml.flushJob({ job_id })

Arguments

edit
  • Request (object):

    • job_id (string): Identifier for the anomaly detection job.
    • advance_time (Optional, string | Unit): Refer to the description for the advance_time query parameter.
    • calc_interim (Optional, boolean): Refer to the description for the calc_interim query parameter.
    • end (Optional, string | Unit): Refer to the description for the end query parameter.
    • skip_time (Optional, string | Unit): Refer to the description for the skip_time query parameter.
    • start (Optional, string | Unit): Refer to the description for the start query parameter.

forecast

edit

Predicts the future behavior of a time series by using its historical behavior.

Endpoint documentation

client.ml.forecast({ job_id })

Arguments

edit
  • Request (object):

    • job_id (string): Identifier for the anomaly detection job. The job must be open when you create a forecast; otherwise, an error occurs.
    • duration (Optional, string | -1 | 0): Refer to the description for the duration query parameter.
    • expires_in (Optional, string | -1 | 0): Refer to the description for the expires_in query parameter.
    • max_model_memory (Optional, string): Refer to the description for the max_model_memory query parameter.

get_buckets

edit

Retrieves anomaly detection job results for one or more buckets.

Endpoint documentation

client.ml.getBuckets({ job_id })

Arguments

edit
  • Request (object):

    • job_id (string): Identifier for the anomaly detection job.
    • timestamp (Optional, string | Unit): The timestamp of a single bucket result. If you do not specify this parameter, the API returns information about all buckets.
    • anomaly_score (Optional, number): Refer to the description for the anomaly_score query parameter.
    • desc (Optional, boolean): Refer to the description for the desc query parameter.
    • end (Optional, string | Unit): Refer to the description for the end query parameter.
    • exclude_interim (Optional, boolean): Refer to the description for the exclude_interim query parameter.
    • expand (Optional, boolean): Refer to the description for the expand query parameter.
    • page (Optional, { from, size })
    • sort (Optional, string): Refer to the desription for the sort query parameter.
    • start (Optional, string | Unit): Refer to the description for the start query parameter.
    • from (Optional, number): Skips the specified number of buckets.
    • size (Optional, number): Specifies the maximum number of buckets to obtain.

get_calendar_events

edit

Retrieves information about the scheduled events in calendars.

Endpoint documentation

client.ml.getCalendarEvents({ calendar_id })

Arguments

edit
  • Request (object):

    • calendar_id (string): A string that uniquely identifies a calendar. You can get information for multiple calendars by using a list of ids or a wildcard expression. You can get information for all calendars by using _all or * or by omitting the calendar identifier.
    • end (Optional, string | Unit): Specifies to get events with timestamps earlier than this time.
    • from (Optional, number): Skips the specified number of events.
    • job_id (Optional, string): Specifies to get events for a specific anomaly detection job identifier or job group. It must be used with a calendar identifier of _all or *.
    • size (Optional, number): Specifies the maximum number of events to obtain.
    • start (Optional, string | Unit): Specifies to get events with timestamps after this time.

get_calendars

edit

Retrieves configuration information for calendars.

Endpoint documentation

client.ml.getCalendars({ ... })

Arguments

edit
  • Request (object):

    • calendar_id (Optional, string): A string that uniquely identifies a calendar. You can get information for multiple calendars by using a list of ids or a wildcard expression. You can get information for all calendars by using _all or * or by omitting the calendar identifier.
    • page (Optional, { from, size }): This object is supported only when you omit the calendar identifier.
    • from (Optional, number): Skips the specified number of calendars. This parameter is supported only when you omit the calendar identifier.
    • size (Optional, number): Specifies the maximum number of calendars to obtain. This parameter is supported only when you omit the calendar identifier.

get_categories

edit

Retrieves anomaly detection job results for one or more categories.

Endpoint documentation

client.ml.getCategories({ job_id })

Arguments

edit
  • Request (object):

    • job_id (string): Identifier for the anomaly detection job.
    • category_id (Optional, string): Identifier for the category, which is unique in the job. If you specify neither the category ID nor the partition_field_value, the API returns information about all categories. If you specify only the partition_field_value, it returns information about all categories for the specified partition.
    • page (Optional, { from, size })
    • from (Optional, number): Skips the specified number of categories.
    • partition_field_value (Optional, string): Only return categories for the specified partition.
    • size (Optional, number): Specifies the maximum number of categories to obtain.

get_data_frame_analytics

edit

Retrieves configuration information for data frame analytics jobs.

Endpoint documentation

client.ml.getDataFrameAnalytics({ ... })

Arguments

edit
  • Request (object):

    • id (Optional, string): Identifier for the data frame analytics job. If you do not specify this option, the API returns information for the first hundred data frame analytics jobs.
    • allow_no_match (Optional, boolean): Specifies what to do when the request:

      1. Contains wildcard expressions and there are no data frame analytics jobs that match.
      2. Contains the _all string or no identifiers and there are no matches.
      3. Contains wildcard expressions and there are only partial matches.

The default value returns an empty data_frame_analytics array when there are no matches and the subset of results when there are partial matches. If this parameter is false, the request returns a 404 status code when there are no matches or only partial matches. from (Optional, number): Skips the specified number of data frame analytics jobs. size (Optional, number): Specifies the maximum number of data frame analytics jobs to obtain. * *exclude_generated (Optional, boolean): Indicates if certain fields should be removed from the configuration on retrieval. This allows the configuration to be in an acceptable format to be retrieved and then added to another cluster.

get_data_frame_analytics_stats

edit

Retrieves usage information for data frame analytics jobs.

Endpoint documentation

client.ml.getDataFrameAnalyticsStats({ ... })

Arguments

edit
  • Request (object):

    • id (Optional, string): Identifier for the data frame analytics job. If you do not specify this option, the API returns information for the first hundred data frame analytics jobs.
    • allow_no_match (Optional, boolean): Specifies what to do when the request:

      1. Contains wildcard expressions and there are no data frame analytics jobs that match.
      2. Contains the _all string or no identifiers and there are no matches.
      3. Contains wildcard expressions and there are only partial matches.

The default value returns an empty data_frame_analytics array when there are no matches and the subset of results when there are partial matches. If this parameter is false, the request returns a 404 status code when there are no matches or only partial matches. from (Optional, number): Skips the specified number of data frame analytics jobs. size (Optional, number): Specifies the maximum number of data frame analytics jobs to obtain. * *verbose (Optional, boolean): Defines whether the stats response should be verbose.

get_datafeed_stats

edit

Retrieves usage information for datafeeds.

Endpoint documentation

client.ml.getDatafeedStats({ ... })

Arguments

edit
  • Request (object):

    • datafeed_id (Optional, string | string[]): Identifier for the datafeed. It can be a datafeed identifier or a wildcard expression. If you do not specify one of these options, the API returns information about all datafeeds.
    • allow_no_match (Optional, boolean): Specifies what to do when the request:

      1. Contains wildcard expressions and there are no datafeeds that match.
      2. Contains the _all string or no identifiers and there are no matches.
      3. Contains wildcard expressions and there are only partial matches.

The default value is true, which returns an empty datafeeds array when there are no matches and the subset of results when there are partial matches. If this parameter is false, the request returns a 404 status code when there are no matches or only partial matches.

get_datafeeds

edit

Retrieves configuration information for datafeeds.

Endpoint documentation

client.ml.getDatafeeds({ ... })

Arguments

edit
  • Request (object):

    • datafeed_id (Optional, string | string[]): Identifier for the datafeed. It can be a datafeed identifier or a wildcard expression. If you do not specify one of these options, the API returns information about all datafeeds.
    • allow_no_match (Optional, boolean): Specifies what to do when the request:

      1. Contains wildcard expressions and there are no datafeeds that match.
      2. Contains the _all string or no identifiers and there are no matches.
      3. Contains wildcard expressions and there are only partial matches.

The default value is true, which returns an empty datafeeds array when there are no matches and the subset of results when there are partial matches. If this parameter is false, the request returns a 404 status code when there are no matches or only partial matches. * *exclude_generated (Optional, boolean): Indicates if certain fields should be removed from the configuration on retrieval. This allows the configuration to be in an acceptable format to be retrieved and then added to another cluster.

get_filters

edit

Retrieves filters.

Endpoint documentation

client.ml.getFilters({ ... })

Arguments

edit
  • Request (object):

    • filter_id (Optional, string | string[]): A string that uniquely identifies a filter.
    • from (Optional, number): Skips the specified number of filters.
    • size (Optional, number): Specifies the maximum number of filters to obtain.

get_influencers

edit

Retrieves anomaly detection job results for one or more influencers.

Endpoint documentation

client.ml.getInfluencers({ job_id })

Arguments

edit
  • Request (object):

    • job_id (string): Identifier for the anomaly detection job.
    • page (Optional, { from, size })
    • desc (Optional, boolean): If true, the results are sorted in descending order.
    • end (Optional, string | Unit): Returns influencers with timestamps earlier than this time. The default value means it is unset and results are not limited to specific timestamps.
    • exclude_interim (Optional, boolean): If true, the output excludes interim results. By default, interim results are included.
    • influencer_score (Optional, number): Returns influencers with anomaly scores greater than or equal to this value.
    • from (Optional, number): Skips the specified number of influencers.
    • size (Optional, number): Specifies the maximum number of influencers to obtain.
    • sort (Optional, string): Specifies the sort field for the requested influencers. By default, the influencers are sorted by the influencer_score value.
    • start (Optional, string | Unit): Returns influencers with timestamps after this time. The default value means it is unset and results are not limited to specific timestamps.

get_job_stats

edit

Retrieves usage information for anomaly detection jobs.

Endpoint documentation

client.ml.getJobStats({ ... })

Arguments

edit
  • Request (object):

    • job_id (Optional, string): Identifier for the anomaly detection job. It can be a job identifier, a group name, a list of jobs, or a wildcard expression. If you do not specify one of these options, the API returns information for all anomaly detection jobs.
    • allow_no_match (Optional, boolean): Specifies what to do when the request:

      1. Contains wildcard expressions and there are no jobs that match.
      2. Contains the _all string or no identifiers and there are no matches.
      3. Contains wildcard expressions and there are only partial matches.

If true, the API returns an empty jobs array when there are no matches and the subset of results when there are partial matches. If false, the API returns a 404 status code when there are no matches or only partial matches.

get_jobs

edit

Retrieves configuration information for anomaly detection jobs.

Endpoint documentation

client.ml.getJobs({ ... })

Arguments

edit
  • Request (object):

    • job_id (Optional, string | string[]): Identifier for the anomaly detection job. It can be a job identifier, a group name, or a wildcard expression. If you do not specify one of these options, the API returns information for all anomaly detection jobs.
    • allow_no_match (Optional, boolean): Specifies what to do when the request:

      1. Contains wildcard expressions and there are no jobs that match.
      2. Contains the _all string or no identifiers and there are no matches.
      3. Contains wildcard expressions and there are only partial matches.

The default value is true, which returns an empty jobs array when there are no matches and the subset of results when there are partial matches. If this parameter is false, the request returns a 404 status code when there are no matches or only partial matches. * *exclude_generated (Optional, boolean): Indicates if certain fields should be removed from the configuration on retrieval. This allows the configuration to be in an acceptable format to be retrieved and then added to another cluster.

get_memory_stats

edit

Returns information on how ML is using memory.

Endpoint documentation

client.ml.getMemoryStats({ ... })

Arguments

edit
  • Request (object):

    • node_id (Optional, string): The names of particular nodes in the cluster to target. For example, nodeId1,nodeId2 or ml:true
    • human (Optional, boolean): Specify this query parameter to include the fields with units in the response. Otherwise only the _in_bytes sizes are returned in the response.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.
    • timeout (Optional, string | -1 | 0): Period to wait for a response. If no response is received before the timeout expires, the request fails and returns an error.

get_model_snapshot_upgrade_stats

edit

Gets stats for anomaly detection job model snapshot upgrades that are in progress.

Endpoint documentation

client.ml.getModelSnapshotUpgradeStats({ job_id, snapshot_id })

Arguments

edit
  • Request (object):

    • job_id (string): Identifier for the anomaly detection job.
    • snapshot_id (string): A numerical character string that uniquely identifies the model snapshot. You can get information for multiple snapshots by using a list or a wildcard expression. You can get all snapshots by using _all, by specifying * as the snapshot ID, or by omitting the snapshot ID.
    • allow_no_match (Optional, boolean): Specifies what to do when the request:

      • Contains wildcard expressions and there are no jobs that match.
      • Contains the _all string or no identifiers and there are no matches.
      • Contains wildcard expressions and there are only partial matches.

The default value is true, which returns an empty jobs array when there are no matches and the subset of results when there are partial matches. If this parameter is false, the request returns a 404 status code when there are no matches or only partial matches.

get_model_snapshots

edit

Retrieves information about model snapshots.

Endpoint documentation

client.ml.getModelSnapshots({ job_id })

Arguments

edit
  • Request (object):

    • job_id (string): Identifier for the anomaly detection job.
    • snapshot_id (Optional, string): A numerical character string that uniquely identifies the model snapshot. You can get information for multiple snapshots by using a list or a wildcard expression. You can get all snapshots by using _all, by specifying * as the snapshot ID, or by omitting the snapshot ID.
    • desc (Optional, boolean): Refer to the description for the desc query parameter.
    • end (Optional, string | Unit): Refer to the description for the end query parameter.
    • page (Optional, { from, size })
    • sort (Optional, string): Refer to the description for the sort query parameter.
    • start (Optional, string | Unit): Refer to the description for the start query parameter.
    • from (Optional, number): Skips the specified number of snapshots.
    • size (Optional, number): Specifies the maximum number of snapshots to obtain.

get_overall_buckets

edit

Retrieves overall bucket results that summarize the bucket results of multiple anomaly detection jobs.

Endpoint documentation

client.ml.getOverallBuckets({ job_id })

Arguments

edit
  • Request (object):

    • job_id (string): Identifier for the anomaly detection job. It can be a job identifier, a group name, a list of jobs or groups, or a wildcard expression.

You can summarize the bucket results for all anomaly detection jobs by using _all or by specifying * as the <job_id>. allow_no_match (Optional, boolean): Refer to the description for the allow_no_match query parameter. bucket_span (Optional, string | -1 | 0): Refer to the description for the bucket_span query parameter. end (Optional, string | Unit): Refer to the description for the end query parameter. exclude_interim (Optional, boolean): Refer to the description for the exclude_interim query parameter. overall_score (Optional, number | string): Refer to the description for the overall_score query parameter. start (Optional, string | Unit): Refer to the description for the start query parameter. * *top_n (Optional, number): Refer to the description for the top_n query parameter.

get_records

edit

Retrieves anomaly records for an anomaly detection job.

Endpoint documentation

client.ml.getRecords({ job_id })

Arguments

edit
  • Request (object):

    • job_id (string): Identifier for the anomaly detection job.
    • desc (Optional, boolean): Refer to the description for the desc query parameter.
    • end (Optional, string | Unit): Refer to the description for the end query parameter.
    • exclude_interim (Optional, boolean): Refer to the description for the exclude_interim query parameter.
    • page (Optional, { from, size })
    • record_score (Optional, number): Refer to the description for the record_score query parameter.
    • sort (Optional, string): Refer to the description for the sort query parameter.
    • start (Optional, string | Unit): Refer to the description for the start query parameter.
    • from (Optional, number): Skips the specified number of records.
    • size (Optional, number): Specifies the maximum number of records to obtain.

get_trained_models

edit

Retrieves configuration information for a trained inference model.

Endpoint documentation

client.ml.getTrainedModels({ ... })

Arguments

edit
  • Request (object):

    • model_id (Optional, string): The unique identifier of the trained model.
    • allow_no_match (Optional, boolean): Specifies what to do when the request:

      • Contains wildcard expressions and there are no models that match.
      • Contains the _all string or no identifiers and there are no matches.
      • Contains wildcard expressions and there are only partial matches.

