Preview a datafeed | Elasticsearch API documentation (8x-unreleased)

Preview a datafeed Generally available; Added in 5.4.0

POST /_ml/datafeeds/{datafeed_id}/_preview

This API returns the first "page" of search results from a datafeed. You can preview an existing datafeed or provide configuration details for a datafeed and anomaly detection job in the API. The preview shows the structure of the data that will be passed to the anomaly detection engine. IMPORTANT: When Elasticsearch security features are enabled, the preview uses the credentials of the user that called the API. However, when the datafeed starts it uses the roles of the last user that created or updated the datafeed. To get a preview that accurately reflects the behavior of the datafeed, use the appropriate credentials. You can also use secondary authorization headers to supply the credentials. ##Required authorization

Index privileges: read* Cluster privileges: manage_ml

Path parameters

datafeed_id string Required

A numerical character string that uniquely identifies the datafeed. This identifier can contain lowercase alphanumeric characters (a-z and 0-9), hyphens, and underscores. It must start and end with alphanumeric characters. NOTE: If you use this path parameter, you cannot provide datafeed or anomaly detection job configuration details in the request body.

Query parameters

start string | number

The start time from where the datafeed preview should begin
end string | number

The end time when the datafeed preview should stop

application/json

Body

datafeed_config object
Hide datafeed_config attributes Show datafeed_config attributes object
- aggregations object
  
  If set, the datafeed performs aggregation searches. Support for aggregations is limited and should be used only with low cardinality data.
- chunking_config object
  Hide chunking_config attributes Show chunking_config attributes object
  
  mode string Required
  
  Values are auto, manual, or off.
  
  time_span string
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
- datafeed_id string
- delayed_data_check_config object
  Hide delayed_data_check_config attributes Show delayed_data_check_config attributes object
  
  check_window string
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
  
  enabled boolean Required
  
  Specifies whether the datafeed periodically checks for delayed data.
- frequency string
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
- indices string | array[string]
- indices_options object
  Hide indices_options attributes Show indices_options attributes object
  
  allow_no_indices boolean
  
  If false, the request returns an error if any wildcard expression, index alias, or _all value targets only missing or closed indices. This behavior applies even if the request targets other open indices. For example, a request targeting foo*,bar* returns an error if an index starts with foo but no index starts with bar.
  
  expand_wildcards string | array[string]
  
  ignore_unavailable boolean
  
  If true, missing or closed indices are not included in the response.
  
  ignore_throttled boolean
  
  If true, concrete, expanded or aliased indices are ignored when frozen.
- job_id string
- max_empty_searches number
  
  If a real-time datafeed has never seen any data (including during any initial training period) then it will automatically stop itself and close its associated job after this many real-time searches that return no documents. In other words, it will stop after frequency times max_empty_searches of real-time operation. If not set then a datafeed with no end time that sees no data will remain started until it is explicitly stopped.
- query object
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  External documentation
  Hide query attributes Show query attributes object
  
  bool object
  
  Hide bool attributes Show bool attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  filter object | array[object]
  
  The clause (query) must appear in matching documents. However, unlike must, the score of the query will be ignored.
  
  One of:
  QueryContainer object array-2 array[object]
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  minimum_should_match number | string
  
  The minimum number of terms that should match as integer, percentage or range
  
  One of:
  MinimumShouldMatch number MinimumShouldMatch string
  
  must object | array[object]
  
  The clause (query) must appear in matching documents and will contribute to the score.
  
  One of:
  QueryContainer object array-2 array[object]
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  must_not object | array[object]
  
  The clause (query) must not appear in the matching documents. Because scoring is ignored, a score of 0 is returned for all documents.
  
  One of:
  QueryContainer object array-2 array[object]
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  should object | array[object]
  
  The clause (query) should appear in the matching document.
  
  One of:
  QueryContainer object array-2 array[object]
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  boosting object
  
  Hide boosting attributes Show boosting attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  negative_boost number Required
  
  Floating point number between 0 and 1.0 used to decrease the relevance scores of documents matching the negative query.
  
  negative object Required
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  positive object Required
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  common object Deprecated
  
  combined_fields object
  
  Hide combined_fields attributes Show combined_fields attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  fields array[string] Required
  
  List of fields to search. Field wildcard patterns are allowed. Only text fields are supported, and they must all have the same search analyzer.
  
  query string Required
  
  Text to search for in the provided fields. The combined_fields query analyzes the provided text before performing a search.
  
  auto_generate_synonyms_phrase_query boolean
  
  If true, match phrase queries are automatically created for multi-term synonyms.
  
  operator string
  
  Values are or or and.
  
  minimum_should_match number | string
  
  The minimum number of terms that should match as integer, percentage or range
  
  One of:
  MinimumShouldMatch number MinimumShouldMatch string
  
  zero_terms_query string
  
  Values are none or all.
  
  constant_score object
  
  Hide constant_score attributes Show constant_score attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  filter object Required
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  dis_max object
  
  Hide dis_max attributes Show dis_max attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  queries array[object] Required
  
  One or more query clauses. Returned documents must match one or more of these queries. If a document matches multiple queries, Elasticsearch uses the highest relevance score.
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  tie_breaker number
  
  Floating point number between 0 and 1.0 used to increase the relevance scores of documents matching multiple query clauses.
  
  distance_feature object
  
  One of:
  DistanceFeatureQueryBase object DistanceFeatureQueryBaseGeoLocationDistance object DistanceFeatureQueryBaseDateMathDuration object
  
  Hide attributes Show attributes
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  origin object Required
  
  Date or point of origin used to calculate distances. If the field value is a date or date_nanos field, the origin value must be a date. Date Math, such as now-1h, is supported. If the field value is a geo_point field, the origin value must be a geopoint.
  
  pivot object Required
  
  Distance from the origin at which relevance scores receive half of the boost value. If the field value is a date or date_nanos field, the pivot value must be a time unit, such as 1h or 10d. If the field value is a geo_point field, the pivot value must be a distance unit, such as 1km or 12m.
  
  field string Required
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  Hide attributes Show attributes
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  origin
  
  pivot string Required
  
  field string Required
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  Hide attributes Show attributes
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  origin string Required
  
  pivot string Required
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
  
  field string Required
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  exists object
  
  Hide exists attributes Show exists attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  field string Required
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  function_score object
  
  Hide function_score attributes Show function_score attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  boost_mode string
  
  Values are multiply, replace, sum, avg, max, or min.
  
  functions array[object]
  
  One or more functions that compute a new score for each document returned by the query.
  
  max_boost number
  
  Restricts the new score to not exceed the provided limit.
  
  min_score number
  
  Excludes documents that do not meet the provided score threshold.
  
  query object
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  score_mode string
  
  Values are multiply, sum, avg, first, max, or min.
  
  fuzzy object
  
  Returns documents that contain terms similar to the search term, as measured by a Levenshtein edit distance.
  
  External documentation
  
  geo_bounding_box object
  
  Hide geo_bounding_box attributes Show geo_bounding_box attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  type string
  
  Values are memory or indexed.
  
  validation_method string
  
  Values are coerce, ignore_malformed, or strict.
  
  ignore_unmapped boolean
  
  Set to true to ignore an unmapped field and not match any documents for this query. Set to false to throw an exception if the field is not mapped.
  
  geo_distance object
  
  Hide geo_distance attributes Show geo_distance attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  distance string Required
  
  distance_type string
  
  Values are arc or plane.
  
  validation_method string
  
  Values are coerce, ignore_malformed, or strict.
  
  ignore_unmapped boolean
  
  Set to true to ignore an unmapped field and not match any documents for this query. Set to false to throw an exception if the field is not mapped.
  
  geo_grid object
  
  Matches geo_point and geo_shape values that intersect a grid cell from a GeoGrid aggregation.
  
  geo_polygon object
  
  Hide geo_polygon attributes Show geo_polygon attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  validation_method string
  
  Values are coerce, ignore_malformed, or strict.
  
  ignore_unmapped boolean
  
  geo_shape object
  
  Hide geo_shape attributes Show geo_shape attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  ignore_unmapped boolean
  
  Set to true to ignore an unmapped field and not match any documents for this query. Set to false to throw an exception if the field is not mapped.
  
  has_child object
  
  Hide has_child attributes Show has_child attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  ignore_unmapped boolean
  
  Indicates whether to ignore an unmapped type and not return any documents instead of an error.
  
  inner_hits object
  
  Hide inner_hits attributes Show inner_hits attributes object
  
  name string
  
  size number
  
  The maximum number of hits to return per inner_hits.
  
  from number
  
  Inner hit starting document offset.
  
  collapse object
  
  Hide collapse attributes Show collapse attributes object
  
  field string Required
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  inner_hits
  
  max_concurrent_group_searches number
  
  The number of concurrent requests allowed to retrieve the inner_hits per group
  
  collapse object
  
  docvalue_fields array[object]
  
  explain boolean
  
  highlight object
  
  ignore_unmapped boolean
  
  script_fields object
  
  Hide script_fields attribute Show script_fields attribute object
  
  * object Additional properties
  
  seq_no_primary_term boolean
  
  fields array[string]
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  sort array[string | object]
  
  _source boolean | object
  
  Defines how to fetch a source. Fetching can be disabled entirely, or the source can be filtered.
  
  One of:
  SourceConfig boolean SourceFilter object
  
  stored_fields string | array[string]
  
  track_scores boolean
  
  version boolean
  
  max_children number
  
  Maximum number of child documents that match the query allowed for a returned parent document. If the parent document exceeds this limit, it is excluded from the search results.
  
  min_children number
  
  Minimum number of child documents that match the query required to match the query for a returned parent document. If the parent document does not meet this limit, it is excluded from the search results.
  
  query object Required
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  score_mode string
  
  Values are none, avg, sum, max, or min.
  
  type string Required
  
  has_parent object
  
  Hide has_parent attributes Show has_parent attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  ignore_unmapped boolean
  
  Indicates whether to ignore an unmapped parent_type and not return any documents instead of an error. You can use this parameter to query multiple indices that may not contain the parent_type.
  
  inner_hits object
  
  Hide inner_hits attributes Show inner_hits attributes object
  
  name string
  
  size number
  
  The maximum number of hits to return per inner_hits.
  
  from number
  
  Inner hit starting document offset.
  
  collapse object
  
  Hide collapse attributes Show collapse attributes object
  
  field string Required
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  inner_hits
  
  max_concurrent_group_searches number
  
  The number of concurrent requests allowed to retrieve the inner_hits per group
  
  collapse object
  
  docvalue_fields array[object]
  
  explain boolean
  
  highlight object
  
  ignore_unmapped boolean
  
  script_fields object
  
  Hide script_fields attribute Show script_fields attribute object
  
  * object Additional properties
  
  seq_no_primary_term boolean
  
  fields array[string]
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  sort array[string | object]
  
  _source boolean | object
  
  Defines how to fetch a source. Fetching can be disabled entirely, or the source can be filtered.
  
  One of:
  SourceConfig boolean SourceFilter object
  
  stored_fields string | array[string]
  
  track_scores boolean
  
  version boolean
  
  parent_type string Required
  
  query object Required
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  score boolean
  
  Indicates whether the relevance score of a matching parent document is aggregated into its child documents.
  
  ids object
  
  Hide ids attributes Show ids attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  values string | array[string]
  
  One of:
  Id string Ids array[string]
  
  intervals object
  
  Returns documents based on the order and proximity of matching terms.
  
  External documentation
  
  knn object
  
  Hide knn attributes Show knn attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  field string Required
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  query_vector array[number]
  
  query_vector_builder object
  
  Hide query_vector_builder attribute Show query_vector_builder attribute object
  
  text_embedding object
  
  Hide text_embedding attributes Show text_embedding attributes object
  
  model_id string Required
  
  model_text string Required
  
  num_candidates number
  
  The number of nearest neighbor candidates to consider per shard
  
  k number
  
  The final number of nearest neighbors to return as top hits
  
  filter object | array[object]
  
  Filters for the kNN search query
  
  One of:
  QueryContainer object array-2 array[object]
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  similarity number
  
  The minimum similarity for a vector to be considered a match
  
  rescore_vector object
  
  Hide rescore_vector attribute Show rescore_vector attribute object
  
  oversample number Required
  
  Applies the specified oversample factor to k on the approximate kNN search
  
  match object
  
  Returns documents that match a provided text, number, date or boolean value. The provided text is analyzed before matching.
  
  External documentation
  
  match_all object
  
  Hide match_all attributes Show match_all attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  match_bool_prefix object
  
  Analyzes its input and constructs a bool query from the terms. Each term except the last is used in a term query. The last term is used in a prefix query.
  
  External documentation
  
  match_none object
  
  Hide match_none attributes Show match_none attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  match_phrase object
  
  Analyzes the text and creates a phrase query out of the analyzed text.
  
  External documentation
  
  match_phrase_prefix object
  
  Returns documents that contain the words of a provided text, in the same order as provided. The last term of the provided text is treated as a prefix, matching any words that begin with that term.
  
  External documentation
  
  more_like_this object
  
  Hide more_like_this attributes Show more_like_this attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  analyzer string
  
  The analyzer that is used to analyze the free form text. Defaults to the analyzer associated with the first field in fields.
  
  External documentation
  
  boost_terms number
  
  Each term in the formed query could be further boosted by their tf-idf score. This sets the boost factor to use when using this feature. Defaults to deactivated (0).
  
  fail_on_unsupported_field boolean
  
  Controls whether the query should fail (throw an exception) if any of the specified fields are not of the supported types (text or keyword).
  
  fields array[string]
  
  A list of fields to fetch and analyze the text from. Defaults to the index.query.default_field index setting, which has a default value of *.
  
  include boolean
  
  Specifies whether the input documents should also be included in the search results returned.
  
  like string | object | array[string | object]
  
  Specifies free form text and/or a single or multiple documents for which you want to find similar documents.
  
  One of:
  Like string LikeDocument object array-2 array[string | object]
  
  Text that we want similar documents for or a lookup to a document's field for the text.
  
  max_doc_freq number
  
  The maximum document frequency above which the terms are ignored from the input document.
  
  max_query_terms number
  
  The maximum number of query terms that can be selected.
  
  max_word_length number
  
  The maximum word length above which the terms are ignored. Defaults to unbounded (0).
  
  min_doc_freq number
  
  The minimum document frequency below which the terms are ignored from the input document.
  
  minimum_should_match number | string
  
  The minimum number of terms that should match as integer, percentage or range
  
  One of:
  MinimumShouldMatch number MinimumShouldMatch string
  
  min_term_freq number
  
  The minimum term frequency below which the terms are ignored from the input document.
  
  min_word_length number
  
  The minimum word length below which the terms are ignored.
  
  routing string
  
  stop_words string | array[string]
  
  Language value, such as arabic or thai. Defaults to english. Each language value corresponds to a predefined list of stop words in Lucene. See Stop words by language for supported language values and their stop words. Also accepts an array of stop words.
  
  One of:
  StopWordLanguage string StopWords array[string]
  
  Values are _arabic_, _armenian_, _basque_, _bengali_, _brazilian_, _bulgarian_, _catalan_, _cjk_, _czech_, _danish_, _dutch_, _english_, _estonian_, _finnish_, _french_, _galician_, _german_, _greek_, _hindi_, _hungarian_, _indonesian_, _irish_, _italian_, _latvian_, _lithuanian_, _norwegian_, _persian_, _portuguese_, _romanian_, _russian_, _serbian_, _sorani_, _spanish_, _swedish_, _thai_, _turkish_, or _none_.
  
  unlike string | object | array[string | object]
  
  Used in combination with like to exclude documents that match a set of terms.
  