If true, it returns an empty array when there are no matches and the subset of results when there are partial matches. decompress_definition (Optional, boolean): Specifies whether the included model definition should be returned as a JSON map (true) or in a custom compressed format (false). exclude_generated (Optional, boolean): Indicates if certain fields should be removed from the configuration on retrieval. This allows the configuration to be in an acceptable format to be retrieved and then added to another cluster. from (Optional, number): Skips the specified number of models. include (Optional, Enum("definition" | "feature_importance_baseline" | "hyperparameters" | "total_feature_importance" | "definition_status")): A comma delimited string of optional fields to include in the response body. size (Optional, number): Specifies the maximum number of models to obtain. tags (Optional, string): A comma delimited string of tags. A trained model can have many tags, or none. When supplied, only trained models that contain all the supplied tags are returned.

get_trained_models_stats

edit

Retrieves usage information for trained inference models.

Endpoint documentation

client.ml.getTrainedModelsStats({ ... })

Arguments

edit
  • Request (object):

    • model_id (Optional, string | string[]): The unique identifier of the trained model or a model alias. It can be a list or a wildcard expression.
    • allow_no_match (Optional, boolean): Specifies what to do when the request:

      • Contains wildcard expressions and there are no models that match.
      • Contains the _all string or no identifiers and there are no matches.
      • Contains wildcard expressions and there are only partial matches.

If true, it returns an empty array when there are no matches and the subset of results when there are partial matches. from (Optional, number): Skips the specified number of models. size (Optional, number): Specifies the maximum number of models to obtain.

infer_trained_model

edit

Evaluate a trained model.

Endpoint documentation

client.ml.inferTrainedModel({ model_id, docs })

Arguments

edit
  • Request (object):

    • model_id (string): The unique identifier of the trained model.
    • docs (Record<string, User-defined value>[]): An array of objects to pass to the model for inference. The objects should contain a fields matching your configured trained model input. Typically, for NLP models, the field name is text_field. Currently, for NLP models, only a single value is allowed.
    • inference_config (Optional, { regression, classification, text_classification, zero_shot_classification, fill_mask, ner, pass_through, text_embedding, text_expansion, question_answering }): The inference configuration updates to apply on the API call
    • timeout (Optional, string | -1 | 0): Controls the amount of time to wait for inference results.

info

edit

Returns defaults and limits used by machine learning.

Endpoint documentation

client.ml.info()

open_job

edit

Opens one or more anomaly detection jobs.

Endpoint documentation

client.ml.openJob({ job_id })

Arguments

edit
  • Request (object):

    • job_id (string): Identifier for the anomaly detection job.
    • timeout (Optional, string | -1 | 0): Refer to the description for the timeout query parameter.

post_calendar_events

edit

Posts scheduled events in a calendar.

Endpoint documentation

client.ml.postCalendarEvents({ calendar_id, events })

Arguments

edit
  • Request (object):

    • calendar_id (string): A string that uniquely identifies a calendar.
    • events ({ calendar_id, event_id, description, end_time, start_time }[]): A list of one of more scheduled events. The event’s start and end times can be specified as integer milliseconds since the epoch or as a string in ISO 8601 format.

post_data

edit

Sends data to an anomaly detection job for analysis.

Endpoint documentation

client.ml.postData({ job_id })

Arguments

edit
  • Request (object):

    • job_id (string): Identifier for the anomaly detection job. The job must have a state of open to receive and process the data.
    • data (Optional, TData[])
    • reset_end (Optional, string | Unit): Specifies the end of the bucket resetting range.
    • reset_start (Optional, string | Unit): Specifies the start of the bucket resetting range.

preview_data_frame_analytics

edit

Previews that will be analyzed given a data frame analytics config.

Endpoint documentation

client.ml.previewDataFrameAnalytics({ ... })

Arguments

edit
  • Request (object):

    • id (Optional, string): Identifier for the data frame analytics job.
    • config (Optional, { source, analysis, model_memory_limit, max_num_threads, analyzed_fields }): A data frame analytics config as described in create data frame analytics jobs. Note that id and dest don’t need to be provided in the context of this API.

preview_datafeed

edit

Previews a datafeed.

Endpoint documentation

client.ml.previewDatafeed({ ... })

Arguments

edit
  • Request (object):

    • datafeed_id (Optional, string): A numerical character string that uniquely identifies the datafeed. This identifier can contain lowercase alphanumeric characters (a-z and 0-9), hyphens, and underscores. It must start and end with alphanumeric characters. NOTE: If you use this path parameter, you cannot provide datafeed or anomaly detection job configuration details in the request body.
    • datafeed_config (Optional, { aggregations, chunking_config, datafeed_id, delayed_data_check_config, frequency, indices, indices_options, job_id, max_empty_searches, query, query_delay, runtime_mappings, script_fields, scroll_size }): The datafeed definition to preview.
    • job_config (Optional, { allow_lazy_open, analysis_config, analysis_limits, background_persist_interval, custom_settings, daily_model_snapshot_retention_after_days, data_description, datafeed_config, description, groups, job_id, job_type, model_plot_config, model_snapshot_retention_days, renormalization_window_days, results_index_name, results_retention_days }): The configuration details for the anomaly detection job that is associated with the datafeed. If the datafeed_config object does not include a job_id that references an existing anomaly detection job, you must supply this job_config object. If you include both a job_id and a job_config, the latter information is used. You cannot specify a job_config object unless you also supply a datafeed_config object.
    • start (Optional, string | Unit): The start time from where the datafeed preview should begin
    • end (Optional, string | Unit): The end time when the datafeed preview should stop

put_calendar

edit

Instantiates a calendar.

Endpoint documentation

client.ml.putCalendar({ calendar_id })

Arguments

edit
  • Request (object):

    • calendar_id (string): A string that uniquely identifies a calendar.
    • job_ids (Optional, string[]): An array of anomaly detection job identifiers.
    • description (Optional, string): A description of the calendar.

put_calendar_job

edit

Adds an anomaly detection job to a calendar.

Endpoint documentation

client.ml.putCalendarJob({ calendar_id, job_id })

Arguments

edit
  • Request (object):

    • calendar_id (string): A string that uniquely identifies a calendar.
    • job_id (string): An identifier for the anomaly detection jobs. It can be a job identifier, a group name, or a list of jobs or groups.

put_data_frame_analytics

edit

Instantiates a data frame analytics job.

Endpoint documentation

client.ml.putDataFrameAnalytics({ id, analysis, dest, source })

Arguments

edit
  • Request (object):

    • id (string): Identifier for the data frame analytics job. This identifier can contain lowercase alphanumeric characters (a-z and 0-9), hyphens, and underscores. It must start and end with alphanumeric characters.
    • analysis ({ classification, outlier_detection, regression }): The analysis configuration, which contains the information necessary to perform one of the following types of analysis: classification, outlier detection, or regression.
    • dest ({ index, results_field }): The destination configuration.
    • source ({ index, query, runtime_mappings, _source }): The configuration of how to source the analysis data.
    • allow_lazy_start (Optional, boolean): Specifies whether this job can start when there is insufficient machine learning node capacity for it to be immediately assigned to a node. If set to false and a machine learning node with capacity to run the job cannot be immediately found, the API returns an error. If set to true, the API does not return an error; the job waits in the starting state until sufficient machine learning node capacity is available. This behavior is also affected by the cluster-wide xpack.ml.max_lazy_ml_nodes setting.
    • analyzed_fields (Optional, { includes, excludes }): Specifies includes and/or excludes patterns to select which fields will be included in the analysis. The patterns specified in excludes are applied last, therefore excludes takes precedence. In other words, if the same field is specified in both includes and excludes, then the field will not be included in the analysis. If analyzed_fields is not set, only the relevant fields will be included. For example, all the numeric fields for outlier detection. The supported fields vary for each type of analysis. Outlier detection requires numeric or boolean data to analyze. The algorithms don’t support missing values therefore fields that have data types other than numeric or boolean are ignored. Documents where included fields contain missing values, null values, or an array are also ignored. Therefore the dest index may contain documents that don’t have an outlier score. Regression supports fields that are numeric, boolean, text, keyword, and ip data types. It is also tolerant of missing values. Fields that are supported are included in the analysis, other fields are ignored. Documents where included fields contain an array with two or more values are also ignored. Documents in the dest index that don’t contain a results field are not included in the regression analysis. Classification supports fields that are numeric, boolean, text, keyword, and ip data types. It is also tolerant of missing values. Fields that are supported are included in the analysis, other fields are ignored. Documents where included fields contain an array with two or more values are also ignored. Documents in the dest index that don’t contain a results field are not included in the classification analysis. Classification analysis can be improved by mapping ordinal variable values to a single number. For example, in case of age ranges, you can model the values as 0-14 = 0, 15-24 = 1, 25-34 = 2, and so on.
    • description (Optional, string): A description of the job.
    • max_num_threads (Optional, number): The maximum number of threads to be used by the analysis. Using more threads may decrease the time necessary to complete the analysis at the cost of using more CPU. Note that the process may use additional threads for operational functionality other than the analysis itself.
    • model_memory_limit (Optional, string): The approximate maximum amount of memory resources that are permitted for analytical processing. If your elasticsearch.yml file contains an xpack.ml.max_model_memory_limit setting, an error occurs when you try to create data frame analytics jobs that have model_memory_limit values greater than that setting.
    • headers (Optional, Record<string, string | string[]>)
    • version (Optional, string)

put_datafeed

edit

Instantiates a datafeed.

Endpoint documentation

client.ml.putDatafeed({ datafeed_id })

Arguments

edit
  • Request (object):

    • datafeed_id (string): A numerical character string that uniquely identifies the datafeed. This identifier can contain lowercase alphanumeric characters (a-z and 0-9), hyphens, and underscores. It must start and end with alphanumeric characters.
    • aggregations (Optional, Record<string, { aggregations, meta, adjacency_matrix, auto_date_histogram, avg, avg_bucket, boxplot, bucket_script, bucket_selector, bucket_sort, bucket_count_ks_test, bucket_correlation, cardinality, categorize_text, children, composite, cumulative_cardinality, cumulative_sum, date_histogram, date_range, derivative, diversified_sampler, extended_stats, extended_stats_bucket, frequent_item_sets, filter, filters, geo_bounds, geo_centroid, geo_distance, geohash_grid, geo_line, geotile_grid, geohex_grid, global, histogram, ip_range, ip_prefix, inference, line, matrix_stats, max, max_bucket, median_absolute_deviation, min, min_bucket, missing, moving_avg, moving_percentiles, moving_fn, multi_terms, nested, normalize, parent, percentile_ranks, percentiles, percentiles_bucket, range, rare_terms, rate, reverse_nested, sampler, scripted_metric, serial_diff, significant_terms, significant_text, stats, stats_bucket, string_stats, sum, sum_bucket, terms, top_hits, t_test, top_metrics, value_count, weighted_avg, variable_width_histogram }>): If set, the datafeed performs aggregation searches. Support for aggregations is limited and should be used only with low cardinality data.
    • chunking_config (Optional, { mode, time_span }): Datafeeds might be required to search over long time periods, for several months or years. This search is split into time chunks in order to ensure the load on Elasticsearch is managed. Chunking configuration controls how the size of these time chunks are calculated; it is an advanced configuration option.
    • delayed_data_check_config (Optional, { check_window, enabled }): Specifies whether the datafeed checks for missing data and the size of the window. The datafeed can optionally search over indices that have already been read in an effort to determine whether any data has subsequently been added to the index. If missing data is found, it is a good indication that the query_delay is set too low and the data is being indexed after the datafeed has passed that moment in time. This check runs only on real-time datafeeds.
    • frequency (Optional, string | -1 | 0): The interval at which scheduled queries are made while the datafeed runs in real time. The default value is either the bucket span for short bucket spans, or, for longer bucket spans, a sensible fraction of the bucket span. When frequency is shorter than the bucket span, interim results for the last (partial) bucket are written then eventually overwritten by the full bucket results. If the datafeed uses aggregations, this value must be divisible by the interval of the date histogram aggregation.
    • indices (Optional, string | string[]): An array of index names. Wildcards are supported. If any of the indices are in remote clusters, the machine learning nodes must have the remote_cluster_client role.
    • indices_options (Optional, { allow_no_indices, expand_wildcards, ignore_unavailable, ignore_throttled }): Specifies index expansion options that are used during search
    • job_id (Optional, string): Identifier for the anomaly detection job.
    • max_empty_searches (Optional, number): If a real-time datafeed has never seen any data (including during any initial training period), it automatically stops and closes the associated job after this many real-time searches return no documents. In other words, it stops after frequency times max_empty_searches of real-time operation. If not set, a datafeed with no end time that sees no data remains started until it is explicitly stopped. By default, it is not set.
    • query (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type }): The Elasticsearch query domain-specific language (DSL). This value corresponds to the query object in an Elasticsearch search POST body. All the options that are supported by Elasticsearch can be used, as this object is passed verbatim to Elasticsearch.
    • query_delay (Optional, string | -1 | 0): The number of seconds behind real time that data is queried. For example, if data from 10:04 a.m. might not be searchable in Elasticsearch until 10:06 a.m., set this property to 120 seconds. The default value is randomly selected between 60s and 120s. This randomness improves the query performance when there are multiple jobs running on the same node.
    • runtime_mappings (Optional, Record<string, { fetch_fields, format, input_field, target_field, target_index, script, type }>): Specifies runtime fields for the datafeed search.
    • script_fields (Optional, Record<string, { script, ignore_failure }>): Specifies scripts that evaluate custom expressions and returns script fields to the datafeed. The detector configuration objects in a job can contain functions that use these script fields.
    • scroll_size (Optional, number): The size parameter that is used in Elasticsearch searches when the datafeed does not use aggregations. The maximum value is the value of index.max_result_window, which is 10,000 by default.
    • headers (Optional, Record<string, string | string[]>)
    • allow_no_indices (Optional, boolean): If true, wildcard indices expressions that resolve into no concrete indices are ignored. This includes the _all string or when no indices are specified.
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Type of index that wildcard patterns can match. If the request can target data streams, this argument determines whether wildcard expressions match hidden data streams. Supports a list of values.
    • ignore_throttled (Optional, boolean): If true, concrete, expanded, or aliased indices are ignored when frozen.
    • ignore_unavailable (Optional, boolean): If true, unavailable indices (missing or closed) are ignored.

put_filter

edit

Instantiates a filter.

Endpoint documentation

client.ml.putFilter({ filter_id })

Arguments

edit
  • Request (object):

    • filter_id (string): A string that uniquely identifies a filter.
    • description (Optional, string): A description of the filter.
    • items (Optional, string[]): The items of the filter. A wildcard * can be used at the beginning or the end of an item. Up to 10000 items are allowed in each filter.

put_job

edit

Instantiates an anomaly detection job.