  One of:
  Like string LikeDocument object array-2 array[string | object]
  
  Text that we want similar documents for or a lookup to a document's field for the text.
  
  version number
  
  version_type string
  
  Values are internal, external, external_gte, or force.
  
  multi_match object
  
  Hide multi_match attributes Show multi_match attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  analyzer string
  
  Analyzer used to convert the text in the query value into tokens.
  
  auto_generate_synonyms_phrase_query boolean
  
  If true, match phrase queries are automatically created for multi-term synonyms.
  
  cutoff_frequency number Deprecated
  
  fields string | array[string]
  
  fuzziness string | number
  
  One of:
  Fuzziness string Fuzziness number
  
  fuzzy_rewrite string
  
  fuzzy_transpositions boolean
  
  If true, edits for fuzzy matching include transpositions of two adjacent characters (for example, ab to ba). Can be applied to the term subqueries constructed for all terms but the final term.
  
  lenient boolean
  
  If true, format-based errors, such as providing a text query value for a numeric field, are ignored.
  
  max_expansions number
  
  Maximum number of terms to which the query will expand.
  
  minimum_should_match number | string
  
  The minimum number of terms that should match as integer, percentage or range
  
  One of:
  MinimumShouldMatch number MinimumShouldMatch string
  
  operator string
  
  Values are and, AND, or, or OR.
  
  prefix_length number
  
  Number of beginning characters left unchanged for fuzzy matching.
  
  query string Required
  
  Text, number, boolean value or date you wish to find in the provided field.
  
  slop number
  
  Maximum number of positions allowed between matching tokens.
  
  tie_breaker number
  
  Determines how scores for each per-term blended query and scores across groups are combined.
  
  type string
  
  Values are best_fields, most_fields, cross_fields, phrase, phrase_prefix, or bool_prefix.
  
  zero_terms_query string
  
  Values are all or none.
  
  nested object
  
  Hide nested attributes Show nested attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  ignore_unmapped boolean
  
  Indicates whether to ignore an unmapped path and not return any documents instead of an error.
  
  inner_hits object
  
  Hide inner_hits attributes Show inner_hits attributes object
  
  name string
  
  size number
  
  The maximum number of hits to return per inner_hits.
  
  from number
  
  Inner hit starting document offset.
  
  collapse object
  
  Hide collapse attributes Show collapse attributes object
  
  field string Required
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  inner_hits
  
  max_concurrent_group_searches number
  
  The number of concurrent requests allowed to retrieve the inner_hits per group
  
  collapse object
  
  docvalue_fields array[object]
  
  explain boolean
  
  highlight object
  
  ignore_unmapped boolean
  
  script_fields object
  
  Hide script_fields attribute Show script_fields attribute object
  
  * object Additional properties
  
  seq_no_primary_term boolean
  
  fields array[string]
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  sort array[string | object]
  
  _source boolean | object
  
  Defines how to fetch a source. Fetching can be disabled entirely, or the source can be filtered.
  
  One of:
  SourceConfig boolean SourceFilter object
  
  stored_fields string | array[string]
  
  track_scores boolean
  
  version boolean
  
  path string Required
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  query object Required
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  score_mode string
  
  Values are none, avg, sum, max, or min.
  
  parent_id object
  
  Hide parent_id attributes Show parent_id attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  id string
  
  ignore_unmapped boolean
  
  Indicates whether to ignore an unmapped type and not return any documents instead of an error.
  
  type string
  
  percolate object
  
  Hide percolate attributes Show percolate attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  document object
  
  The source of the document being percolated.
  
  documents array[object]
  
  An array of sources of the documents being percolated.
  
  field string Required
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  id string
  
  index string
  
  name string
  
  The suffix used for the _percolator_document_slot field when multiple percolate queries are specified.
  
  preference string
  
  Preference used to fetch document to percolate.
  
  routing string
  
  version number
  
  pinned object
  
  Hide pinned attributes Show pinned attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  organic object Required
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  ids array[string]
  
  Document IDs listed in the order they are to appear in results. Required if docs is not specified.
  
  docs array[object]
  
  Documents listed in the order they are to appear in results. Required if ids is not specified.
  
  prefix object
  
  Returns documents that contain a specific prefix in a provided field.
  
  External documentation
  
  query_string object
  
  Hide query_string attributes Show query_string attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  allow_leading_wildcard boolean
  
  If true, the wildcard characters * and ? are allowed as the first character of the query string.
  
  analyzer string
  
  Analyzer used to convert text in the query string into tokens.
  
  analyze_wildcard boolean
  
  If true, the query attempts to analyze wildcard terms in the query string.
  
  auto_generate_synonyms_phrase_query boolean
  
  If true, match phrase queries are automatically created for multi-term synonyms.
  
  default_field string
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  default_operator string
  
  Values are and, AND, or, or OR.
  
  enable_position_increments boolean
  
  If true, enable position increments in queries constructed from a query_string search.
  
  escape boolean
  
  fields array[string]
  
  Array of fields to search. Supports wildcards (*).
  
  fuzziness string | number
  
  One of:
  Fuzziness string Fuzziness number
  
  fuzzy_max_expansions number
  
  Maximum number of terms to which the query expands for fuzzy matching.
  
  fuzzy_prefix_length number
  
  Number of beginning characters left unchanged for fuzzy matching.
  
  fuzzy_rewrite string
  
  fuzzy_transpositions boolean
  
  If true, edits for fuzzy matching include transpositions of two adjacent characters (for example, ab to ba).
  
  lenient boolean
  
  If true, format-based errors, such as providing a text value for a numeric field, are ignored.
  
  max_determinized_states number
  
  Maximum number of automaton states required for the query.
  
  minimum_should_match number | string
  
  The minimum number of terms that should match as integer, percentage or range
  
  One of:
  MinimumShouldMatch number MinimumShouldMatch string
  
  phrase_slop number
  
  Maximum number of positions allowed between matching tokens for phrases.
  
  query string Required
  
  Query string you wish to parse and use for search.
  
  quote_analyzer string
  
  Analyzer used to convert quoted text in the query string into tokens. For quoted text, this parameter overrides the analyzer specified in the analyzer parameter.
  
  quote_field_suffix string
  
  Suffix appended to quoted text in the query string. You can use this suffix to use a different analysis method for exact matches.
  
  rewrite string
  
  tie_breaker number
  
  How to combine the queries generated from the individual search terms in the resulting dis_max query.
  
  time_zone string
  
  type string
  
  Values are best_fields, most_fields, cross_fields, phrase, phrase_prefix, or bool_prefix.
  
  range object
  
  Returns documents that contain terms within a provided range.
  
  External documentation
  
  rank_feature object
  
  Hide rank_feature attributes Show rank_feature attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  field string Required
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  saturation object
  
  Hide saturation attribute Show saturation attribute object
  
  pivot number
  
  Configurable pivot value so that the result will be less than 0.5.
  
  log object
  
  Hide log attribute Show log attribute object
  
  scaling_factor number Required
  
  Configurable scaling factor.
  
  linear object
  
  sigmoid object
  
  Hide sigmoid attributes Show sigmoid attributes object
  
  pivot number Required
  
  Configurable pivot value so that the result will be less than 0.5.
  
  exponent number Required
  
  Configurable Exponent.
  
  regexp object
  
  Returns documents that contain terms matching a regular expression.
  
  External documentation
  
  rule object
  
  Hide rule attributes Show rule attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  organic object Required
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  ruleset_ids string | array[string]
  
  One of:
  Id string array-2 array[string]
  
  ruleset_id string
  
  match_criteria object Required
  
  script object
  
  Hide script attributes Show script attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  script object Required
  
  Hide script attributes Show script attributes object
  
  source string | object
  
  One of:
  ScriptSource string SearchRequestBody object
  
  id string
  
  params object
  
  Specifies any named parameters that are passed into the script as variables. Use parameters instead of hard-coded values to decrease compile time.
  
  Hide params attribute Show params attribute object
  
  * object Additional properties
  
  lang string
  
  Any of:
  ScriptLanguage string ScriptLanguage string
  
  Values are painless, expression, mustache, or java.
  
  options object
  
  Hide options attribute Show options attribute object
  
  * string Additional properties
  
  script_score object
  
  Hide script_score attributes Show script_score attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  min_score number
  
  Documents with a score lower than this floating point number are excluded from the search results.
  
  query object Required
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  script object Required
  
  Hide script attributes Show script attributes object
  
  source string | object
  
  One of:
  ScriptSource string SearchRequestBody object
  
  id string
  
  params object
  
  Specifies any named parameters that are passed into the script as variables. Use parameters instead of hard-coded values to decrease compile time.
  
  Hide params attribute Show params attribute object
  
  * object Additional properties
  
  lang string
  
  Any of:
  ScriptLanguage string ScriptLanguage string
  
  Values are painless, expression, mustache, or java.
  
  options object
  
  Hide options attribute Show options attribute object
  
  * string Additional properties
  
  semantic object
  
  Hide semantic attributes Show semantic attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  field string Required
  
  The field to query, which must be a semantic_text field type
  
  query string Required
  
  The query text
  
  shape object
  
  Hide shape attributes Show shape attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  ignore_unmapped boolean
  
  When set to true the query ignores an unmapped field and will not match any documents.
  
  simple_query_string object
  
  Hide simple_query_string attributes Show simple_query_string attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  analyzer string
  
  Analyzer used to convert text in the query string into tokens.
  
  analyze_wildcard boolean
  
  If true, the query attempts to analyze wildcard terms in the query string.
  
  auto_generate_synonyms_phrase_query boolean
  
  If true, the parser creates a match_phrase query for each multi-position token.
  
  default_operator string
  
  Values are and, AND, or, or OR.
  
  fields array[string]
  
  Array of fields you wish to search. Accepts wildcard expressions. You also can boost relevance scores for matches to particular fields using a caret (^) notation. Defaults to the index.query.default_field index setting, which has a default value of *.
  
  flags string
  
  Query flags can be either a single flag or a combination of flags, e.g. OR|AND|PREFIX
  
  One of:
  SimpleQueryStringFlag string PipeSeparatedFlagsSimpleQueryStringFlag string
  
  Query flags can be either a single flag or a combination of flags, e.g. OR|AND|PREFIX
  
  Values are NONE, AND, NOT, OR, PREFIX, PHRASE, PRECEDENCE, ESCAPE, WHITESPACE, FUZZY, NEAR, SLOP, or ALL.
  
  Query flags can be either a single flag or a combination of flags, e.g. OR|AND|PREFIX
  
  fuzzy_max_expansions number
  
  Maximum number of terms to which the query expands for fuzzy matching.
  
  fuzzy_prefix_length number
  
  Number of beginning characters left unchanged for fuzzy matching.
  
  fuzzy_transpositions boolean
  
  If true, edits for fuzzy matching include transpositions of two adjacent characters (for example, ab to ba).
  
  lenient boolean
  
  If true, format-based errors, such as providing a text value for a numeric field, are ignored.
  
  minimum_should_match number | string
  
  The minimum number of terms that should match as integer, percentage or range
  
  One of:
  MinimumShouldMatch number MinimumShouldMatch string
  
  query string Required
  
  Query string in the simple query string syntax you wish to parse and use for search.
  
  quote_field_suffix string
  
  Suffix appended to quoted text in the query string.
  
  span_containing object
  
  Hide span_containing attributes Show span_containing attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  big object Required
  
  Hide big attributes Show big attributes object
  
  span_field_masking object
  
  span_first object
  
  span_gap object
  
  Can only be used as a clause in a span_near query.
  
  Hide span_gap attribute Show span_gap attribute object
  
  * number Additional properties
  
  span_multi object
  
  span_near object
  
  span_not object
  
  span_or object
  
  span_term object
  
  The equivalent of the term query but for use with other span queries.
  
  span_within object
  
  little object Required
  
  Hide little attributes Show little attributes object
  
  span_field_masking object
  
  span_first object
  
  span_gap object
  
  Can only be used as a clause in a span_near query.
  
  Hide span_gap attribute Show span_gap attribute object
  
  * number Additional properties
  
  span_multi object
  
  span_near object
  
  span_not object
  
  span_or object
  
  span_term object
  
  The equivalent of the term query but for use with other span queries.
  
  span_within object
  
  span_field_masking object
  
  Hide span_field_masking attributes Show span_field_masking attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  field string Required
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  query object Required
  
  Hide query attributes Show query attributes object
  
  span_containing object
  
  span_first object
  
  span_gap object
  
  Can only be used as a clause in a span_near query.
  
  Hide span_gap attribute Show span_gap attribute object
  
  * number Additional properties
  
  span_multi object
  
  span_near object
  
  span_not object
  
  span_or object
  
  span_term object
  
  The equivalent of the term query but for use with other span queries.
  
  span_within object
  
  span_first object
  
  Hide span_first attributes Show span_first attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  end number Required
  
  Controls the maximum end position permitted in a match.
  
  match object Required
  
  Hide match attributes Show match attributes object
  
  span_containing object
  
  span_field_masking object
  
  span_gap object
  
  Can only be used as a clause in a span_near query.
  
  Hide span_gap attribute Show span_gap attribute object
  
  * number Additional properties
  
  span_multi object
  
  span_near object
  
  span_not object
  
  span_or object
  
  span_term object
  
  The equivalent of the term query but for use with other span queries.
  
  span_within object
  
  span_multi object
  
  Hide span_multi attributes Show span_multi attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  match object Required
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  span_near object
  
  Hide span_near attributes Show span_near attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  clauses array[object] Required
  
  Array of one or more other span type queries.
  
  Hide clauses attributes Show clauses attributes object
  
  span_containing
  
  span_field_masking
  
  span_first
  
  span_gap object
  
  Can only be used as a clause in a span_near query.
  
  span_multi
  
  span_near
  
  span_not
  
  span_or
  
  span_term object
  
  The equivalent of the term query but for use with other span queries.
  
  span_within
  
  in_order boolean
  
  Controls whether matches are required to be in-order.
  
  slop number
  
  Controls the maximum number of intervening unmatched positions permitted.
  
  span_not object
  
  Hide span_not attributes Show span_not attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  dist number
  
  The number of tokens from within the include span that can’t have overlap with the exclude span. Equivalent to setting both pre and post.
  
  exclude object Required
  
  Hide exclude attributes Show exclude attributes object
  
  span_containing object
  
  span_field_masking object
  
  span_first object
  
  span_gap object
  
  Can only be used as a clause in a span_near query.
  
  Hide span_gap attribute Show span_gap attribute object
  
  * number Additional properties
  
  span_multi object
  
  span_near object
  
  span_or object
  
  span_term object
  
  The equivalent of the term query but for use with other span queries.
  
  span_within object
  
  include object Required
  
  Hide include attributes Show include attributes object
  
  span_containing object
  
  span_field_masking object
  
  span_first object
  
  span_gap object
  
  Can only be used as a clause in a span_near query.
  
  Hide span_gap attribute Show span_gap attribute object
  
  * number Additional properties
  
  span_multi object
  
  span_near object
  
  span_or object
  
  span_term object
  
  The equivalent of the term query but for use with other span queries.
  
  span_within object
  
  post number
  
  The number of tokens after the include span that can’t have overlap with the exclude span.
  
  pre number
  
  The number of tokens before the include span that can’t have overlap with the exclude span.
  
  span_or object
  
  Hide span_or attributes Show span_or attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  clauses array[object] Required
  
  Array of one or more other span type queries.
  
  Hide clauses attributes Show clauses attributes object
  
  span_containing
  
  span_field_masking
  
  span_first
  
  span_gap object
  
  Can only be used as a clause in a span_near query.
  
  span_multi
  
  span_near
  
  span_not
  
  span_or
  
  span_term object
  
  The equivalent of the term query but for use with other span queries.
  
  span_within
  
  span_term object
  
  Matches spans containing a term.
  
  External documentation
  
  span_within object
  
  Hide span_within attributes Show span_within attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  big object Required
  
  Hide big attributes Show big attributes object
  
  span_containing object
  
  span_field_masking object
  
  span_first object
  
  span_gap object
  
  Can only be used as a clause in a span_near query.
  
  Hide span_gap attribute Show span_gap attribute object
  
  * number Additional properties
  
  span_multi object
  
  span_near object
  
  span_not object
  
  span_or object
  
  span_term object
  
  The equivalent of the term query but for use with other span queries.
  
  little object Required
  
  Hide little attributes Show little attributes object
  
  span_containing object
  
  span_field_masking object
  
  span_first object
  
  span_gap object
  
  Can only be used as a clause in a span_near query.
  