Endpoint documentation

client.ml.putJob({ job_id, analysis_config, data_description })

Arguments

edit
  • Request (object):

    • job_id (string): The identifier for the anomaly detection job. This identifier can contain lowercase alphanumeric characters (a-z and 0-9), hyphens, and underscores. It must start and end with alphanumeric characters.
    • analysis_config ({ bucket_span, categorization_analyzer, categorization_field_name, categorization_filters, detectors, influencers, latency, model_prune_window, multivariate_by_fields, per_partition_categorization, summary_count_field_name }): Specifies how to analyze the data. After you create a job, you cannot change the analysis configuration; all the properties are informational.
    • data_description ({ format, time_field, time_format, field_delimiter }): Defines the format of the input data when you send data to the job by using the post data API. Note that when configure a datafeed, these properties are automatically set. When data is received via the post data API, it is not stored in Elasticsearch. Only the results for anomaly detection are retained.
    • allow_lazy_open (Optional, boolean): Advanced configuration option. Specifies whether this job can open when there is insufficient machine learning node capacity for it to be immediately assigned to a node. By default, if a machine learning node with capacity to run the job cannot immediately be found, the open anomaly detection jobs API returns an error. However, this is also subject to the cluster-wide xpack.ml.max_lazy_ml_nodes setting. If this option is set to true, the open anomaly detection jobs API does not return an error and the job waits in the opening state until sufficient machine learning node capacity is available.
    • analysis_limits (Optional, { categorization_examples_limit, model_memory_limit }): Limits can be applied for the resources required to hold the mathematical models in memory. These limits are approximate and can be set per job. They do not control the memory used by other processes, for example the Elasticsearch Java processes.
    • background_persist_interval (Optional, string | -1 | 0): Advanced configuration option. The time between each periodic persistence of the model. The default value is a randomized value between 3 to 4 hours, which avoids all jobs persisting at exactly the same time. The smallest allowed value is 1 hour. For very large models (several GB), persistence could take 10-20 minutes, so do not set the background_persist_interval value too low.
    • custom_settings (Optional, User-defined value): Advanced configuration option. Contains custom meta data about the job.
    • daily_model_snapshot_retention_after_days (Optional, number): Advanced configuration option, which affects the automatic removal of old model snapshots for this job. It specifies a period of time (in days) after which only the first snapshot per day is retained. This period is relative to the timestamp of the most recent snapshot for this job. Valid values range from 0 to model_snapshot_retention_days.
    • datafeed_config (Optional, { aggregations, chunking_config, datafeed_id, delayed_data_check_config, frequency, indices, indices_options, job_id, max_empty_searches, query, query_delay, runtime_mappings, script_fields, scroll_size }): Defines a datafeed for the anomaly detection job. If Elasticsearch security features are enabled, your datafeed remembers which roles the user who created it had at the time of creation and runs the query using those same roles. If you provide secondary authorization headers, those credentials are used instead.
    • description (Optional, string): A description of the job.
    • groups (Optional, string[]): A list of job groups. A job can belong to no groups or many.
    • model_plot_config (Optional, { annotations_enabled, enabled, terms }): This advanced configuration option stores model information along with the results. It provides a more detailed view into anomaly detection. If you enable model plot it can add considerable overhead to the performance of the system; it is not feasible for jobs with many entities. Model plot provides a simplified and indicative view of the model and its bounds. It does not display complex features such as multivariate correlations or multimodal data. As such, anomalies may occasionally be reported which cannot be seen in the model plot. Model plot config can be configured when the job is created or updated later. It must be disabled if performance issues are experienced.
    • model_snapshot_retention_days (Optional, number): Advanced configuration option, which affects the automatic removal of old model snapshots for this job. It specifies the maximum period of time (in days) that snapshots are retained. This period is relative to the timestamp of the most recent snapshot for this job. By default, snapshots ten days older than the newest snapshot are deleted.
    • renormalization_window_days (Optional, number): Advanced configuration option. The period over which adjustments to the score are applied, as new data is seen. The default value is the longer of 30 days or 100 bucket spans.
    • results_index_name (Optional, string): A text string that affects the name of the machine learning results index. By default, the job generates an index named .ml-anomalies-shared.
    • results_retention_days (Optional, number): Advanced configuration option. The period of time (in days) that results are retained. Age is calculated relative to the timestamp of the latest bucket result. If this property has a non-null value, once per day at 00:30 (server time), results that are the specified number of days older than the latest bucket result are deleted from Elasticsearch. The default value is null, which means all results are retained. Annotations generated by the system also count as results for retention purposes; they are deleted after the same number of days as results. Annotations added by users are retained forever.

put_trained_model

edit

Creates an inference trained model.

Endpoint documentation

client.ml.putTrainedModel({ model_id, inference_config })

Arguments

edit
  • Request (object):

    • model_id (string): The unique identifier of the trained model.
    • inference_config ({ regression, classification, text_classification, zero_shot_classification, fill_mask, ner, pass_through, text_embedding, text_expansion, question_answering }): The default configuration for inference. This can be either a regression or classification configuration. It must match the underlying definition.trained_model’s target_type.
    • compressed_definition (Optional, string): The compressed (GZipped and Base64 encoded) inference definition of the model. If compressed_definition is specified, then definition cannot be specified.
    • definition (Optional, { preprocessors, trained_model }): The inference definition for the model. If definition is specified, then compressed_definition cannot be specified.
    • description (Optional, string): A human-readable description of the inference trained model.
    • input (Optional, { field_names }): The input field names for the model definition.
    • metadata (Optional, User-defined value): An object map that contains metadata about the model.
    • model_type (Optional, Enum("tree_ensemble" | "lang_ident" | "pytorch")): The model type.
    • model_size_bytes (Optional, number): The estimated memory usage in bytes to keep the trained model in memory. This property is supported only if defer_definition_decompression is true or the model definition is not supplied.
    • tags (Optional, string[]): An array of tags to organize the model.
    • defer_definition_decompression (Optional, boolean): If set to true and a compressed_definition is provided, the request defers definition decompression and skips relevant validations.

put_trained_model_alias

edit

Creates a new model alias (or reassigns an existing one) to refer to the trained model

Endpoint documentation

client.ml.putTrainedModelAlias({ model_alias, model_id })

Arguments

edit
  • Request (object):

    • model_alias (string): The alias to create or update. This value cannot end in numbers.
    • model_id (string): The identifier for the trained model that the alias refers to.
    • reassign (Optional, boolean): Specifies whether the alias gets reassigned to the specified trained model if it is already assigned to a different model. If the alias is already assigned and this parameter is false, the API returns an error.

put_trained_model_definition_part

edit

Creates part of a trained model definition

Endpoint documentation

client.ml.putTrainedModelDefinitionPart({ model_id, part, definition, total_definition_length, total_parts })

Arguments

edit
  • Request (object):

    • model_id (string): The unique identifier of the trained model.
    • part (number): The definition part number. When the definition is loaded for inference the definition parts are streamed in the order of their part number. The first part must be 0 and the final part must be total_parts - 1.
    • definition (string): The definition part for the model. Must be a base64 encoded string.
    • total_definition_length (number): The total uncompressed definition length in bytes. Not base64 encoded.
    • total_parts (number): The total number of parts that will be uploaded. Must be greater than 0.

put_trained_model_vocabulary

edit

Creates a trained model vocabulary

Endpoint documentation

client.ml.putTrainedModelVocabulary({ model_id, vocabulary })

Arguments

edit
  • Request (object):

    • model_id (string): The unique identifier of the trained model.
    • vocabulary (string[]): The model vocabulary, which must not be empty.
    • merges (Optional, string[]): The optional model merges if required by the tokenizer.

reset_job

edit

Resets an existing anomaly detection job.

Endpoint documentation

client.ml.resetJob({ job_id })

Arguments

edit
  • Request (object):

    • job_id (string): The ID of the job to reset.
    • wait_for_completion (Optional, boolean): Should this request wait until the operation has completed before returning.
    • delete_user_annotations (Optional, boolean): Specifies whether annotations that have been added by the user should be deleted along with any auto-generated annotations when the job is reset.

revert_model_snapshot

edit

Reverts to a specific snapshot.

Endpoint documentation

client.ml.revertModelSnapshot({ job_id, snapshot_id })

Arguments

edit
  • Request (object):

    • job_id (string): Identifier for the anomaly detection job.
    • snapshot_id (string): You can specify empty as the <snapshot_id>. Reverting to the empty snapshot means the anomaly detection job starts learning a new model from scratch when it is started.
    • delete_intervening_results (Optional, boolean): Refer to the description for the delete_intervening_results query parameter.

set_upgrade_mode

edit

Sets a cluster wide upgrade_mode setting that prepares machine learning indices for an upgrade.

Endpoint documentation

client.ml.setUpgradeMode({ ... })

Arguments

edit
  • Request (object):

    • enabled (Optional, boolean): When true, it enables upgrade_mode which temporarily halts all job and datafeed tasks and prohibits new job and datafeed tasks from starting.
    • timeout (Optional, string | -1 | 0): The time to wait for the request to be completed.

start_data_frame_analytics

edit

Starts a data frame analytics job.

Endpoint documentation

client.ml.startDataFrameAnalytics({ id })

Arguments

edit
  • Request (object):

    • id (string): Identifier for the data frame analytics job. This identifier can contain lowercase alphanumeric characters (a-z and 0-9), hyphens, and underscores. It must start and end with alphanumeric characters.
    • timeout (Optional, string | -1 | 0): Controls the amount of time to wait until the data frame analytics job starts.

start_datafeed

edit

Starts one or more datafeeds.

Endpoint documentation

client.ml.startDatafeed({ datafeed_id })

Arguments

edit
  • Request (object):

    • datafeed_id (string): A numerical character string that uniquely identifies the datafeed. This identifier can contain lowercase alphanumeric characters (a-z and 0-9), hyphens, and underscores. It must start and end with alphanumeric characters.
    • end (Optional, string | Unit): Refer to the description for the end query parameter.
    • start (Optional, string | Unit): Refer to the description for the start query parameter.
    • timeout (Optional, string | -1 | 0): Refer to the description for the timeout query parameter.

start_trained_model_deployment

edit

Start a trained model deployment.

Endpoint documentation

client.ml.startTrainedModelDeployment({ model_id })

Arguments

edit
  • Request (object):

    • model_id (string): The unique identifier of the trained model. Currently, only PyTorch models are supported.
    • cache_size (Optional, number | string): The inference cache size (in memory outside the JVM heap) per node for the model. The default value is the same size as the model_size_bytes. To disable the cache, 0b can be provided.
    • number_of_allocations (Optional, number): The number of model allocations on each node where the model is deployed. All allocations on a node share the same copy of the model in memory but use a separate set of threads to evaluate the model. Increasing this value generally increases the throughput. If this setting is greater than the number of hardware threads it will automatically be changed to a value less than the number of hardware threads.
    • priority (Optional, Enum("normal" | "low")): The deployment priority.
    • queue_capacity (Optional, number): Specifies the number of inference requests that are allowed in the queue. After the number of requests exceeds this value, new requests are rejected with a 429 error.
    • threads_per_allocation (Optional, number): Sets the number of threads used by each model allocation during inference. This generally increases the inference speed. The inference process is a compute-bound process; any number greater than the number of available hardware threads on the machine does not increase the inference speed. If this setting is greater than the number of hardware threads it will automatically be changed to a value less than the number of hardware threads.
    • timeout (Optional, string | -1 | 0): Specifies the amount of time to wait for the model to deploy.
    • wait_for (Optional, Enum("started" | "starting" | "fully_allocated")): Specifies the allocation status to wait for before returning.

stop_data_frame_analytics

edit

Stops one or more data frame analytics jobs.

Endpoint documentation

client.ml.stopDataFrameAnalytics({ id })

Arguments

edit
  • Request (object):

    • id (string): Identifier for the data frame analytics job. This identifier can contain lowercase alphanumeric characters (a-z and 0-9), hyphens, and underscores. It must start and end with alphanumeric characters.
    • allow_no_match (Optional, boolean): Specifies what to do when the request:

      1. Contains wildcard expressions and there are no data frame analytics jobs that match.
      2. Contains the _all string or no identifiers and there are no matches.
      3. Contains wildcard expressions and there are only partial matches.

The default value is true, which returns an empty data_frame_analytics array when there are no matches and the subset of results when there are partial matches. If this parameter is false, the request returns a 404 status code when there are no matches or only partial matches. force (Optional, boolean): If true, the data frame analytics job is stopped forcefully. timeout (Optional, string | -1 | 0): Controls the amount of time to wait until the data frame analytics job stops. Defaults to 20 seconds.

stop_datafeed

edit

Stops one or more datafeeds.

Endpoint documentation

client.ml.stopDatafeed({ datafeed_id })

Arguments

edit
  • Request (object):

    • datafeed_id (string): Identifier for the datafeed. You can stop multiple datafeeds in a single API request by using a comma-separated list of datafeeds or a wildcard expression. You can close all datafeeds by using _all or by specifying * as the identifier.
    • allow_no_match (Optional, boolean): Refer to the description for the allow_no_match query parameter.
    • force (Optional, boolean): Refer to the description for the force query parameter.
    • timeout (Optional, string | -1 | 0): Refer to the description for the timeout query parameter.

stop_trained_model_deployment

edit

Stop a trained model deployment.

Endpoint documentation

client.ml.stopTrainedModelDeployment({ model_id })

Arguments

edit
  • Request (object):

    • model_id (string): The unique identifier of the trained model.
    • allow_no_match (Optional, boolean): Specifies what to do when the request: contains wildcard expressions and there are no deployments that match; contains the _all string or no identifiers and there are no matches; or contains wildcard expressions and there are only partial matches. By default, it returns an empty array when there are no matches and the subset of results when there are partial matches. If false, the request returns a 404 status code when there are no matches or only partial matches.
    • force (Optional, boolean): Forcefully stops the deployment, even if it is used by ingest pipelines. You can’t use these pipelines until you restart the model deployment.

update_data_frame_analytics

edit

Updates certain properties of a data frame analytics job.

Endpoint documentation

client.ml.updateDataFrameAnalytics({ id })

Arguments

edit
  • Request (object):

    • id (string): Identifier for the data frame analytics job. This identifier can contain lowercase alphanumeric characters (a-z and 0-9), hyphens, and underscores. It must start and end with alphanumeric characters.
    • description (Optional, string): A description of the job.
    • model_memory_limit (Optional, string): The approximate maximum amount of memory resources that are permitted for analytical processing. If your elasticsearch.yml file contains an xpack.ml.max_model_memory_limit setting, an error occurs when you try to create data frame analytics jobs that have model_memory_limit values greater than that setting.
    • max_num_threads (Optional, number): The maximum number of threads to be used by the analysis. Using more threads may decrease the time necessary to complete the analysis at the cost of using more CPU. Note that the process may use additional threads for operational functionality other than the analysis itself.
    • allow_lazy_start (Optional, boolean): Specifies whether this job can start when there is insufficient machine learning node capacity for it to be immediately assigned to a node.

update_datafeed

edit

Updates certain properties of a datafeed.

Endpoint documentation

client.ml.updateDatafeed({ datafeed_id })

Arguments

edit
  • Request (object):

    • datafeed_id (string): A numerical character string that uniquely identifies the datafeed. This identifier can contain lowercase alphanumeric characters (a-z and 0-9), hyphens, and underscores. It must start and end with alphanumeric characters.
    • aggregations (Optional, Record<string, { aggregations, meta, adjacency_matrix, auto_date_histogram, avg, avg_bucket, boxplot, bucket_script, bucket_selector, bucket_sort, bucket_count_ks_test, bucket_correlation, cardinality, categorize_text, children, composite, cumulative_cardinality, cumulative_sum, date_histogram, date_range, derivative, diversified_sampler, extended_stats, extended_stats_bucket, frequent_item_sets, filter, filters, geo_bounds, geo_centroid, geo_distance, geohash_grid, geo_line, geotile_grid, geohex_grid, global, histogram, ip_range, ip_prefix, inference, line, matrix_stats, max, max_bucket, median_absolute_deviation, min, min_bucket, missing, moving_avg, moving_percentiles, moving_fn, multi_terms, nested, normalize, parent, percentile_ranks, percentiles, percentiles_bucket, range, rare_terms, rate, reverse_nested, sampler, scripted_metric, serial_diff, significant_terms, significant_text, stats, stats_bucket, string_stats, sum, sum_bucket, terms, top_hits, t_test, top_metrics, value_count, weighted_avg, variable_width_histogram }>): If set, the datafeed performs aggregation searches. Support for aggregations is limited and should be used only with low cardinality data.
    • chunking_config (Optional, { mode, time_span }): Datafeeds might search over long time periods, for several months or years. This search is split into time chunks in order to ensure the load on Elasticsearch is managed. Chunking configuration controls how the size of these time chunks are calculated; it is an advanced configuration option.
    • delayed_data_check_config (Optional, { check_window, enabled }): Specifies whether the datafeed checks for missing data and the size of the window. The datafeed can optionally search over indices that have already been read in an effort to determine whether any data has subsequently been added to the index. If missing data is found, it is a good indication that the query_delay is set too low and the data is being indexed after the datafeed has passed that moment in time. This check runs only on real-time datafeeds.
    • frequency (Optional, string | -1 | 0): The interval at which scheduled queries are made while the datafeed runs in real time. The default value is either the bucket span for short bucket spans, or, for longer bucket spans, a sensible fraction of the bucket span. When frequency is shorter than the bucket span, interim results for the last (partial) bucket are written then eventually overwritten by the full bucket results. If the datafeed uses aggregations, this value must be divisible by the interval of the date histogram aggregation.
    • indices (Optional, string[]): An array of index names. Wildcards are supported. If any of the indices are in remote clusters, the machine learning nodes must have the remote_cluster_client role.
    • indices_options (Optional, { allow_no_indices, expand_wildcards, ignore_unavailable, ignore_throttled }): Specifies index expansion options that are used during search.
    • job_id (Optional, string)
    • max_empty_searches (Optional, number): If a real-time datafeed has never seen any data (including during any initial training period), it automatically stops and closes the associated job after this many real-time searches return no documents. In other words, it stops after frequency times max_empty_searches of real-time operation. If not set, a datafeed with no end time that sees no data remains started until it is explicitly stopped. By default, it is not set.
    • query (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type }): The Elasticsearch query domain-specific language (DSL). This value corresponds to the query object in an Elasticsearch search POST body. All the options that are supported by Elasticsearch can be used, as this object is passed verbatim to Elasticsearch. Note that if you change the query, the analyzed data is also changed. Therefore, the time required to learn might be long and the understandability of the results is unpredictable. If you want to make significant changes to the source data, it is recommended that you clone the job and datafeed and make the amendments in the clone. Let both run in parallel and close one when you are satisfied with the results of the job.
    • query_delay (Optional, string | -1 | 0): The number of seconds behind real time that data is queried. For example, if data from 10:04 a.m. might not be searchable in Elasticsearch until 10:06 a.m., set this property to 120 seconds. The default value is randomly selected between 60s and 120s. This randomness improves the query performance when there are multiple jobs running on the same node.
    • runtime_mappings (Optional, Record<string, { fetch_fields, format, input_field, target_field, target_index, script, type }>): Specifies runtime fields for the datafeed search.
    • script_fields (Optional, Record<string, { script, ignore_failure }>): Specifies scripts that evaluate custom expressions and returns script fields to the datafeed. The detector configuration objects in a job can contain functions that use these script fields.
    • scroll_size (Optional, number): The size parameter that is used in Elasticsearch searches when the datafeed does not use aggregations. The maximum value is the value of index.max_result_window.
    • allow_no_indices (Optional, boolean): If true, wildcard indices expressions that resolve into no concrete indices are ignored. This includes the _all string or when no indices are specified.
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Type of index that wildcard patterns can match. If the request can target data streams, this argument determines whether wildcard expressions match hidden data streams. Supports a list of values. Valid values are:
  • all: Match any data stream or index, including hidden ones.
  • closed: Match closed, non-hidden indices. Also matches any non-hidden data stream. Data streams cannot be closed.
  • hidden: Match hidden data streams and hidden indices. Must be combined with open, closed, or both.
  • none: Wildcard patterns are not accepted.
  • open: Match open, non-hidden indices. Also matches any non-hidden data stream.