  Hide span_gap attribute Show span_gap attribute object
  
  * number Additional properties
  
  span_multi object
  
  span_near object
  
  span_not object
  
  span_or object
  
  span_term object
  
  The equivalent of the term query but for use with other span queries.
  
  sparse_vector object
  
  Hide sparse_vector attributes Show sparse_vector attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  field string Required
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  query string
  
  The query text you want to use for search. If inference_id is specified, query must also be specified.
  
  prune boolean Technical preview; Added in 8.15.0
  
  Whether to perform pruning, omitting the non-significant tokens from the query to improve query performance. If prune is true but the pruning_config is not specified, pruning will occur but default values will be used. Default: false
  
  pruning_config object
  
  Hide pruning_config attributes Show pruning_config attributes object
  
  tokens_freq_ratio_threshold number
  
  Tokens whose frequency is more than this threshold times the average frequency of all tokens in the specified field are considered outliers and pruned.
  
  tokens_weight_threshold number
  
  Tokens whose weight is less than this threshold are considered nonsignificant and pruned.
  
  only_score_pruned_tokens boolean
  
  Whether to only score pruned tokens, vs only scoring kept tokens.
  
  query_vector object
  
  Dictionary of precomputed sparse vectors and their associated weights. Only one of inference_id or query_vector may be supplied in a request.
  
  Hide query_vector attribute Show query_vector attribute object
  
  * number Additional properties
  
  inference_id string
  
  term object
  
  Returns documents that contain an exact term in a provided field. To return a document, the query term must exactly match the queried field's value, including whitespace and capitalization.
  
  External documentation
  
  terms object
  
  Hide terms attributes Show terms attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  terms_set object
  
  Returns documents that contain a minimum number of exact terms in a provided field. To return a document, a required number of terms must exactly match the field values, including whitespace and capitalization.
  
  External documentation
  
  text_expansion object Deprecated Generally available; Added in 8.8.0
  
  Uses a natural language processing model to convert the query text into a list of token-weight pairs which are then used in a query against a sparse vector or rank features field.
  
  External documentation
  
  weighted_tokens object Deprecated Generally available; Added in 8.13.0
  
  Supports returning text_expansion query results by sending in precomputed tokens with the query.
  
  External documentation
  
  wildcard object
  
  Returns documents that contain terms matching a wildcard pattern.
  
  External documentation
  
  wrapper object
  
  Hide wrapper attributes Show wrapper attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  query string Required
  
  A base64 encoded query. The binary data format can be any of JSON, YAML, CBOR or SMILE encodings
  
  type object
  
  Hide type attributes Show type attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  value string Required
- query_delay string
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
- runtime_mappings object
  Hide runtime_mappings attribute Show runtime_mappings attribute object
  
  * object Additional properties
  
  Hide * attributes Show * attributes object
  
  fields object
  
  For type composite
  
  Hide fields attribute Show fields attribute object
  
  * object Additional properties
  
  Hide * attribute Show * attribute object
  
  type string Required
  
  Values are boolean, composite, date, double, geo_point, geo_shape, ip, keyword, long, or lookup.
  
  fetch_fields array[object]
  
  For type lookup
  
  Hide fetch_fields attributes Show fetch_fields attributes object
  
  field string Required
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  format string
  
  format string
  
  A custom format for date type runtime fields.
  
  input_field string
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  target_field string
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  target_index string
  
  script object
  
  Hide script attributes Show script attributes object
  
  source string | object
  
  One of:
  ScriptSource string SearchRequestBody object
  
  Hide attributes Show attributes
  
  aggregations object
  
  Defines the aggregations that are run as part of the search request.
  
  collapse object
  
  explain boolean
  
  If true, the request returns detailed information about score computation as part of a hit.
  
  ext object
  
  Configuration of search extensions defined by Elasticsearch plugins.
  
  from number
  
  The starting document offset, which must be non-negative. By default, you cannot page through more than 10,000 hits using the from and size parameters. To page through more hits, use the search_after parameter.
  
  highlight
  
  track_total_hits boolean | number
  
  Number of hits matching the query to count accurately. If true, the exact number of hits is returned at the cost of some performance. If false, the response does not include the total number of hits matching the query. Defaults to 10,000 hits.
  
  indices_boost array[object]
  
  Boost the _score of documents from specified indices. The boost value is the factor by which scores are multiplied. A boost value greater than 1.0 increases the score. A boost value between 0 and 1.0 decreases the score.
  
  docvalue_fields array[object]
  
  An array of wildcard (*) field patterns. The request returns doc values for field names matching these patterns in the hits.fields property of the response.
  
  knn
  
  rank object
  
  min_score number
  
  The minimum _score for matching documents. Documents with a lower _score are not included in search results or results collected by aggregations.
  
  post_filter object
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  profile boolean
  
  Set to true to return detailed timing information about the execution of individual components in a search request. NOTE: This is a debugging tool and adds significant overhead to search execution.
  
  query object
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  rescore
  
  retriever object
  
  script_fields object
  
  Retrieve a script evaluation (based on different fields) for each hit.
  
  search_after array[number | string | boolean | null]
  
  A field value.
  
  size number
  
  The number of hits to return, which must not be negative. By default, you cannot page through more than 10,000 hits using the from and size parameters. To page through more hits, use the search_after property.
  
  slice object
  
  sort
  
  _source
  
  fields array[object]
  
  An array of wildcard (*) field patterns. The request returns values for field names matching these patterns in the hits.fields property of the response.
  
  suggest object
  
  terminate_after number
  
  The maximum number of documents to collect for each shard. If a query reaches this limit, Elasticsearch terminates the query early. Elasticsearch collects documents before sorting.
  
  IMPORTANT: Use with caution. Elasticsearch applies this property to each shard handling the request. When possible, let Elasticsearch perform early termination automatically. Avoid specifying this property for requests that target data streams with backing indices across multiple data tiers.
  
  If set to 0 (default), the query does not terminate early.
  
  timeout string
  
  The period of time to wait for a response from each shard. If no response is received before the timeout expires, the request fails and returns an error. Defaults to no timeout.
  
  track_scores boolean
  
  If true, calculate and return document scores, even if the scores are not used for sorting.
  
  version boolean
  
  If true, the request returns the document version as part of a hit.
  
  seq_no_primary_term boolean
  
  If true, the request returns sequence number and primary term of the last modification of each hit.
  
  stored_fields string | array[string]
  
  pit object
  
  runtime_mappings object
  
  stats array[string]
  
  The stats groups to associate with the search. Each group maintains a statistics aggregation for its associated searches. You can retrieve these stats using the indices stats API.
  
  id string
  
  params object
  
  Specifies any named parameters that are passed into the script as variables. Use parameters instead of hard-coded values to decrease compile time.
  
  Hide params attribute Show params attribute object
  
  * object Additional properties
  
  lang string
  
  Any of:
  ScriptLanguage string ScriptLanguage string
  
  Values are painless, expression, mustache, or java.
  
  options object
  
  Hide options attribute Show options attribute object
  
  * string Additional properties
  
  type string Required
  
  Values are boolean, composite, date, double, geo_point, geo_shape, ip, keyword, long, or lookup.
- script_fields object
  
  Specifies scripts that evaluate custom expressions and returns script fields to the datafeed. The detector configuration objects in a job can contain functions that use these script fields.
  Hide script_fields attribute Show script_fields attribute object
  
  * object Additional properties
  
  Hide * attributes Show * attributes object
  
  script object Required
  
  Hide script attributes Show script attributes object
  
  source string | object
  
  One of:
  ScriptSource string SearchRequestBody object
  
  Hide attributes Show attributes
  
  aggregations object
  
  Defines the aggregations that are run as part of the search request.
  
  collapse object
  
  explain boolean
  
  If true, the request returns detailed information about score computation as part of a hit.
  
  ext object
  
  Configuration of search extensions defined by Elasticsearch plugins.
  
  from number
  
  The starting document offset, which must be non-negative. By default, you cannot page through more than 10,000 hits using the from and size parameters. To page through more hits, use the search_after parameter.
  
  highlight
  
  track_total_hits boolean | number
  
  Number of hits matching the query to count accurately. If true, the exact number of hits is returned at the cost of some performance. If false, the response does not include the total number of hits matching the query. Defaults to 10,000 hits.
  
  indices_boost array[object]
  
  Boost the _score of documents from specified indices. The boost value is the factor by which scores are multiplied. A boost value greater than 1.0 increases the score. A boost value between 0 and 1.0 decreases the score.
  
  docvalue_fields array[object]
  
  An array of wildcard (*) field patterns. The request returns doc values for field names matching these patterns in the hits.fields property of the response.
  
  knn
  
  rank object
  
  min_score number
  
  The minimum _score for matching documents. Documents with a lower _score are not included in search results or results collected by aggregations.
  
  post_filter object
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  profile boolean
  
  Set to true to return detailed timing information about the execution of individual components in a search request. NOTE: This is a debugging tool and adds significant overhead to search execution.
  
  query object
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  rescore
  
  retriever object
  
  script_fields object
  
  Retrieve a script evaluation (based on different fields) for each hit.
  
  search_after array[number | string | boolean | null]
  
  A field value.
  
  size number
  
  The number of hits to return, which must not be negative. By default, you cannot page through more than 10,000 hits using the from and size parameters. To page through more hits, use the search_after property.
  
  slice object
  
  sort
  
  _source
  
  fields array[object]
  
  An array of wildcard (*) field patterns. The request returns values for field names matching these patterns in the hits.fields property of the response.
  
  suggest object
  
  terminate_after number
  
  The maximum number of documents to collect for each shard. If a query reaches this limit, Elasticsearch terminates the query early. Elasticsearch collects documents before sorting.
  
  IMPORTANT: Use with caution. Elasticsearch applies this property to each shard handling the request. When possible, let Elasticsearch perform early termination automatically. Avoid specifying this property for requests that target data streams with backing indices across multiple data tiers.
  
  If set to 0 (default), the query does not terminate early.
  
  timeout string
  
  The period of time to wait for a response from each shard. If no response is received before the timeout expires, the request fails and returns an error. Defaults to no timeout.
  
  track_scores boolean
  
  If true, calculate and return document scores, even if the scores are not used for sorting.
  
  version boolean
  
  If true, the request returns the document version as part of a hit.
  
  seq_no_primary_term boolean
  
  If true, the request returns sequence number and primary term of the last modification of each hit.
  
  stored_fields string | array[string]
  
  pit object
  
  runtime_mappings object
  
  stats array[string]
  
  The stats groups to associate with the search. Each group maintains a statistics aggregation for its associated searches. You can retrieve these stats using the indices stats API.
  
  id string
  
  params object
  
  Specifies any named parameters that are passed into the script as variables. Use parameters instead of hard-coded values to decrease compile time.
  
  Hide params attribute Show params attribute object
  
  * object Additional properties
  
  lang string
  
  Any of:
  ScriptLanguage string ScriptLanguage string
  
  Values are painless, expression, mustache, or java.
  
  options object
  
  Hide options attribute Show options attribute object
  
  * string Additional properties
  
  ignore_failure boolean
- scroll_size number
  
  The size parameter that is used in Elasticsearch searches when the datafeed does not use aggregations. The maximum value is the value of index.max_result_window, which is 10,000 by default.
job_config object
Hide job_config attributes Show job_config attributes object
- allow_lazy_open boolean
  
  Advanced configuration option. Specifies whether this job can open when there is insufficient machine learning node capacity for it to be immediately assigned to a node.
- analysis_config object Required
  Hide analysis_config attributes Show analysis_config attributes object
  
  bucket_span string
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
  
  categorization_analyzer string | object
  
  One of:
  CategorizationAnalyzer string CategorizationAnalyzerDefinition object
  
  Hide attributes Show attributes
  
  char_filter array[string | object]
  
  One or more character filters. In addition to the built-in character filters, other plugins can provide more character filters. If this property is not specified, no character filters are applied prior to categorization. If you are customizing some other aspect of the analyzer and you need to achieve the equivalent of categorization_filters (which are not permitted when some other aspect of the analyzer is customized), add them here as pattern replace character filters.
  
  filter array[string | object]
  
  One or more token filters. In addition to the built-in token filters, other plugins can provide more token filters. If this property is not specified, no token filters are applied prior to categorization.
  
  tokenizer string
  External documentation
  
  categorization_field_name string
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  categorization_filters array[string]
  
  If categorization_field_name is specified, you can also define optional filters. This property expects an array of regular expressions. The expressions are used to filter out matching sequences from the categorization field values. You can use this functionality to fine tune the categorization by excluding sequences from consideration when categories are defined. For example, you can exclude SQL statements that appear in your log files. This property cannot be used at the same time as categorization_analyzer. If you only want to define simple regular expression filters that are applied prior to tokenization, setting this property is the easiest method. If you also want to customize the tokenizer or post-tokenization filtering, use the categorization_analyzer property instead and include the filters as pattern_replace character filters. The effect is exactly the same.
  
  detectors array[object] Required
  
  Detector configuration objects specify which data fields a job analyzes. They also specify which analytical functions are used. You can specify multiple detectors for a job. If the detectors array does not contain at least one detector, no analysis can occur and an error is returned.
  
  Hide detectors attributes Show detectors attributes object
  
  by_field_name string
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  custom_rules array[object]
  
  Custom rules enable you to customize the way detectors operate. For example, a rule may dictate conditions under which results should be skipped. Kibana refers to custom rules as job rules.
  
  Hide custom_rules attributes Show custom_rules attributes object
  
  actions array[string]
  
  The set of actions to be triggered when the rule applies. If more than one action is specified the effects of all actions are combined.
  
  Values are skip_result or skip_model_update.
  
  conditions array[object]
  
  An array of numeric conditions when the rule applies. A rule must either have a non-empty scope or at least one condition. Multiple conditions are combined together with a logical AND.
  
  scope object
  
  A scope of series where the rule applies. A rule must either have a non-empty scope or at least one condition. By default, the scope includes all series. Scoping is allowed for any of the fields that are also specified in by_field_name, over_field_name, or partition_field_name.
  
  detector_description string
  
  A description of the detector.
  
  detector_index number
  
  A unique identifier for the detector. This identifier is based on the order of the detectors in the analysis_config, starting at zero. If you specify a value for this property, it is ignored.
  
  exclude_frequent string
  
  Values are all, none, by, or over.
  
  field_name string
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  function string
  
  The analysis function that is used. For example, count, rare, mean, min, max, or sum.
  
  over_field_name string
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  partition_field_name string
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  use_null boolean
  
  Defines whether a new series is used as the null series when there is no value for the by or partition fields.
  
  influencers array[string]
  
  A comma separated list of influencer field names. Typically these can be the by, over, or partition fields that are used in the detector configuration. You might also want to use a field name that is not specifically named in a detector, but is available as part of the input data. When you use multiple detectors, the use of influencers is recommended as it aggregates results for each influencer entity.
  
  latency string
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
  
  model_prune_window string
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
  
  multivariate_by_fields boolean
  
  This functionality is reserved for internal use. It is not supported for use in customer environments and is not subject to the support SLA of official GA features. If set to true, the analysis will automatically find correlations between metrics for a given by field value and report anomalies when those correlations cease to hold. For example, suppose CPU and memory usage on host A is usually highly correlated with the same metrics on host B. Perhaps this correlation occurs because they are running a load-balanced application. If you enable this property, anomalies will be reported when, for example, CPU usage on host A is high and the value of CPU usage on host B is low. That is to say, you’ll see an anomaly when the CPU of host A is unusual given the CPU of host B. To use the multivariate_by_fields property, you must also specify by_field_name in your detector.
  
  per_partition_categorization object
  
  Hide per_partition_categorization attributes Show per_partition_categorization attributes object
  
  enabled boolean
  
  To enable this setting, you must also set the partition_field_name property to the same value in every detector that uses the keyword mlcategory. Otherwise, job creation fails.
  
  stop_on_warn boolean
  
  This setting can be set to true only if per-partition categorization is enabled. If true, both categorization and subsequent anomaly detection stops for partitions where the categorization status changes to warn. This setting makes it viable to have a job where it is expected that categorization works well for some partitions but not others; you do not pay the cost of bad categorization forever in the partitions where it works badly.
  