    • ignore_throttled (Optional, boolean): If true, concrete, expanded or aliased indices are ignored when frozen.
    • ignore_unavailable (Optional, boolean): If true, unavailable indices (missing or closed) are ignored.

update_filter

edit

Updates the description of a filter, adds items, or removes items.

Endpoint documentation

client.ml.updateFilter({ filter_id })

Arguments

edit
  • Request (object):

    • filter_id (string): A string that uniquely identifies a filter.
    • add_items (Optional, string[]): The items to add to the filter.
    • description (Optional, string): A description for the filter.
    • remove_items (Optional, string[]): The items to remove from the filter.

update_job

edit

Updates certain properties of an anomaly detection job.

Endpoint documentation

client.ml.updateJob({ job_id })

Arguments

edit
  • Request (object):

    • job_id (string): Identifier for the job.
    • allow_lazy_open (Optional, boolean): Advanced configuration option. Specifies whether this job can open when there is insufficient machine learning node capacity for it to be immediately assigned to a node. If false and a machine learning node with capacity to run the job cannot immediately be found, the open anomaly detection jobs API returns an error. However, this is also subject to the cluster-wide xpack.ml.max_lazy_ml_nodes setting. If this option is set to true, the open anomaly detection jobs API does not return an error and the job waits in the opening state until sufficient machine learning node capacity is available.
    • analysis_limits (Optional, { model_memory_limit })
    • background_persist_interval (Optional, string | -1 | 0): Advanced configuration option. The time between each periodic persistence of the model. The default value is a randomized value between 3 to 4 hours, which avoids all jobs persisting at exactly the same time. The smallest allowed value is 1 hour. For very large models (several GB), persistence could take 10-20 minutes, so do not set the value too low. If the job is open when you make the update, you must stop the datafeed, close the job, then reopen the job and restart the datafeed for the changes to take effect.
    • custom_settings (Optional, Record<string, User-defined value>): Advanced configuration option. Contains custom meta data about the job. For example, it can contain custom URL information as shown in Adding custom URLs to machine learning results.
    • categorization_filters (Optional, string[])
    • description (Optional, string): A description of the job.
    • model_plot_config (Optional, { annotations_enabled, enabled, terms })
    • model_prune_window (Optional, string | -1 | 0)
    • daily_model_snapshot_retention_after_days (Optional, number): Advanced configuration option, which affects the automatic removal of old model snapshots for this job. It specifies a period of time (in days) after which only the first snapshot per day is retained. This period is relative to the timestamp of the most recent snapshot for this job. Valid values range from 0 to model_snapshot_retention_days. For jobs created before version 7.8.0, the default value matches model_snapshot_retention_days.
    • model_snapshot_retention_days (Optional, number): Advanced configuration option, which affects the automatic removal of old model snapshots for this job. It specifies the maximum period of time (in days) that snapshots are retained. This period is relative to the timestamp of the most recent snapshot for this job.
    • renormalization_window_days (Optional, number): Advanced configuration option. The period over which adjustments to the score are applied, as new data is seen.
    • results_retention_days (Optional, number): Advanced configuration option. The period of time (in days) that results are retained. Age is calculated relative to the timestamp of the latest bucket result. If this property has a non-null value, once per day at 00:30 (server time), results that are the specified number of days older than the latest bucket result are deleted from Elasticsearch. The default value is null, which means all results are retained.
    • groups (Optional, string[]): A list of job groups. A job can belong to no groups or many.
    • detectors (Optional, { by_field_name, custom_rules, detector_description, detector_index, exclude_frequent, field_name, function, over_field_name, partition_field_name, use_null }[]): An array of detector update objects.
    • per_partition_categorization (Optional, { enabled, stop_on_warn }): Settings related to how categorization interacts with partition fields.

update_model_snapshot

edit

Updates certain properties of a snapshot.

Endpoint documentation

client.ml.updateModelSnapshot({ job_id, snapshot_id })

Arguments

edit
  • Request (object):

    • job_id (string): Identifier for the anomaly detection job.
    • snapshot_id (string): Identifier for the model snapshot.
    • description (Optional, string): A description of the model snapshot.
    • retain (Optional, boolean): If true, this snapshot will not be deleted during automatic cleanup of snapshots older than model_snapshot_retention_days. However, this snapshot will be deleted when the job is deleted.

update_trained_model_deployment

edit

Updates certain properties of trained model deployment.

Endpoint documentation

client.ml.updateTrainedModelDeployment()

upgrade_job_snapshot

edit

Upgrades a given job snapshot to the current major version.

Endpoint documentation

client.ml.upgradeJobSnapshot({ job_id, snapshot_id })

Arguments

edit
  • Request (object):

    • job_id (string): Identifier for the anomaly detection job.
    • snapshot_id (string): A numerical character string that uniquely identifies the model snapshot.
    • wait_for_completion (Optional, boolean): When true, the API won’t respond until the upgrade is complete. Otherwise, it responds as soon as the upgrade task is assigned to a node.
    • timeout (Optional, string | -1 | 0): Controls the time to wait for the request to complete.

nodes

edit

clear_repositories_metering_archive

edit

Removes the archived repositories metering information present in the cluster.

Endpoint documentation

client.nodes.clearRepositoriesMeteringArchive({ node_id, max_archive_version })

Arguments

edit

get_repositories_metering_info

edit

Returns cluster repositories metering information.

Endpoint documentation

client.nodes.getRepositoriesMeteringInfo({ node_id })

Arguments

edit

hot_threads

edit

Returns information about hot threads on each node in the cluster.

Endpoint documentation

client.nodes.hotThreads({ ... })

Arguments

edit
  • Request (object):

    • node_id (Optional, string | string[]): List of node IDs or names used to limit returned information.
    • ignore_idle_threads (Optional, boolean): If true, known idle threads (e.g. waiting in a socket select, or to get a task from an empty queue) are filtered out.
    • interval (Optional, string | -1 | 0): The interval to do the second sampling of threads.
    • snapshots (Optional, number): Number of samples of thread stacktrace.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.
    • threads (Optional, number): Specifies the number of hot threads to provide information for.
    • timeout (Optional, string | -1 | 0): Period to wait for a response. If no response is received before the timeout expires, the request fails and returns an error.
    • type (Optional, Enum("cpu" | "wait" | "block" | "gpu" | "mem")): The type to sample.
    • sort (Optional, Enum("cpu" | "wait" | "block" | "gpu" | "mem")): The sort order for cpu type (default: total)

info

edit

Returns information about nodes in the cluster.

Endpoint documentation

client.nodes.info({ ... })

Arguments

edit
  • Request (object):

    • node_id (Optional, string | string[]): List of node IDs or names used to limit returned information.
    • metric (Optional, string | string[]): Limits the information returned to the specific metrics. Supports a list, such as http,ingest.
    • flat_settings (Optional, boolean): If true, returns settings in flat format.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.
    • timeout (Optional, string | -1 | 0): Period to wait for a response. If no response is received before the timeout expires, the request fails and returns an error.

reload_secure_settings

edit

Reloads secure settings.

Endpoint documentation

client.nodes.reloadSecureSettings({ ... })

Arguments

edit
  • Request (object):

    • node_id (Optional, string | string[]): A list of node IDs to span the reload/reinit call. Should stay empty because reloading usually involves all cluster nodes.
    • secure_settings_password (Optional, string)
    • timeout (Optional, string | -1 | 0): Explicit operation timeout

stats

edit

Returns statistical information about nodes in the cluster.

Endpoint documentation

client.nodes.stats({ ... })

Arguments

edit
  • Request (object):

    • node_id (Optional, string | string[]): List of node IDs or names used to limit returned information.
    • metric (Optional, string | string[]): Limit the information returned to the specified metrics
    • index_metric (Optional, string | string[]): Limit the information returned for indices metric to the specific index metrics. It can be used only if indices (or all) metric is specified.
    • completion_fields (Optional, string | string[]): List or wildcard expressions of fields to include in fielddata and suggest statistics.
    • fielddata_fields (Optional, string | string[]): List or wildcard expressions of fields to include in fielddata statistics.
    • fields (Optional, string | string[]): List or wildcard expressions of fields to include in the statistics.
    • groups (Optional, boolean): List of search groups to include in the search statistics.
    • include_segment_file_sizes (Optional, boolean): If true, the call reports the aggregated disk usage of each one of the Lucene index files (only applies if segment stats are requested).
    • level (Optional, Enum("cluster" | "indices" | "shards")): Indicates whether statistics are aggregated at the cluster, index, or shard level.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.
    • timeout (Optional, string | -1 | 0): Period to wait for a response. If no response is received before the timeout expires, the request fails and returns an error.
    • types (Optional, string[]): A list of document types for the indexing index metric.
    • include_unloaded_segments (Optional, boolean): If set to true segment stats will include stats for segments that are not currently loaded into memory

usage

edit

Returns low-level information about REST actions usage on nodes.

Endpoint documentation

client.nodes.usage({ ... })

Arguments

edit
  • Request (object):

    • node_id (Optional, string | string[]): A list of node IDs or names to limit the returned information; use _local to return information from the node you’re connecting to, leave empty to get information from all nodes
    • metric (Optional, string | string[]): Limit the information returned to the specified metrics
    • timeout (Optional, string | -1 | 0): Explicit operation timeout

rollup

edit

delete_job

edit

Deletes an existing rollup job.

Endpoint documentation

client.rollup.deleteJob({ id })

Arguments

edit
  • Request (object):

    • id (string): The ID of the job to delete

get_jobs

edit

Retrieves the configuration, stats, and status of rollup jobs.

Endpoint documentation

client.rollup.getJobs({ ... })

Arguments

edit
  • Request (object):

    • id (Optional, string): The ID of the job(s) to fetch. Accepts glob patterns, or left blank for all jobs

get_rollup_caps

edit

Returns the capabilities of any rollup jobs that have been configured for a specific index or index pattern.

Endpoint documentation

client.rollup.getRollupCaps({ ... })

Arguments

edit
  • Request (object):

    • id (Optional, string): The ID of the index to check rollup capabilities on, or left blank for all jobs

get_rollup_index_caps

edit

Returns the rollup capabilities of all jobs inside of a rollup index (e.g. the index where rollup data is stored).

Endpoint documentation

client.rollup.getRollupIndexCaps({ index })

Arguments

edit
  • Request (object):

    • index (string | string[]): The rollup index or index pattern to obtain rollup capabilities from.

put_job

edit

Creates a rollup job.

Endpoint documentation

client.rollup.putJob({ id, cron, groups, index_pattern, page_size, rollup_index })

Arguments

edit
  • Request (object):

    • id (string): Identifier for the rollup job. This can be any alphanumeric string and uniquely identifies the data that is associated with the rollup job. The ID is persistent; it is stored with the rolled up data. If you create a job, let it run for a while, then delete the job, the data that the job rolled up is still be associated with this job ID. You cannot create a new job with the same ID since that could lead to problems with mismatched job configurations.
    • cron (string): A cron string which defines the intervals when the rollup job should be executed. When the interval triggers, the indexer attempts to rollup the data in the index pattern. The cron pattern is unrelated to the time interval of the data being rolled up. For example, you may wish to create hourly rollups of your document but to only run the indexer on a daily basis at midnight, as defined by the cron. The cron pattern is defined just like a Watcher cron schedule.
    • groups ({ date_histogram, histogram, terms }): Defines the grouping fields and aggregations that are defined for this rollup job. These fields will then be available later for aggregating into buckets. These aggs and fields can be used in any combination. Think of the groups configuration as defining a set of tools that can later be used in aggregations to partition the data. Unlike raw data, we have to think ahead to which fields and aggregations might be used. Rollups provide enough flexibility that you simply need to determine which fields are needed, not in what order they are needed.
    • index_pattern (string): The index or index pattern to roll up. Supports wildcard-style patterns (logstash-*). The job attempts to rollup the entire index or index-pattern.
    • page_size (number): The number of bucket results that are processed on each iteration of the rollup indexer. A larger value tends to execute faster, but requires more memory during processing. This value has no effect on how the data is rolled up; it is merely used for tweaking the speed or memory cost of the indexer.
    • rollup_index (string): The index that contains the rollup results. The index can be shared with other rollup jobs. The data is stored so that it doesn’t interfere with unrelated jobs.
    • metrics (Optional, { field, metrics }[]): Defines the metrics to collect for each grouping tuple. By default, only the doc_counts are collected for each group. To make rollup useful, you will often add metrics like averages, mins, maxes, etc. Metrics are defined on a per-field basis and for each field you configure which metric should be collected.
    • timeout (Optional, string | -1 | 0): Time to wait for the request to complete.
    • headers (Optional, Record<string, string | string[]>)

rollup_search

edit

Enables searching rolled-up data using the standard query DSL.

Endpoint documentation

client.rollup.rollupSearch({ index })

Arguments

edit
  • Request (object):

    • index (string | string[]): The indices or index-pattern(s) (containing rollup or regular data) that should be searched
    • aggregations (Optional, Record<string, { aggregations, meta, adjacency_matrix, auto_date_histogram, avg, avg_bucket, boxplot, bucket_script, bucket_selector, bucket_sort, bucket_count_ks_test, bucket_correlation, cardinality, categorize_text, children, composite, cumulative_cardinality, cumulative_sum, date_histogram, date_range, derivative, diversified_sampler, extended_stats, extended_stats_bucket, frequent_item_sets, filter, filters, geo_bounds, geo_centroid, geo_distance, geohash_grid, geo_line, geotile_grid, geohex_grid, global, histogram, ip_range, ip_prefix, inference, line, matrix_stats, max, max_bucket, median_absolute_deviation, min, min_bucket, missing, moving_avg, moving_percentiles, moving_fn, multi_terms, nested, normalize, parent, percentile_ranks, percentiles, percentiles_bucket, range, rare_terms, rate, reverse_nested, sampler, scripted_metric, serial_diff, significant_terms, significant_text, stats, stats_bucket, string_stats, sum, sum_bucket, terms, top_hits, t_test, top_metrics, value_count, weighted_avg, variable_width_histogram }>)
    • query (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type })
    • size (Optional, number): Must be zero if set, as rollups work on pre-aggregated data
    • rest_total_hits_as_int (Optional, boolean): Indicates whether hits.total should be rendered as an integer or an object in the rest search response
    • typed_keys (Optional, boolean): Specify whether aggregation and suggester names should be prefixed by their respective types in the response

start_job

edit

Starts an existing, stopped rollup job.