  summary_count_field_name string
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
- analysis_limits object
  Hide analysis_limits attributes Show analysis_limits attributes object
  
  categorization_examples_limit number
  
  The maximum number of examples stored per category in memory and in the results data store. If you increase this value, more examples are available, however it requires that you have more storage available. If you set this value to 0, no examples are stored. NOTE: The categorization_examples_limit applies only to analysis that uses categorization.
  
  model_memory_limit number | string
  
  One of:
  ByteSize number ByteSize string
- background_persist_interval string
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
- custom_settings object
  
  Custom metadata about the job
- daily_model_snapshot_retention_after_days number
  
  Advanced configuration option, which affects the automatic removal of old model snapshots for this job. It specifies a period of time (in days) after which only the first snapshot per day is retained. This period is relative to the timestamp of the most recent snapshot for this job.
- data_description object Required
  Hide data_description attributes Show data_description attributes object
  
  format string
  
  Only JSON format is supported at this time.
  
  time_field string
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  time_format string
  
  The time format, which can be epoch, epoch_ms, or a custom pattern. The value epoch refers to UNIX or Epoch time (the number of seconds since 1 Jan 1970). The value epoch_ms indicates that time is measured in milliseconds since the epoch. The epoch and epoch_ms time formats accept either integer or real values. Custom patterns must conform to the Java DateTimeFormatter class. When you use date-time formatting patterns, it is recommended that you provide the full date, time and time zone. For example: yyyy-MM-dd'T'HH:mm:ssX. If the pattern that you specify is not sufficient to produce a complete timestamp, job creation fails.
  
  field_delimiter string
- datafeed_config object
  Hide datafeed_config attributes Show datafeed_config attributes object
  
  aggregations object
  
  If set, the datafeed performs aggregation searches. Support for aggregations is limited and should be used only with low cardinality data.
  
  chunking_config object
  
  Hide chunking_config attributes Show chunking_config attributes object
  
  mode string Required
  
  Values are auto, manual, or off.
  
  time_span string
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
  
  datafeed_id string
  
  delayed_data_check_config object
  
  Hide delayed_data_check_config attributes Show delayed_data_check_config attributes object
  
  check_window string
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
  
  enabled boolean Required
  
  Specifies whether the datafeed periodically checks for delayed data.
  
  frequency string
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
  
  indices string | array[string]
  
  indices_options object
  
  Hide indices_options attributes Show indices_options attributes object
  
  allow_no_indices boolean
  
  If false, the request returns an error if any wildcard expression, index alias, or _all value targets only missing or closed indices. This behavior applies even if the request targets other open indices. For example, a request targeting foo*,bar* returns an error if an index starts with foo but no index starts with bar.
  
  expand_wildcards string | array[string]
  
  ignore_unavailable boolean
  
  If true, missing or closed indices are not included in the response.
  
  ignore_throttled boolean
  
  If true, concrete, expanded or aliased indices are ignored when frozen.
  
  job_id string
  
  max_empty_searches number
  
  If a real-time datafeed has never seen any data (including during any initial training period) then it will automatically stop itself and close its associated job after this many real-time searches that return no documents. In other words, it will stop after frequency times max_empty_searches of real-time operation. If not set then a datafeed with no end time that sees no data will remain started until it is explicitly stopped.
  
  query object
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  External documentation
  
  Hide query attributes Show query attributes object
  
  bool object
  
  Hide bool attributes Show bool attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  filter object | array[object]
  
  The clause (query) must appear in matching documents. However, unlike must, the score of the query will be ignored.
  
  One of:
  QueryContainer object array-2 array[object]
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  minimum_should_match number | string
  
  The minimum number of terms that should match as integer, percentage or range
  
  One of:
  MinimumShouldMatch number MinimumShouldMatch string
  
  must object | array[object]
  
  The clause (query) must appear in matching documents and will contribute to the score.
  
  One of:
  QueryContainer object array-2 array[object]
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  must_not object | array[object]
  
  The clause (query) must not appear in the matching documents. Because scoring is ignored, a score of 0 is returned for all documents.
  
  One of:
  QueryContainer object array-2 array[object]
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  should object | array[object]
  
  The clause (query) should appear in the matching document.
  
  One of:
  QueryContainer object array-2 array[object]
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  boosting object
  
  Hide boosting attributes Show boosting attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  negative_boost number Required
  
  Floating point number between 0 and 1.0 used to decrease the relevance scores of documents matching the negative query.
  
  negative object Required
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  positive object Required
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  common object Deprecated
  
  combined_fields object
  
  Hide combined_fields attributes Show combined_fields attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  fields array[string] Required
  
  List of fields to search. Field wildcard patterns are allowed. Only text fields are supported, and they must all have the same search analyzer.
  
  query string Required
  
  Text to search for in the provided fields. The combined_fields query analyzes the provided text before performing a search.
  
  auto_generate_synonyms_phrase_query boolean
  
  If true, match phrase queries are automatically created for multi-term synonyms.
  
  operator string
  
  Values are or or and.
  
  minimum_should_match number | string
  
  The minimum number of terms that should match as integer, percentage or range
  
  One of:
  MinimumShouldMatch number MinimumShouldMatch string
  
  zero_terms_query string
  
  Values are none or all.
  
  constant_score object
  
  Hide constant_score attributes Show constant_score attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  filter object Required
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  dis_max object
  
  Hide dis_max attributes Show dis_max attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  queries array[object] Required
  
  One or more query clauses. Returned documents must match one or more of these queries. If a document matches multiple queries, Elasticsearch uses the highest relevance score.
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  tie_breaker number
  
  Floating point number between 0 and 1.0 used to increase the relevance scores of documents matching multiple query clauses.
  
  distance_feature object
  
  One of:
  UntypedDistanceFeatureQuery object GeoDistanceFeatureQuery object DateDistanceFeatureQuery object
  
  exists object
  
  Hide exists attributes Show exists attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  field string Required
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  function_score object
  
  Hide function_score attributes Show function_score attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  boost_mode string
  
  Values are multiply, replace, sum, avg, max, or min.
  
  functions array[object]
  
  One or more functions that compute a new score for each document returned by the query.
  
  max_boost number
  
  Restricts the new score to not exceed the provided limit.
  
  min_score number
  
  Excludes documents that do not meet the provided score threshold.
  
  query object
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  score_mode string
  
  Values are multiply, sum, avg, first, max, or min.
  
  fuzzy object
  
  Returns documents that contain terms similar to the search term, as measured by a Levenshtein edit distance.
  
  External documentation
  
  geo_bounding_box object
  
  Hide geo_bounding_box attributes Show geo_bounding_box attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  type string
  
  Values are memory or indexed.
  
  validation_method string
  
  Values are coerce, ignore_malformed, or strict.
  
  ignore_unmapped boolean
  
  Set to true to ignore an unmapped field and not match any documents for this query. Set to false to throw an exception if the field is not mapped.
  
  geo_distance object
  
  Hide geo_distance attributes Show geo_distance attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  distance string Required
  
  distance_type string
  
  Values are arc or plane.
  
  validation_method string
  
  Values are coerce, ignore_malformed, or strict.
  
  ignore_unmapped boolean
  
  Set to true to ignore an unmapped field and not match any documents for this query. Set to false to throw an exception if the field is not mapped.
  
  geo_grid object
  
  Matches geo_point and geo_shape values that intersect a grid cell from a GeoGrid aggregation.
  
  geo_polygon object
  
  Hide geo_polygon attributes Show geo_polygon attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  validation_method string
  
  Values are coerce, ignore_malformed, or strict.
  
  ignore_unmapped boolean
  
  geo_shape object
  
  Hide geo_shape attributes Show geo_shape attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  ignore_unmapped boolean
  
  Set to true to ignore an unmapped field and not match any documents for this query. Set to false to throw an exception if the field is not mapped.
  
  has_child object
  
  Hide has_child attributes Show has_child attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  ignore_unmapped boolean
  
  Indicates whether to ignore an unmapped type and not return any documents instead of an error.
  
  inner_hits object
  
  Hide inner_hits attributes Show inner_hits attributes object
  
  name string
  
  size number
  
  The maximum number of hits to return per inner_hits.
  
  from number
  
  Inner hit starting document offset.
  