Endpoint documentation

client.rollup.startJob({ id })

Arguments

edit
  • Request (object):

    • id (string): The ID of the job to start

stop_job

edit

Stops an existing, started rollup job.

Endpoint documentation

client.rollup.stopJob({ id })

Arguments

edit
  • Request (object):

    • id (string): The ID of the job to stop
    • timeout (Optional, string | -1 | 0): Block for (at maximum) the specified duration while waiting for the job to stop. Defaults to 30s.
    • wait_for_completion (Optional, boolean): True if the API should block until the job has fully stopped, false if should be executed async. Defaults to false.

search_application

edit

delete

edit

Deletes a search application.

Endpoint documentation

client.searchApplication.delete({ name })

Arguments

edit
  • Request (object):

    • name (string): The name of the search application to delete

delete_behavioral_analytics

edit

Delete a behavioral analytics collection.

Endpoint documentation

client.searchApplication.deleteBehavioralAnalytics({ name })

Arguments

edit
  • Request (object):

    • name (string): The name of the analytics collection to be deleted

get

edit

Returns the details about a search application.

Endpoint documentation

client.searchApplication.get({ name })

Arguments

edit
  • Request (object):

    • name (string): The name of the search application

get_behavioral_analytics

edit

Returns the existing behavioral analytics collections.

Endpoint documentation

client.searchApplication.getBehavioralAnalytics({ ... })

Arguments

edit
  • Request (object):

    • name (Optional, string[]): A list of analytics collections to limit the returned information

list

edit

Returns the existing search applications.

Endpoint documentation

client.searchApplication.list({ ... })

Arguments

edit
  • Request (object):

    • q (Optional, string): Query in the Lucene query string syntax"
    • from (Optional, number): Starting offset (default: 0)
    • size (Optional, number): specifies a max number of results to get

post_behavioral_analytics_event

edit

Creates a behavioral analytics event for existing collection.

Endpoint documentation

client.searchApplication.postBehavioralAnalyticsEvent()

put

edit

Creates or updates a search application.

Endpoint documentation

client.searchApplication.put({ name })

Arguments

edit
  • Request (object):

    • name (string): The name of the search application to be created or updated
    • search_application (Optional, { name, indices, updated_at_millis, analytics_collection_name, template })
    • create (Optional, boolean): If true, requires that a search application with the specified resource_id does not already exist. (default: false)

put_behavioral_analytics

edit

Creates a behavioral analytics collection.

Endpoint documentation

client.searchApplication.putBehavioralAnalytics({ name })

Arguments

edit
  • Request (object):

    • name (string): The name of the analytics collection to be created or updated

search

edit

Perform a search against a search application

Endpoint documentation

client.searchApplication.search({ name })

Arguments

edit
  • Request (object):

    • name (string): The name of the search application to be searched
    • params (Optional, Record<string, User-defined value>)

searchable_snapshots

edit

cache_stats

edit

Retrieve node-level cache statistics about searchable snapshots.

Endpoint documentation

client.searchableSnapshots.cacheStats({ ... })

Arguments

edit
  • Request (object):

    • node_id (Optional, string | string[]): A list of node IDs or names to limit the returned information; use _local to return information from the node you’re connecting to, leave empty to get information from all nodes
    • master_timeout (Optional, string | -1 | 0)

clear_cache

edit

Clear the cache of searchable snapshots.

Endpoint documentation

client.searchableSnapshots.clearCache({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): A list of index names
    • expand_wildcards (Optional, Enum("all" | "open" | "closed" | "hidden" | "none") | Enum("all" | "open" | "closed" | "hidden" | "none")[]): Whether to expand wildcard expression to concrete indices that are open, closed or both.
    • allow_no_indices (Optional, boolean): Whether to ignore if a wildcard indices expression resolves into no concrete indices. (This includes _all string or when no indices have been specified)
    • ignore_unavailable (Optional, boolean): Whether specified concrete indices should be ignored when unavailable (missing or closed)
    • pretty (Optional, boolean)
    • human (Optional, boolean)

mount

edit

Mount a snapshot as a searchable index.

Endpoint documentation

client.searchableSnapshots.mount({ repository, snapshot, index })

Arguments

edit
  • Request (object):

    • repository (string): The name of the repository containing the snapshot of the index to mount
    • snapshot (string): The name of the snapshot of the index to mount
    • index (string)
    • renamed_index (Optional, string)
    • index_settings (Optional, Record<string, User-defined value>)
    • ignore_index_settings (Optional, string[])
    • master_timeout (Optional, string | -1 | 0): Explicit operation timeout for connection to master node
    • wait_for_completion (Optional, boolean): Should this request wait until the operation has completed before returning
    • storage (Optional, string): Selects the kind of local storage used to accelerate searches. Experimental, and defaults to full_copy

stats

edit

Retrieve shard-level statistics about searchable snapshots.

Endpoint documentation

client.searchableSnapshots.stats({ ... })

Arguments

edit
  • Request (object):

    • index (Optional, string | string[]): A list of index names
    • level (Optional, Enum("cluster" | "indices" | "shards")): Return stats aggregated at cluster, index or shard level

security

edit

authenticate

edit

Enables authentication as a user and retrieve information about the authenticated user.

Endpoint documentation

client.security.authenticate()

bulk_update_api_keys

edit

Updates the attributes of multiple existing API keys.

Endpoint documentation

client.security.bulkUpdateApiKeys()

change_password

edit

Changes the passwords of users in the native realm and built-in users.

Endpoint documentation

client.security.changePassword({ ... })

Arguments

edit
  • Request (object):

    • username (Optional, string): The user whose password you want to change. If you do not specify this parameter, the password is changed for the current user.
    • password (Optional, string): The new password value. Passwords must be at least 6 characters long.
    • password_hash (Optional, string): A hash of the new password value. This must be produced using the same hashing algorithm as has been configured for password storage. For more details, see the explanation of the xpack.security.authc.password_hashing.algorithm setting.
    • refresh (Optional, Enum(true | false | "wait_for")): If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes.

clear_api_key_cache

edit

Clear a subset or all entries from the API key cache.

Endpoint documentation

client.security.clearApiKeyCache({ ids })

Arguments

edit
  • Request (object):

    • ids (string | string[]): A list of IDs of API keys to clear from the cache

clear_cached_privileges

edit

Evicts application privileges from the native application privileges cache.

Endpoint documentation

client.security.clearCachedPrivileges({ application })

Arguments

edit
  • Request (object):

    • application (string): A list of application names

clear_cached_realms

edit

Evicts users from the user cache. Can completely clear the cache or evict specific users.

Endpoint documentation

client.security.clearCachedRealms({ realms })

Arguments

edit
  • Request (object):

    • realms (string | string[]): List of realms to clear
    • usernames (Optional, string[]): List of usernames to clear from the cache

clear_cached_roles

edit

Evicts roles from the native role cache.

Endpoint documentation

client.security.clearCachedRoles({ name })

Arguments

edit
  • Request (object):

    • name (string | string[]): Role name

clear_cached_service_tokens

edit

Evicts tokens from the service account token caches.

Endpoint documentation

client.security.clearCachedServiceTokens({ namespace, service, name })

Arguments

edit
  • Request (object):

    • namespace (string): An identifier for the namespace
    • service (string): An identifier for the service name
    • name (string | string[]): A list of service token names

create_api_key

edit

Creates an API key for access without requiring basic authentication.

Endpoint documentation

client.security.createApiKey({ ... })

Arguments

edit
  • Request (object):

    • expiration (Optional, string | -1 | 0): Expiration time for the API key. By default, API keys never expire.
    • name (Optional, string): Specifies the name for this API key.
    • role_descriptors (Optional, Record<string, { cluster, indices, global, applications, metadata, run_as, transient_metadata }>): An array of role descriptors for this API key. This parameter is optional. When it is not specified or is an empty array, then the API key will have a point in time snapshot of permissions of the authenticated user. If you supply role descriptors then the resultant permissions would be an intersection of API keys permissions and authenticated user’s permissions thereby limiting the access scope for API keys. The structure of role descriptor is the same as the request for create role API. For more details, see create or update roles API.
    • metadata (Optional, Record<string, User-defined value>): Arbitrary metadata that you want to associate with the API key. It supports nested data structure. Within the metadata object, keys beginning with _ are reserved for system usage.
    • refresh (Optional, Enum(true | false | "wait_for")): If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes.

create_service_token

edit

Creates a service account token for access without requiring basic authentication.

Endpoint documentation

client.security.createServiceToken({ namespace, service })

Arguments

edit
  • Request (object):

    • namespace (string): An identifier for the namespace
    • service (string): An identifier for the service name
    • name (Optional, string): An identifier for the token name
    • refresh (Optional, Enum(true | false | "wait_for")): If true then refresh the affected shards to make this operation visible to search, if wait_for (the default) then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes.

delete_privileges

edit

Removes application privileges.

Endpoint documentation

client.security.deletePrivileges({ application, name })

Arguments

edit
  • Request (object):

    • application (string): Application name
    • name (string | string[]): Privilege name
    • refresh (Optional, Enum(true | false | "wait_for")): If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes.

delete_role

edit

Removes roles in the native realm.

Endpoint documentation

client.security.deleteRole({ name })

Arguments

edit
  • Request (object):

    • name (string): Role name
    • refresh (Optional, Enum(true | false | "wait_for")): If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes.

delete_role_mapping

edit

Removes role mappings.

Endpoint documentation

client.security.deleteRoleMapping({ name })

Arguments

edit
  • Request (object):

    • name (string): Role-mapping name
    • refresh (Optional, Enum(true | false | "wait_for")): If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes.

delete_service_token

edit

Deletes a service account token.

Endpoint documentation

client.security.deleteServiceToken({ namespace, service, name })

Arguments

edit
  • Request (object):

    • namespace (string): An identifier for the namespace
    • service (string): An identifier for the service name
    • name (string): An identifier for the token name
    • refresh (Optional, Enum(true | false | "wait_for")): If true then refresh the affected shards to make this operation visible to search, if wait_for (the default) then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes.

delete_user

edit

Deletes users from the native realm.

Endpoint documentation

client.security.deleteUser({ username })

Arguments

edit
  • Request (object):

    • username (string): username
    • refresh (Optional, Enum(true | false | "wait_for")): If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes.

disable_user

edit

Disables users in the native realm.

Endpoint documentation

client.security.disableUser({ username })

Arguments

edit
  • Request (object):

    • username (string): The username of the user to disable
    • refresh (Optional, Enum(true | false | "wait_for")): If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes.

enable_user

edit

Enables users in the native realm.

Endpoint documentation

client.security.enableUser({ username })

Arguments

edit
  • Request (object):

    • username (string): The username of the user to enable
    • refresh (Optional, Enum(true | false | "wait_for")): If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes.

enroll_kibana

edit

Allows a kibana instance to configure itself to communicate with a secured elasticsearch cluster.

Endpoint documentation

client.security.enrollKibana()

enroll_node

edit

Allows a new node to enroll to an existing cluster with security enabled.

Endpoint documentation

client.security.enrollNode()

get_api_key

edit

Retrieves information for one or more API keys.

Endpoint documentation

client.security.getApiKey({ ... })

Arguments

edit
  • Request (object):

    • id (Optional, string): API key id of the API key to be retrieved
    • name (Optional, string): API key name of the API key to be retrieved
    • owner (Optional, boolean): flag to query API keys owned by the currently authenticated user
    • realm_name (Optional, string): realm name of the user who created this API key to be retrieved
    • username (Optional, string): user name of the user who created this API key to be retrieved
    • with_limited_by (Optional, boolean): Return the snapshot of the owner user’s role descriptors associated with the API key. An API key’s actual permission is the intersection of its assigned role descriptors and the owner user’s role descriptors.

get_builtin_privileges

edit

Retrieves the list of cluster privileges and index privileges that are available in this version of Elasticsearch.

Endpoint documentation

client.security.getBuiltinPrivileges()

get_privileges

edit

Retrieves application privileges.

Endpoint documentation

client.security.getPrivileges({ ... })

Arguments

edit
  • Request (object):

    • application (Optional, string): Application name
    • name (Optional, string | string[]): Privilege name

get_role

edit

Retrieves roles in the native realm.

Endpoint documentation

client.security.getRole({ ... })

Arguments

edit
  • Request (object):

    • name (Optional, string | string[]): The name of the role. You can specify multiple roles as a list. If you do not specify this parameter, the API returns information about all roles.

get_role_mapping

edit

Retrieves role mappings.

Endpoint documentation

client.security.getRoleMapping({ ... })

Arguments

edit
  • Request (object):

    • name (Optional, string | string[]): The distinct name that identifies the role mapping. The name is used solely as an identifier to facilitate interaction via the API; it does not affect the behavior of the mapping in any way. You can specify multiple mapping names as a list. If you do not specify this parameter, the API returns information about all role mappings.

get_service_accounts

edit

Retrieves information about service accounts.

Endpoint documentation

client.security.getServiceAccounts({ ... })

Arguments

edit
  • Request (object):

    • namespace (Optional, string): Name of the namespace. Omit this parameter to retrieve information about all service accounts. If you omit this parameter, you must also omit the service parameter.
    • service (Optional, string): Name of the service name. Omit this parameter to retrieve information about all service accounts that belong to the specified namespace.

get_service_credentials

edit

Retrieves information of all service credentials for a service account.

Endpoint documentation

client.security.getServiceCredentials({ namespace, service })

Arguments

edit
  • Request (object):

    • namespace (string): Name of the namespace.
    • service (string): Name of the service name.

get_token

edit

Creates a bearer token for access without requiring basic authentication.

Endpoint documentation

client.security.getToken({ ... })

Arguments

edit
  • Request (object):

    • grant_type (Optional, Enum("password" | "client_credentials" | "_kerberos" | "refresh_token"))
    • scope (Optional, string)
    • password (Optional, string)
    • kerberos_ticket (Optional, string)
    • refresh_token (Optional, string)
    • username (Optional, string)

get_user

edit

Retrieves information about users in the native realm and built-in users.

Endpoint documentation

client.security.getUser({ ... })

Arguments

edit
  • Request (object):

    • username (Optional, string | string[]): An identifier for the user. You can specify multiple usernames as a list. If you omit this parameter, the API retrieves information about all users.
    • with_profile_uid (Optional, boolean): If true will return the User Profile ID for a user, if any.

get_user_privileges

edit

Retrieves security privileges for the logged in user.

Endpoint documentation

client.security.getUserPrivileges({ ... })

Arguments

edit
  • Request (object):

    • application (Optional, string): The name of the application. Application privileges are always associated with exactly one application. If you do not specify this parameter, the API returns information about all privileges for all applications.
    • priviledge (Optional, string): The name of the privilege. If you do not specify this parameter, the API returns information about all privileges for the requested application.
    • username (Optional, string | null)

grant_api_key

edit

Creates an API key on behalf of another user.

Endpoint documentation

client.security.grantApiKey({ api_key, grant_type })

Arguments

edit
  • Request (object):

    • api_key ({ name, expiration, role_descriptors, metadata })
    • grant_type (Enum("access_token" | "password"))
    • access_token (Optional, string)
    • username (Optional, string)
    • password (Optional, string)
    • run_as (Optional, string)

has_privileges

edit

Determines whether the specified user has a specified list of privileges.

Endpoint documentation

client.security.hasPrivileges({ ... })

Arguments

edit
  • Request (object):

    • user (Optional, string): Username
    • application (Optional, { application, privileges, resources }[])
    • cluster (Optional, Enum("all" | "cancel_task" | "create_snapshot" | "grant_api_key" | "manage" | "manage_api_key" | "manage_ccr" | "manage_enrich" | "manage_ilm" | "manage_index_templates" | "manage_ingest_pipelines" | "manage_logstash_pipelines" | "manage_ml" | "manage_oidc" | "manage_own_api_key" | "manage_pipeline" | "manage_rollup" | "manage_saml" | "manage_security" | "manage_service_account" | "manage_slm" | "manage_token" | "manage_transform" | "manage_user_profile" | "manage_watcher" | "monitor" | "monitor_ml" | "monitor_rollup" | "monitor_snapshot" | "monitor_text_structure" | "monitor_transform" | "monitor_watcher" | "read_ccr" | "read_ilm" | "read_pipeline" | "read_slm" | "transport_client")[]): A list of the cluster privileges that you want to check.
    • index (Optional, { names, privileges, allow_restricted_indices }[])

invalidate_api_key

edit

Invalidates one or more API keys.

Endpoint documentation

client.security.invalidateApiKey({ ... })

Arguments

edit
  • Request (object):

    • id (Optional, string)
    • ids (Optional, string[])
    • name (Optional, string)
    • owner (Optional, boolean)
    • realm_name (Optional, string)
    • username (Optional, string)

invalidate_token

edit

Invalidates one or more access tokens or refresh tokens.

Endpoint documentation

client.security.invalidateToken({ ... })

Arguments

edit
  • Request (object):

    • token (Optional, string)
    • refresh_token (Optional, string)
    • realm_name (Optional, string)
    • username (Optional, string)

oidc_authenticate

edit

Exchanges an OpenID Connection authentication response message for an Elasticsearch access token and refresh token pair

Endpoint documentation

client.security.oidcAuthenticate()

oidc_logout

edit

Invalidates a refresh token and access token that was generated from the OpenID Connect Authenticate API

Endpoint documentation

client.security.oidcLogout()

oidc_prepare_authentication

edit

Creates an OAuth 2.0 authentication request as a URL string

Endpoint documentation

client.security.oidcPrepareAuthentication()

put_privileges

edit

Adds or updates application privileges.

Endpoint documentation

client.security.putPrivileges({ ... })

Arguments

edit
  • Request (object):

    • privileges (Optional, Record<string, Record<string, User-defined value>>)
    • refresh (Optional, Enum(true | false | "wait_for")): If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes.

put_role

edit

Adds and updates roles in the native realm.

Endpoint documentation

client.security.putRole({ name })

Arguments

edit
  • Request (object):

    • name (string): The name of the role.
    • applications (Optional, { application, privileges, resources }[]): A list of application privilege entries.
    • cluster (Optional, Enum("all" | "cancel_task" | "create_snapshot" | "grant_api_key" | "manage" | "manage_api_key" | "manage_ccr" | "manage_enrich" | "manage_ilm" | "manage_index_templates" | "manage_ingest_pipelines" | "manage_logstash_pipelines" | "manage_ml" | "manage_oidc" | "manage_own_api_key" | "manage_pipeline" | "manage_rollup" | "manage_saml" | "manage_security" | "manage_service_account" | "manage_slm" | "manage_token" | "manage_transform" | "manage_user_profile" | "manage_watcher" | "monitor" | "monitor_ml" | "monitor_rollup" | "monitor_snapshot" | "monitor_text_structure" | "monitor_transform" | "monitor_watcher" | "read_ccr" | "read_ilm" | "read_pipeline" | "read_slm" | "transport_client")[]): A list of cluster privileges. These privileges define the cluster-level actions for users with this role.
    • global (Optional, Record<string, User-defined value>): An object defining global privileges. A global privilege is a form of cluster privilege that is request-aware. Support for global privileges is currently limited to the management of application privileges.
    • indices (Optional, { field_security, names, privileges, query, allow_restricted_indices }[]): A list of indices permissions entries.
    • metadata (Optional, Record<string, User-defined value>): Optional metadata. Within the metadata object, keys that begin with an underscore (_) are reserved for system use.
    • run_as (Optional, string[]): A list of users that the owners of this role can impersonate.
    • transient_metadata (Optional, { enabled }): Indicates roles that might be incompatible with the current cluster license, specifically roles with document and field level security. When the cluster license doesn’t allow certain features for a given role, this parameter is updated dynamically to list the incompatible features. If enabled is false, the role is ignored, but is still listed in the response from the authenticate API.
    • refresh (Optional, Enum(true | false | "wait_for")): If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes.

put_role_mapping

edit

Creates and updates role mappings.

Endpoint documentation

client.security.putRoleMapping({ name })

Arguments

edit
  • Request (object):

    • name (string): Role-mapping name
    • enabled (Optional, boolean)
    • metadata (Optional, Record<string, User-defined value>)
    • roles (Optional, string[])
    • rules (Optional, { any, all, field, except })
    • run_as (Optional, string[])
    • refresh (Optional, Enum(true | false | "wait_for")): If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes.

put_user

edit

Adds and updates users in the native realm. These users are commonly referred to as native users.

Endpoint documentation

client.security.putUser({ username })

Arguments

edit
  • Request (object):

    • username (string): The username of the User
    • email (Optional, string | null)
    • full_name (Optional, string | null)
    • metadata (Optional, Record<string, User-defined value>)
    • password (Optional, string)
    • password_hash (Optional, string)
    • roles (Optional, string[])
    • enabled (Optional, boolean)
    • refresh (Optional, Enum(true | false | "wait_for")): If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes.

query_api_keys

edit

Retrieves information for API keys using a subset of query DSL

Endpoint documentation

client.security.queryApiKeys({ ... })

Arguments

edit
  • Request (object):

    • query (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type }): A query to filter which API keys to return. The query supports a subset of query types, including match_all, bool, term, terms, ids, prefix, wildcard, and range. You can query all public information associated with an API key
    • from (Optional, number): Starting document offset. By default, you cannot page through more than 10,000 hits using the from and size parameters. To page through more hits, use the search_after parameter.
    • sort (Optional, string | { _score, _doc, _geo_distance, _script } | string | { _score, _doc, _geo_distance, _script }[])
    • size (Optional, number): The number of hits to return. By default, you cannot page through more than 10,000 hits using the from and size parameters. To page through more hits, use the search_after parameter.
    • search_after (Optional, number | number | string | boolean | null | User-defined value[])
    • with_limited_by (Optional, boolean): Return the snapshot of the owner user’s role descriptors associated with the API key. An API key’s actual permission is the intersection of its assigned role descriptors and the owner user’s role descriptors.

saml_authenticate

edit

Exchanges a SAML Response message for an Elasticsearch access token and refresh token pair

Endpoint documentation

client.security.samlAuthenticate({ content, ids })

Arguments

edit
  • Request (object):

    • content (string): The SAML response as it was sent by the user’s browser, usually a Base64 encoded XML document.
    • ids (string | string[]): A json array with all the valid SAML Request Ids that the caller of the API has for the current user.
    • realm (Optional, string): The name of the realm that should authenticate the SAML response. Useful in cases where many SAML realms are defined.

saml_complete_logout

edit

Verifies the logout response sent from the SAML IdP

Endpoint documentation

client.security.samlCompleteLogout({ realm, ids })

Arguments

edit
  • Request (object):

    • realm (string): The name of the SAML realm in Elasticsearch for which the configuration is used to verify the logout response.
    • ids (string | string[]): A json array with all the valid SAML Request Ids that the caller of the API has for the current user.
    • query_string (Optional, string): If the SAML IdP sends the logout response with the HTTP-Redirect binding, this field must be set to the query string of the redirect URI.
    • content (Optional, string): If the SAML IdP sends the logout response with the HTTP-Post binding, this field must be set to the value of the SAMLResponse form parameter from the logout response.

saml_invalidate

edit

Consumes a SAML LogoutRequest

Endpoint documentation

client.security.samlInvalidate({ query_string })

Arguments

edit
  • Request (object):

    • query_string (string): The query part of the URL that the user was redirected to by the SAML IdP to initiate the Single Logout. This query should include a single parameter named SAMLRequest that contains a SAML logout request that is deflated and Base64 encoded. If the SAML IdP has signed the logout request, the URL should include two extra parameters named SigAlg and Signature that contain the algorithm used for the signature and the signature value itself. In order for Elasticsearch to be able to verify the IdP’s signature, the value of the query_string field must be an exact match to the string provided by the browser. The client application must not attempt to parse or process the string in any way.
    • acs (Optional, string): The Assertion Consumer Service URL that matches the one of the SAML realm in Elasticsearch that should be used. You must specify either this parameter or the realm parameter.
    • realm (Optional, string): The name of the SAML realm in Elasticsearch the configuration. You must specify either this parameter or the acs parameter.

saml_logout

edit

Invalidates an access token and a refresh token that were generated via the SAML Authenticate API

Endpoint documentation

client.security.samlLogout({ token })

Arguments

edit
  • Request (object):

    • token (string): The access token that was returned as a response to calling the SAML authenticate API. Alternatively, the most recent token that was received after refreshing the original one by using a refresh_token.
    • refresh_token (Optional, string): The refresh token that was returned as a response to calling the SAML authenticate API. Alternatively, the most recent refresh token that was received after refreshing the original access token.

saml_prepare_authentication

edit

Creates a SAML authentication request

Endpoint documentation

client.security.samlPrepareAuthentication({ ... })

Arguments

edit
  • Request (object):

    • acs (Optional, string): The Assertion Consumer Service URL that matches the one of the SAML realms in Elasticsearch. The realm is used to generate the authentication request. You must specify either this parameter or the realm parameter.
    • realm (Optional, string): The name of the SAML realm in Elasticsearch for which the configuration is used to generate the authentication request. You must specify either this parameter or the acs parameter.
    • relay_state (Optional, string): A string that will be included in the redirect URL that this API returns as the RelayState query parameter. If the Authentication Request is signed, this value is used as part of the signature computation.

saml_service_provider_metadata

edit

Generates SAML metadata for the Elastic stack SAML 2.0 Service Provider

Endpoint documentation

client.security.samlServiceProviderMetadata({ realm_name })

Arguments

edit
  • Request (object):

    • realm_name (string): The name of the SAML realm in Elasticsearch.

update_api_key

edit

Updates attributes of an existing API key.

Endpoint documentation

client.security.updateApiKey({ id })

Arguments

edit
  • Request (object):

    • id (string): The ID of the API key to update.
    • role_descriptors (Optional, Record<string, { cluster, indices, global, applications, metadata, run_as, transient_metadata }>): An array of role descriptors for this API key. This parameter is optional. When it is not specified or is an empty array, then the API key will have a point in time snapshot of permissions of the authenticated user. If you supply role descriptors then the resultant permissions would be an intersection of API keys permissions and authenticated user’s permissions thereby limiting the access scope for API keys. The structure of role descriptor is the same as the request for create role API. For more details, see create or update roles API.
    • metadata (Optional, Record<string, User-defined value>): Arbitrary metadata that you want to associate with the API key. It supports nested data structure. Within the metadata object, keys beginning with _ are reserved for system usage.

slm

edit

delete_lifecycle

edit

Deletes an existing snapshot lifecycle policy.

Endpoint documentation

client.slm.deleteLifecycle({ policy_id })

Arguments

edit
  • Request (object):

    • policy_id (string): The id of the snapshot lifecycle policy to remove

execute_lifecycle

edit

Immediately creates a snapshot according to the lifecycle policy, without waiting for the scheduled time.

Endpoint documentation

client.slm.executeLifecycle({ policy_id })

Arguments

edit
  • Request (object):

    • policy_id (string): The id of the snapshot lifecycle policy to be executed

execute_retention

edit

Deletes any snapshots that are expired according to the policy’s retention rules.

Endpoint documentation

client.slm.executeRetention()

get_lifecycle

edit

Retrieves one or more snapshot lifecycle policy definitions and information about the latest snapshot attempts.

Endpoint documentation

client.slm.getLifecycle({ ... })

Arguments

edit
  • Request (object):

    • policy_id (Optional, string | string[]): List of snapshot lifecycle policies to retrieve

get_stats

edit

Returns global and policy-level statistics about actions taken by snapshot lifecycle management.

Endpoint documentation

client.slm.getStats()

get_status

edit

Retrieves the status of snapshot lifecycle management (SLM).

Endpoint documentation

client.slm.getStatus()

put_lifecycle

edit

Creates or updates a snapshot lifecycle policy.

Endpoint documentation

client.slm.putLifecycle({ policy_id })

Arguments

edit
  • Request (object):

    • policy_id (string): ID for the snapshot lifecycle policy you want to create or update.
    • config (Optional, { ignore_unavailable, indices, include_global_state, feature_states, metadata, partial }): Configuration for each snapshot created by the policy.
    • name (Optional, string): Name automatically assigned to each snapshot created by the policy. Date math is supported. To prevent conflicting snapshot names, a UUID is automatically appended to each snapshot name.
    • repository (Optional, string): Repository used to store snapshots created by this policy. This repository must exist prior to the policy’s creation. You can create a repository using the snapshot repository API.
    • retention (Optional, { expire_after, max_count, min_count }): Retention rules used to retain and delete snapshots created by the policy.
    • schedule (Optional, string): Periodic or absolute schedule at which the policy creates snapshots. SLM applies schedule changes immediately.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.
    • timeout (Optional, string | -1 | 0): Period to wait for a response. If no response is received before the timeout expires, the request fails and returns an error.

start

edit

Turns on snapshot lifecycle management (SLM).

Endpoint documentation

client.slm.start()

stop

edit

Turns off snapshot lifecycle management (SLM).

Endpoint documentation

client.slm.stop()

snapshot

edit

cleanup_repository

edit

Removes stale data from repository.

Endpoint documentation

client.snapshot.cleanupRepository({ repository })

Arguments

edit
  • Request (object):

    • repository (string): Snapshot repository to clean up.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node.
    • timeout (Optional, string | -1 | 0): Period to wait for a response.

clone

edit

Clones indices from one snapshot into another snapshot in the same repository.

Endpoint documentation

client.snapshot.clone({ repository, snapshot, target_snapshot, indices })

Arguments

edit
  • Request (object):

    • repository (string): A repository name
    • snapshot (string): The name of the snapshot to clone from
    • target_snapshot (string): The name of the cloned snapshot to create
    • indices (string)
    • master_timeout (Optional, string | -1 | 0): Explicit operation timeout for connection to master node
    • timeout (Optional, string | -1 | 0)

create

edit

Creates a snapshot in a repository.

Endpoint documentation

client.snapshot.create({ repository, snapshot })

Arguments

edit
  • Request (object):

    • repository (string): Repository for the snapshot.
    • snapshot (string): Name of the snapshot. Must be unique in the repository.
    • ignore_unavailable (Optional, boolean): If true, the request ignores data streams and indices in indices that are missing or closed. If false, the request returns an error for any data stream or index that is missing or closed.
    • include_global_state (Optional, boolean): If true, the current cluster state is included in the snapshot. The cluster state includes persistent cluster settings, composable index templates, legacy index templates, ingest pipelines, and ILM policies. It also includes data stored in system indices, such as Watches and task records (configurable via feature_states).
    • indices (Optional, string | string[]): Data streams and indices to include in the snapshot. Supports multi-target syntax. Includes all data streams and indices by default.
    • feature_states (Optional, string[]): Feature states to include in the snapshot. Each feature state includes one or more system indices containing related data. You can view a list of eligible features using the get features API. If include_global_state is true, all current feature states are included by default. If include_global_state is false, no feature states are included by default.
    • metadata (Optional, Record<string, User-defined value>): Optional metadata for the snapshot. May have any contents. Must be less than 1024 bytes. This map is not automatically generated by Elasticsearch.
    • partial (Optional, boolean): If true, allows restoring a partial snapshot of indices with unavailable shards. Only shards that were successfully included in the snapshot will be restored. All missing shards will be recreated as empty. If false, the entire restore operation will fail if one or more indices included in the snapshot do not have all primary shards available.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.
    • wait_for_completion (Optional, boolean): If true, the request returns a response when the snapshot is complete. If false, the request returns a response when the snapshot initializes.

create_repository

edit

Creates a repository.

Endpoint documentation

client.snapshot.createRepository({ repository, type, settings })

Arguments

edit
  • Request (object):

    • repository (string): A repository name
    • type (string)
    • settings ({ chunk_size, compress, concurrent_streams, location, read_only })
    • master_timeout (Optional, string | -1 | 0): Explicit operation timeout for connection to master node
    • timeout (Optional, string | -1 | 0): Explicit operation timeout
    • verify (Optional, boolean): Whether to verify the repository after creation

delete

edit

Deletes one or more snapshots.

Endpoint documentation

client.snapshot.delete({ repository, snapshot })

Arguments

edit
  • Request (object):

    • repository (string): A repository name
    • snapshot (string): A list of snapshot names
    • master_timeout (Optional, string | -1 | 0): Explicit operation timeout for connection to master node

delete_repository

edit

Deletes a repository.

Endpoint documentation

client.snapshot.deleteRepository({ repository })

Arguments

edit
  • Request (object):

    • repository (string | string[]): Name of the snapshot repository to unregister. Wildcard (*) patterns are supported.
    • master_timeout (Optional, string | -1 | 0): Explicit operation timeout for connection to master node
    • timeout (Optional, string | -1 | 0): Explicit operation timeout

get

edit

Returns information about a snapshot.

Endpoint documentation

client.snapshot.get({ repository, snapshot })

Arguments

edit
  • Request (object):

    • repository (string): List of snapshot repository names used to limit the request. Wildcard (*) expressions are supported.
    • snapshot (string | string[]): List of snapshot names to retrieve. Also accepts wildcards (*).

      • To get information about all snapshots in a registered repository, use a wildcard (*) or _all.
      • To get information about any snapshots that are currently running, use _current.
    • ignore_unavailable (Optional, boolean): If false, the request returns an error for any snapshots that are unavailable.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.
    • verbose (Optional, boolean): If true, returns additional information about each snapshot such as the version of Elasticsearch which took the snapshot, the start and end times of the snapshot, and the number of shards snapshotted.
    • index_details (Optional, boolean): If true, returns additional information about each index in the snapshot comprising the number of shards in the index, the total size of the index in bytes, and the maximum number of segments per shard in the index. Defaults to false, meaning that this information is omitted.
    • index_names (Optional, boolean): If true, returns the name of each index in each snapshot.
    • include_repository (Optional, boolean): If true, returns the repository name in each snapshot.
    • sort (Optional, Enum("start_time" | "duration" | "name" | "index_count" | "repository" | "shard_count" | "failed_shard_count")): Allows setting a sort order for the result. Defaults to start_time, i.e. sorting by snapshot start time stamp.
    • size (Optional, number): Maximum number of snapshots to return. Defaults to 0 which means return all that match the request without limit.
    • order (Optional, Enum("asc" | "desc")): Sort order. Valid values are asc for ascending and desc for descending order. Defaults to asc, meaning ascending order.
    • after (Optional, string): Offset identifier to start pagination from as returned by the next field in the response body.
    • offset (Optional, number): Numeric offset to start pagination from based on the snapshots matching this request. Using a non-zero value for this parameter is mutually exclusive with using the after parameter. Defaults to 0.
    • from_sort_value (Optional, string): Value of the current sort column at which to start retrieval. Can either be a string snapshot- or repository name when sorting by snapshot or repository name, a millisecond time value or a number when sorting by index- or shard count.
    • slm_policy_filter (Optional, string): Filter snapshots by a list of SLM policy names that snapshots belong to. Also accepts wildcards (*) and combinations of wildcards followed by exclude patterns starting with -. To include snapshots not created by an SLM policy you can use the special pattern _none that will match all snapshots without an SLM policy.

get_repository

edit

Returns information about a repository.

Endpoint documentation

client.snapshot.getRepository({ ... })

Arguments

edit
  • Request (object):

    • repository (Optional, string | string[]): A list of repository names
    • local (Optional, boolean): Return local information, do not retrieve the state from master node (default: false)
    • master_timeout (Optional, string | -1 | 0): Explicit operation timeout for connection to master node

repository_analyze

edit

Analyzes a repository for correctness and performance

Endpoint documentation

client.snapshot.repositoryAnalyze()

restore

edit

Restores a snapshot.

Endpoint documentation

client.snapshot.restore({ repository, snapshot })

Arguments

edit
  • Request (object):

    • repository (string): A repository name
    • snapshot (string): A snapshot name
    • feature_states (Optional, string[])
    • ignore_index_settings (Optional, string[])
    • ignore_unavailable (Optional, boolean)
    • include_aliases (Optional, boolean)
    • include_global_state (Optional, boolean)
    • index_settings (Optional, { index, mode, routing_path, soft_deletes, sort, number_of_shards, number_of_replicas, number_of_routing_shards, check_on_startup, codec, routing_partition_size, load_fixed_bitset_filters_eagerly, hidden, auto_expand_replicas, merge, search, refresh_interval, max_result_window, max_inner_result_window, max_rescore_window, max_docvalue_fields_search, max_script_fields, max_ngram_diff, max_shingle_diff, blocks, max_refresh_listeners, analyze, highlight, max_terms_count, max_regex_length, routing, gc_deletes, default_pipeline, final_pipeline, lifecycle, provided_name, creation_date, creation_date_string, uuid, version, verified_before_close, format, max_slices_per_scroll, translog, query_string, priority, top_metrics_max_size, analysis, settings, time_series, shards, queries, similarity, mapping, indexing.slowlog, indexing_pressure, store })
    • indices (Optional, string | string[])
    • partial (Optional, boolean)
    • rename_pattern (Optional, string)
    • rename_replacement (Optional, string)
    • master_timeout (Optional, string | -1 | 0): Explicit operation timeout for connection to master node
    • wait_for_completion (Optional, boolean): Should this request wait until the operation has completed before returning

status

edit

Returns information about the status of a snapshot.

Endpoint documentation

client.snapshot.status({ ... })

Arguments

edit
  • Request (object):

    • repository (Optional, string): A repository name
    • snapshot (Optional, string | string[]): A list of snapshot names
    • ignore_unavailable (Optional, boolean): Whether to ignore unavailable snapshots, defaults to false which means a SnapshotMissingException is thrown
    • master_timeout (Optional, string | -1 | 0): Explicit operation timeout for connection to master node

verify_repository

edit

Verifies a repository.

Endpoint documentation

client.snapshot.verifyRepository({ repository })

Arguments

edit
  • Request (object):

    • repository (string): A repository name
    • master_timeout (Optional, string | -1 | 0): Explicit operation timeout for connection to master node
    • timeout (Optional, string | -1 | 0): Explicit operation timeout

sql

edit

clear_cursor

edit

Clears the SQL cursor

Endpoint documentation

client.sql.clearCursor({ cursor })

Arguments

edit
  • Request (object):

    • cursor (string)

delete_async

edit

Deletes an async SQL search or a stored synchronous SQL search. If the search is still running, the API cancels it.

Endpoint documentation

client.sql.deleteAsync({ id })

Arguments

edit
  • Request (object):

    • id (string): The async search ID

get_async

edit

Returns the current status and available results for an async SQL search or stored synchronous SQL search

Endpoint documentation

client.sql.getAsync({ id })

Arguments

edit
  • Request (object):

    • id (string): The async search ID
    • delimiter (Optional, string): Separator for CSV results. The API only supports this parameter for CSV responses.
    • format (Optional, string): Format for the response. You must specify a format using this parameter or the Accept HTTP header. If you specify both, the API uses this parameter.
    • keep_alive (Optional, string | -1 | 0): Retention period for the search and its results. Defaults to the keep_alive period for the original SQL search.
    • wait_for_completion_timeout (Optional, string | -1 | 0): Period to wait for complete results. Defaults to no timeout, meaning the request waits for complete search results.

get_async_status

edit

Returns the current status of an async SQL search or a stored synchronous SQL search

Endpoint documentation

client.sql.getAsyncStatus({ id })

Arguments

edit
  • Request (object):

    • id (string): The async search ID

query

edit

Executes a SQL request

Endpoint documentation

client.sql.query({ ... })

Arguments

edit
  • Request (object):

    • catalog (Optional, string): Default catalog (cluster) for queries. If unspecified, the queries execute on the data in the local cluster only.
    • columnar (Optional, boolean): If true, the results in a columnar fashion: one row represents all the values of a certain column from the current page of results.
    • cursor (Optional, string)
    • fetch_size (Optional, number): The maximum number of rows (or entries) to return in one response
    • filter (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type }): Optional Elasticsearch query DSL for additional filtering.
    • query (Optional, string): SQL query to execute
    • request_timeout (Optional, string | -1 | 0): The timeout before the request fails.
    • page_timeout (Optional, string | -1 | 0): The timeout before a pagination request fails.
    • time_zone (Optional, string): Time-zone in ISO 8601 used for executing the query on the server. More information available here.
    • field_multi_value_leniency (Optional, boolean): Throw an exception when encountering multiple values for a field (default) or be lenient and return the first value from the list (without any guarantees of what that will be - typically the first in natural ascending order).
    • runtime_mappings (Optional, Record<string, { fetch_fields, format, input_field, target_field, target_index, script, type }>): Defines one or more runtime fields in the search request. These fields take precedence over mapped fields with the same name.
    • wait_for_completion_timeout (Optional, string | -1 | 0): Period to wait for complete results. Defaults to no timeout, meaning the request waits for complete search results. If the search doesn’t finish within this period, the search becomes async.
    • params (Optional, Record<string, User-defined value>): Values for parameters in the query.
    • keep_alive (Optional, string | -1 | 0): Retention period for an async or saved synchronous search.
    • keep_on_completion (Optional, boolean): If true, Elasticsearch stores synchronous searches if you also specify the wait_for_completion_timeout parameter. If false, Elasticsearch only stores async searches that don’t finish before the wait_for_completion_timeout.
    • index_using_frozen (Optional, boolean): If true, the search can run on frozen indices. Defaults to false.
    • format (Optional, string): a short version of the Accept header, e.g. json, yaml

translate

edit

Translates SQL into Elasticsearch queries

Endpoint documentation

client.sql.translate({ query })

Arguments

edit
  • Request (object):

    • query (string)
    • fetch_size (Optional, number)
    • filter (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type })
    • time_zone (Optional, string)

ssl

edit

certificates

edit

Retrieves information about the X.509 certificates used to encrypt communications in the cluster.

Endpoint documentation

client.ssl.certificates()

tasks

edit

cancel

edit

Cancels a task, if it can be cancelled through an API.

Endpoint documentation

client.tasks.cancel({ ... })

Arguments

edit
  • Request (object):

    • task_id (Optional, string | number): Cancel the task with specified task id (node_id:task_number)
    • actions (Optional, string | string[]): A list of actions that should be cancelled. Leave empty to cancel all.
    • nodes (Optional, string[]): A list of node IDs or names to limit the returned information; use _local to return information from the node you’re connecting to, leave empty to get information from all nodes
    • parent_task_id (Optional, string): Cancel tasks with specified parent task id (node_id:task_number). Set to -1 to cancel all.
    • wait_for_completion (Optional, boolean): Should the request block until the cancellation of the task and its descendant tasks is completed. Defaults to false

get

edit

Returns information about a task.

Endpoint documentation

client.tasks.get({ task_id })

Arguments

edit
  • Request (object):

    • task_id (string): Return the task with specified id (node_id:task_number)
    • timeout (Optional, string | -1 | 0): Explicit operation timeout
    • wait_for_completion (Optional, boolean): Wait for the matching tasks to complete (default: false)

list

edit

Returns a list of tasks.

Endpoint documentation

client.tasks.list({ ... })

Arguments

edit
  • Request (object):

    • actions (Optional, string | string[]): List or wildcard expression of actions used to limit the request.
    • detailed (Optional, boolean): If true, the response includes detailed information about shard recoveries.
    • group_by (Optional, Enum("nodes" | "parents" | "none")): Key used to group tasks in the response.
    • node_id (Optional, string[]): List of node IDs or names used to limit returned information.
    • parent_task_id (Optional, string): Parent task ID used to limit returned information. To return all tasks, omit this parameter or use a value of -1.
    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.
    • timeout (Optional, string | -1 | 0): Period to wait for a response. If no response is received before the timeout expires, the request fails and returns an error.
    • wait_for_completion (Optional, boolean): If true, the request blocks until the operation is complete.

text_structure

edit

find_structure

edit

Finds the structure of a text file. The text file must contain data that is suitable to be ingested into Elasticsearch.

Endpoint documentation

client.textStructure.findStructure({ ... })

Arguments

edit
  • Request (object):

    • text_files (Optional, TJsonDocument[])
    • charset (Optional, string): The text’s character set. It must be a character set that is supported by the JVM that Elasticsearch uses. For example, UTF-8, UTF-16LE, windows-1252, or EUC-JP. If this parameter is not specified, the structure finder chooses an appropriate character set.
    • column_names (Optional, string): If you have set format to delimited, you can specify the column names in a list. If this parameter is not specified, the structure finder uses the column names from the header row of the text. If the text does not have a header role, columns are named "column1", "column2", "column3", etc.
    • delimiter (Optional, string): If you have set format to delimited, you can specify the character used to delimit the values in each row. Only a single character is supported; the delimiter cannot have multiple characters. By default, the API considers the following possibilities: comma, tab, semi-colon, and pipe (|). In this default scenario, all rows must have the same number of fields for the delimited format to be detected. If you specify a delimiter, up to 10% of the rows can have a different number of columns than the first row.
    • explain (Optional, boolean): If this parameter is set to true, the response includes a field named explanation, which is an array of strings that indicate how the structure finder produced its result.
    • format (Optional, string): The high level structure of the text. Valid values are ndjson, xml, delimited, and semi_structured_text. By default, the API chooses the format. In this default scenario, all rows must have the same number of fields for a delimited format to be detected. If the format is set to delimited and the delimiter is not set, however, the API tolerates up to 5% of rows that have a different number of columns than the first row.
    • grok_pattern (Optional, string): If you have set format to semi_structured_text, you can specify a Grok pattern that is used to extract fields from every message in the text. The name of the timestamp field in the Grok pattern must match what is specified in the timestamp_field parameter. If that parameter is not specified, the name of the timestamp field in the Grok pattern must match "timestamp". If grok_pattern is not specified, the structure finder creates a Grok pattern.
    • has_header_row (Optional, boolean): If you have set format to delimited, you can use this parameter to indicate whether the column names are in the first row of the text. If this parameter is not specified, the structure finder guesses based on the similarity of the first row of the text to other rows.
    • line_merge_size_limit (Optional, number): The maximum number of characters in a message when lines are merged to form messages while analyzing semi-structured text. If you have extremely long messages you may need to increase this, but be aware that this may lead to very long processing times if the way to group lines into messages is misdetected.
    • lines_to_sample (Optional, number): The number of lines to include in the structural analysis, starting from the beginning of the text. The minimum is 2; If the value of this parameter is greater than the number of lines in the text, the analysis proceeds (as long as there are at least two lines in the text) for all of the lines.
    • quote (Optional, string): If you have set format to delimited, you can specify the character used to quote the values in each row if they contain newlines or the delimiter character. Only a single character is supported. If this parameter is not specified, the default value is a double quote ("). If your delimited text format does not use quoting, a workaround is to set this argument to a character that does not appear anywhere in the sample.
    • should_trim_fields (Optional, boolean): If you have set format to delimited, you can specify whether values between delimiters should have whitespace trimmed from them. If this parameter is not specified and the delimiter is pipe (|), the default value is true. Otherwise, the default value is false.
    • timeout (Optional, string | -1 | 0): Sets the maximum amount of time that the structure analysis make take. If the analysis is still running when the timeout expires then it will be aborted.
    • timestamp_field (Optional, string): Optional parameter to specify the timestamp field in the file
    • timestamp_format (Optional, string): The Java time format of the timestamp field in the text.

transform

edit

delete_transform

edit

Deletes an existing transform.

Endpoint documentation

client.transform.deleteTransform({ transform_id })

Arguments

edit
  • Request (object):

    • transform_id (string): Identifier for the transform.
    • force (Optional, boolean): If this value is false, the transform must be stopped before it can be deleted. If true, the transform is deleted regardless of its current state.
    • timeout (Optional, string | -1 | 0): Period to wait for a response. If no response is received before the timeout expires, the request fails and returns an error.

get_transform

edit

Retrieves configuration information for transforms.

Endpoint documentation

client.transform.getTransform({ ... })

Arguments

edit
  • Request (object):

    • transform_id (Optional, string | string[]): Identifier for the transform. It can be a transform identifier or a wildcard expression. You can get information for all transforms by using _all, by specifying * as the <transform_id>, or by omitting the <transform_id>.
    • allow_no_match (Optional, boolean): Specifies what to do when the request:

      1. Contains wildcard expressions and there are no transforms that match.
      2. Contains the _all string or no identifiers and there are no matches.
      3. Contains wildcard expressions and there are only partial matches.

If this parameter is false, the request returns a 404 status code when there are no matches or only partial matches. from (Optional, number): Skips the specified number of transforms. size (Optional, number): Specifies the maximum number of transforms to obtain. * *exclude_generated (Optional, boolean): Excludes fields that were automatically added when creating the transform. This allows the configuration to be in an acceptable format to be retrieved and then added to another cluster.

get_transform_stats

edit

Retrieves usage information for transforms.

Endpoint documentation

client.transform.getTransformStats({ transform_id })

Arguments

edit
  • Request (object):

    • transform_id (string | string[]): Identifier for the transform. It can be a transform identifier or a wildcard expression. You can get information for all transforms by using _all, by specifying * as the <transform_id>, or by omitting the <transform_id>.
    • allow_no_match (Optional, boolean): Specifies what to do when the request:

      1. Contains wildcard expressions and there are no transforms that match.
      2. Contains the _all string or no identifiers and there are no matches.
      3. Contains wildcard expressions and there are only partial matches.

If this parameter is false, the request returns a 404 status code when there are no matches or only partial matches. from (Optional, number): Skips the specified number of transforms. size (Optional, number): Specifies the maximum number of transforms to obtain. * *timeout (Optional, string | -1 | 0): Controls the time to wait for the stats

preview_transform

edit

Previews a transform.

Endpoint documentation

client.transform.previewTransform({ ... })

Arguments

edit
  • Request (object):

    • transform_id (Optional, string): Identifier for the transform to preview. If you specify this path parameter, you cannot provide transform configuration details in the request body.
    • dest (Optional, { index, op_type, pipeline, routing, version_type }): The destination for the transform.
    • description (Optional, string): Free text description of the transform.
    • frequency (Optional, string | -1 | 0): The interval between checks for changes in the source indices when the transform is running continuously. Also determines the retry interval in the event of transient failures while the transform is searching or indexing. The minimum value is 1s and the maximum is 1h.
    • pivot (Optional, { aggregations, group_by }): The pivot method transforms the data by aggregating and grouping it. These objects define the group by fields and the aggregation to reduce the data.
    • source (Optional, { index, query, remote, size, slice, sort, _source, runtime_mappings }): The source of the data for the transform.
    • settings (Optional, { align_checkpoints, dates_as_epoch_millis, deduce_mappings, docs_per_second, max_page_search_size, unattended }): Defines optional transform settings.
    • sync (Optional, { time }): Defines the properties transforms require to run continuously.
    • retention_policy (Optional, { time }): Defines a retention policy for the transform. Data that meets the defined criteria is deleted from the destination index.
    • latest (Optional, { sort, unique_key }): The latest method transforms the data by finding the latest document for each unique key.
    • timeout (Optional, string | -1 | 0): Period to wait for a response. If no response is received before the timeout expires, the request fails and returns an error.

put_transform

edit

Instantiates a transform.

Endpoint documentation

client.transform.putTransform({ transform_id, dest, source })

Arguments

edit
  • Request (object):

    • transform_id (string): Identifier for the transform. This identifier can contain lowercase alphanumeric characters (a-z and 0-9), hyphens, and underscores. It has a 64 character limit and must start and end with alphanumeric characters.
    • dest ({ index, op_type, pipeline, routing, version_type }): The destination for the transform.
    • source ({ index, query, remote, size, slice, sort, _source, runtime_mappings }): The source of the data for the transform.
    • description (Optional, string): Free text description of the transform.
    • frequency (Optional, string | -1 | 0): The interval between checks for changes in the source indices when the transform is running continuously. Also determines the retry interval in the event of transient failures while the transform is searching or indexing. The minimum value is 1s and the maximum is 1h.
    • latest (Optional, { sort, unique_key }): The latest method transforms the data by finding the latest document for each unique key.
    • _meta (Optional, Record<string, User-defined value>): Defines optional transform metadata.
    • pivot (Optional, { aggregations, group_by }): The pivot method transforms the data by aggregating and grouping it. These objects define the group by fields and the aggregation to reduce the data.
    • retention_policy (Optional, { time }): Defines a retention policy for the transform. Data that meets the defined criteria is deleted from the destination index.
    • settings (Optional, { align_checkpoints, dates_as_epoch_millis, deduce_mappings, docs_per_second, max_page_search_size, unattended }): Defines optional transform settings.
    • sync (Optional, { time }): Defines the properties transforms require to run continuously.
    • defer_validation (Optional, boolean): When the transform is created, a series of validations occur to ensure its success. For example, there is a check for the existence of the source indices and a check that the destination index is not part of the source index pattern. You can use this parameter to skip the checks, for example when the source index does not exist until after the transform is created. The validations are always run when you start the transform, however, with the exception of privilege checks.
    • timeout (Optional, string | -1 | 0): Period to wait for a response. If no response is received before the timeout expires, the request fails and returns an error.

reset_transform

edit

Resets an existing transform.

Endpoint documentation

client.transform.resetTransform({ transform_id })

Arguments

edit
  • Request (object):

    • transform_id (string): Identifier for the transform. This identifier can contain lowercase alphanumeric characters (a-z and 0-9), hyphens, and underscores. It has a 64 character limit and must start and end with alphanumeric characters.
    • force (Optional, boolean): If this value is true, the transform is reset regardless of its current state. If it’s false, the transform must be stopped before it can be reset.

schedule_now_transform

edit

Schedules now a transform.

Endpoint documentation

client.transform.scheduleNowTransform({ transform_id })

Arguments

edit
  • Request (object):

    • transform_id (string): Identifier for the transform.
    • timeout (Optional, string | -1 | 0): Controls the time to wait for the scheduling to take place

start_transform

edit

Starts one or more transforms.

Endpoint documentation

client.transform.startTransform({ transform_id })

Arguments

edit
  • Request (object):

    • transform_id (string): Identifier for the transform.
    • timeout (Optional, string | -1 | 0): Period to wait for a response. If no response is received before the timeout expires, the request fails and returns an error.
    • from (Optional, string): Restricts the set of transformed entities to those changed after this time. Relative times like now-30d are supported. Only applicable for continuous transforms.

stop_transform

edit

Stops one or more transforms.

Endpoint documentation

client.transform.stopTransform({ transform_id })

Arguments

edit
  • Request (object):

    • transform_id (string): Identifier for the transform. To stop multiple transforms, use a list or a wildcard expression. To stop all transforms, use _all or * as the identifier.
    • allow_no_match (Optional, boolean): Specifies what to do when the request: contains wildcard expressions and there are no transforms that match; contains the _all string or no identifiers and there are no matches; contains wildcard expressions and there are only partial matches.

If it is true, the API returns a successful acknowledgement message when there are no matches. When there are only partial matches, the API stops the appropriate transforms.

If it is false, the request returns a 404 status code when there are no matches or only partial matches. force (Optional, boolean): If it is true, the API forcefully stops the transforms. timeout (Optional, string | -1 | 0): Period to wait for a response when wait_for_completion is true. If no response is received before the timeout expires, the request returns a timeout exception. However, the request continues processing and eventually moves the transform to a STOPPED state. wait_for_checkpoint (Optional, boolean): If it is true, the transform does not completely stop until the current checkpoint is completed. If it is false, the transform stops as soon as possible. wait_for_completion (Optional, boolean): If it is true, the API blocks until the indexer state completely stops. If it is false, the API returns immediately and the indexer is stopped asynchronously in the background.

update_transform

edit

Updates certain properties of a transform.

Endpoint documentation

client.transform.updateTransform({ transform_id })

Arguments

edit
  • Request (object):

    • transform_id (string): Identifier for the transform.
    • dest (Optional, { index, op_type, pipeline, routing, version_type }): The destination for the transform.
    • description (Optional, string): Free text description of the transform.
    • frequency (Optional, string | -1 | 0): The interval between checks for changes in the source indices when the transform is running continuously. Also determines the retry interval in the event of transient failures while the transform is searching or indexing. The minimum value is 1s and the maximum is 1h.
    • _meta (Optional, Record<string, User-defined value>): Defines optional transform metadata.
    • source (Optional, { index, query, remote, size, slice, sort, _source, runtime_mappings }): The source of the data for the transform.
    • settings (Optional, { align_checkpoints, dates_as_epoch_millis, deduce_mappings, docs_per_second, max_page_search_size, unattended }): Defines optional transform settings.
    • sync (Optional, { time }): Defines the properties transforms require to run continuously.
    • retention_policy (Optional, { time } | null): Defines a retention policy for the transform. Data that meets the defined criteria is deleted from the destination index.
    • defer_validation (Optional, boolean): When true, deferrable validations are not run. This behavior may be desired if the source index does not exist until after the transform is created.
    • timeout (Optional, string | -1 | 0): Period to wait for a response. If no response is received before the timeout expires, the request fails and returns an error.

upgrade_transforms

edit

Upgrades all transforms.

Endpoint documentation

client.transform.upgradeTransforms({ ... })

Arguments

edit
  • Request (object):

    • dry_run (Optional, boolean): When true, the request checks for updates but does not run them.
    • timeout (Optional, string | -1 | 0): Period to wait for a response. If no response is received before the timeout expires, the request fails and returns an error.

watcher

edit

ack_watch

edit

Acknowledges a watch, manually throttling the execution of the watch’s actions.

Endpoint documentation

client.watcher.ackWatch({ watch_id })

Arguments

edit
  • Request (object):

    • watch_id (string): Watch ID
    • action_id (Optional, string | string[]): A list of the action ids to be acked

activate_watch

edit

Activates a currently inactive watch.

Endpoint documentation

client.watcher.activateWatch({ watch_id })

Arguments

edit
  • Request (object):

    • watch_id (string): Watch ID

deactivate_watch

edit

Deactivates a currently active watch.

Endpoint documentation

client.watcher.deactivateWatch({ watch_id })

Arguments

edit
  • Request (object):

    • watch_id (string): Watch ID

delete_watch

edit

Removes a watch from Watcher.

Endpoint documentation

client.watcher.deleteWatch({ id })

Arguments

edit
  • Request (object):

    • id (string): Watch ID

execute_watch

edit

Forces the execution of a stored watch.

Endpoint documentation

client.watcher.executeWatch({ ... })

Arguments

edit
  • Request (object):

    • id (Optional, string): Identifier for the watch.
    • action_modes (Optional, Record<string, Enum("simulate" | "force_simulate" | "execute" | "force_execute" | "skip")>): Determines how to handle the watch actions as part of the watch execution.
    • alternative_input (Optional, Record<string, User-defined value>): When present, the watch uses this object as a payload instead of executing its own input.
    • ignore_condition (Optional, boolean): When set to true, the watch execution uses the always condition. This can also be specified as an HTTP parameter.
    • record_execution (Optional, boolean): When set to true, the watch record representing the watch execution result is persisted to the .watcher-history index for the current time. In addition, the status of the watch is updated, possibly throttling subsequent executions. This can also be specified as an HTTP parameter.
    • simulated_actions (Optional, { actions, all, use_all })
    • trigger_data (Optional, { scheduled_time, triggered_time }): This structure is parsed as the data of the trigger event that will be used during the watch execution
    • watch (Optional, { actions, condition, input, metadata, status, throttle_period, throttle_period_in_millis, transform, trigger }): When present, this watch is used instead of the one specified in the request. This watch is not persisted to the index and record_execution cannot be set.
    • debug (Optional, boolean): Defines whether the watch runs in debug mode.

get_settings

edit

Retrieve settings for the watcher system index

Endpoint documentation

client.watcher.getSettings()

get_watch

edit

Retrieves a watch by its ID.

Endpoint documentation

client.watcher.getWatch({ id })

Arguments

edit
  • Request (object):

    • id (string): Watch ID

put_watch

edit

Creates a new watch, or updates an existing one.

Endpoint documentation

client.watcher.putWatch({ id })

Arguments

edit
  • Request (object):

    • id (string): Watch ID
    • actions (Optional, Record<string, { add_backing_index, remove_backing_index }>)
    • condition (Optional, { always, array_compare, compare, never, script })
    • input (Optional, { chain, http, search, simple })
    • metadata (Optional, Record<string, User-defined value>)
    • throttle_period (Optional, string)
    • transform (Optional, { chain, script, search })
    • trigger (Optional, { schedule })
    • active (Optional, boolean): Specify whether the watch is in/active by default
    • if_primary_term (Optional, number): only update the watch if the last operation that has changed the watch has the specified primary term
    • if_seq_no (Optional, number): only update the watch if the last operation that has changed the watch has the specified sequence number
    • version (Optional, number): Explicit version number for concurrency control

query_watches

edit

Retrieves stored watches.

Endpoint documentation

client.watcher.queryWatches({ ... })

Arguments

edit
  • Request (object):

    • from (Optional, number): The offset from the first result to fetch. Needs to be non-negative.
    • size (Optional, number): The number of hits to return. Needs to be non-negative.
    • query (Optional, { bool, boosting, common, combined_fields, constant_score, dis_max, distance_feature, exists, function_score, fuzzy, geo_bounding_box, geo_distance, geo_polygon, geo_shape, has_child, has_parent, ids, intervals, match, match_all, match_bool_prefix, match_none, match_phrase, match_phrase_prefix, more_like_this, multi_match, nested, parent_id, percolate, pinned, prefix, query_string, range, rank_feature, regexp, script, script_score, shape, simple_query_string, span_containing, field_masking_span, span_first, span_multi, span_near, span_not, span_or, span_term, span_within, term, terms, terms_set, text_expansion, wildcard, wrapper, type }): Optional, query filter watches to be returned.
    • sort (Optional, string | { _score, _doc, _geo_distance, _script } | string | { _score, _doc, _geo_distance, _script }[]): Optional sort definition.
    • search_after (Optional, number | number | string | boolean | null | User-defined value[]): Optional search After to do pagination using last hit’s sort values.

start

edit

Starts Watcher if it is not already running.

Endpoint documentation

client.watcher.start()

stats

edit

Retrieves the current Watcher metrics.

Endpoint documentation

client.watcher.stats({ ... })

Arguments

edit
  • Request (object):

    • metric (Optional, Enum("_all" | "queued_watches" | "current_watches" | "pending_watches") | Enum("_all" | "queued_watches" | "current_watches" | "pending_watches")[]): Defines which additional metrics are included in the response.
    • emit_stacktraces (Optional, boolean): Defines whether stack traces are generated for each watch that is running.

stop

edit

Stops Watcher if it is running.

Endpoint documentation

client.watcher.stop()

update_settings

edit

Update settings for the watcher system index

Endpoint documentation

client.watcher.updateSettings()

xpack

edit

info

edit

Retrieves information about the installed X-Pack features.

Endpoint documentation

client.xpack.info({ ... })

Arguments

edit
  • Request (object):

    • categories (Optional, string[]): A list of the information categories to include in the response. For example, build,license,features.
    • accept_enterprise (Optional, boolean): If this param is used it must be set to true
    • human (Optional, boolean): Defines whether additional human-readable information is included in the response. In particular, it adds descriptions and a tag line.

usage

edit

Retrieves usage information about the installed X-Pack features.

Endpoint documentation

client.xpack.usage({ ... })

Arguments

edit
  • Request (object):

    • master_timeout (Optional, string | -1 | 0): Period to wait for a connection to the master node. If no response is received before the timeout expires, the request fails and returns an error.