  collapse object
  
  docvalue_fields array[object]
  
  explain boolean
  
  ignore_unmapped boolean
  
  script_fields object
  
  seq_no_primary_term boolean
  
  fields array[string]
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  sort
  
  _source
  
  stored_fields string | array[string]
  
  track_scores boolean
  
  version boolean
  
  max_children number
  
  Maximum number of child documents that match the query allowed for a returned parent document. If the parent document exceeds this limit, it is excluded from the search results.
  
  min_children number
  
  Minimum number of child documents that match the query required to match the query for a returned parent document. If the parent document does not meet this limit, it is excluded from the search results.
  
  query object Required
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  score_mode string
  
  Values are none, avg, sum, max, or min.
  
  type string Required
  
  has_parent object
  
  Hide has_parent attributes Show has_parent attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  ignore_unmapped boolean
  
  Indicates whether to ignore an unmapped parent_type and not return any documents instead of an error. You can use this parameter to query multiple indices that may not contain the parent_type.
  
  inner_hits object
  
  Hide inner_hits attributes Show inner_hits attributes object
  
  name string
  
  size number
  
  The maximum number of hits to return per inner_hits.
  
  from number
  
  Inner hit starting document offset.
  
  collapse object
  
  docvalue_fields array[object]
  
  explain boolean
  
  ignore_unmapped boolean
  
  script_fields object
  
  seq_no_primary_term boolean
  
  fields array[string]
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  sort
  
  _source
  
  stored_fields string | array[string]
  
  track_scores boolean
  
  version boolean
  
  parent_type string Required
  
  query object Required
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  score boolean
  
  Indicates whether the relevance score of a matching parent document is aggregated into its child documents.
  
  ids object
  
  Hide ids attributes Show ids attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  values string | array[string]
  
  One of:
  Id string Ids array[string]
  
  intervals object
  
  Returns documents based on the order and proximity of matching terms.
  
  External documentation
  
  knn object
  
  Hide knn attributes Show knn attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  field string Required
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  query_vector array[number]
  
  query_vector_builder object
  
  Hide query_vector_builder attribute Show query_vector_builder attribute object
  
  text_embedding object
  
  num_candidates number
  
  The number of nearest neighbor candidates to consider per shard
  
  k number
  
  The final number of nearest neighbors to return as top hits
  
  filter object | array[object]
  
  Filters for the kNN search query
  
  One of:
  QueryContainer object array-2 array[object]
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  similarity number
  
  The minimum similarity for a vector to be considered a match
  
  rescore_vector object
  
  Hide rescore_vector attribute Show rescore_vector attribute object
  
  oversample number Required
  
  Applies the specified oversample factor to k on the approximate kNN search
  
  match object
  
  Returns documents that match a provided text, number, date or boolean value. The provided text is analyzed before matching.
  
  External documentation
  
  match_all object
  
  Hide match_all attributes Show match_all attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  match_bool_prefix object
  
  Analyzes its input and constructs a bool query from the terms. Each term except the last is used in a term query. The last term is used in a prefix query.
  
  External documentation
  
  match_none object
  
  Hide match_none attributes Show match_none attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  match_phrase object
  
  Analyzes the text and creates a phrase query out of the analyzed text.
  
  External documentation
  
  match_phrase_prefix object
  
  Returns documents that contain the words of a provided text, in the same order as provided. The last term of the provided text is treated as a prefix, matching any words that begin with that term.
  
  External documentation
  
  more_like_this object
  
  Hide more_like_this attributes Show more_like_this attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  analyzer string
  
  The analyzer that is used to analyze the free form text. Defaults to the analyzer associated with the first field in fields.
  
  External documentation
  
  boost_terms number
  
  Each term in the formed query could be further boosted by their tf-idf score. This sets the boost factor to use when using this feature. Defaults to deactivated (0).
  
  fail_on_unsupported_field boolean
  
  Controls whether the query should fail (throw an exception) if any of the specified fields are not of the supported types (text or keyword).
  
  fields array[string]
  
  A list of fields to fetch and analyze the text from. Defaults to the index.query.default_field index setting, which has a default value of *.
  
  include boolean
  
  Specifies whether the input documents should also be included in the search results returned.
  
  like array[string | object] Required
  
  max_doc_freq number
  
  The maximum document frequency above which the terms are ignored from the input document.
  
  max_query_terms number
  
  The maximum number of query terms that can be selected.
  
  max_word_length number
  
  The maximum word length above which the terms are ignored. Defaults to unbounded (0).
  
  min_doc_freq number
  
  The minimum document frequency below which the terms are ignored from the input document.
  
  minimum_should_match number | string
  
  The minimum number of terms that should match as integer, percentage or range
  
  One of:
  MinimumShouldMatch number MinimumShouldMatch string
  
  min_term_freq number
  
  The minimum term frequency below which the terms are ignored from the input document.
  
  min_word_length number
  
  The minimum word length below which the terms are ignored.
  
  routing string
  
  stop_words string | array[string]
  
  Language value, such as arabic or thai. Defaults to english. Each language value corresponds to a predefined list of stop words in Lucene. See Stop words by language for supported language values and their stop words. Also accepts an array of stop words.
  
  One of:
  StopWordLanguage string StopWords array[string]
  
  Values are _arabic_, _armenian_, _basque_, _bengali_, _brazilian_, _bulgarian_, _catalan_, _cjk_, _czech_, _danish_, _dutch_, _english_, _estonian_, _finnish_, _french_, _galician_, _german_, _greek_, _hindi_, _hungarian_, _indonesian_, _irish_, _italian_, _latvian_, _lithuanian_, _norwegian_, _persian_, _portuguese_, _romanian_, _russian_, _serbian_, _sorani_, _spanish_, _swedish_, _thai_, _turkish_, or _none_.
  
  unlike array[string | object]
  
  version number
  
  version_type string
  
  Values are internal, external, external_gte, or force.
  
  multi_match object
  
  Hide multi_match attributes Show multi_match attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  analyzer string
  
  Analyzer used to convert the text in the query value into tokens.
  
  auto_generate_synonyms_phrase_query boolean
  
  If true, match phrase queries are automatically created for multi-term synonyms.
  
  cutoff_frequency number Deprecated
  
  fields string | array[string]
  
  fuzziness string | number
  
  One of:
  Fuzziness string Fuzziness number
  
  fuzzy_rewrite string
  
  fuzzy_transpositions boolean
  
  If true, edits for fuzzy matching include transpositions of two adjacent characters (for example, ab to ba). Can be applied to the term subqueries constructed for all terms but the final term.
  
  lenient boolean
  
  If true, format-based errors, such as providing a text query value for a numeric field, are ignored.
  
  max_expansions number
  
  Maximum number of terms to which the query will expand.
  
  minimum_should_match number | string
  
  The minimum number of terms that should match as integer, percentage or range
  
  One of:
  MinimumShouldMatch number MinimumShouldMatch string
  
  operator string
  
  Values are and, AND, or, or OR.
  
  prefix_length number
  
  Number of beginning characters left unchanged for fuzzy matching.
  
  query string Required
  
  Text, number, boolean value or date you wish to find in the provided field.
  
  slop number
  
  Maximum number of positions allowed between matching tokens.
  
  tie_breaker number
  
  Determines how scores for each per-term blended query and scores across groups are combined.
  
  type string
  
  Values are best_fields, most_fields, cross_fields, phrase, phrase_prefix, or bool_prefix.
  
  zero_terms_query string
  
  Values are all or none.
  
  nested object
  
  Hide nested attributes Show nested attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  ignore_unmapped boolean
  
  Indicates whether to ignore an unmapped path and not return any documents instead of an error.
  
  inner_hits object
  
  Hide inner_hits attributes Show inner_hits attributes object
  
  name string
  
  size number
  
  The maximum number of hits to return per inner_hits.
  
  from number
  
  Inner hit starting document offset.
  
  collapse object
  
  docvalue_fields array[object]
  
  explain boolean
  
  ignore_unmapped boolean
  
  script_fields object
  
  seq_no_primary_term boolean
  
  fields array[string]
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  sort
  
  _source
  
  stored_fields string | array[string]
  
  track_scores boolean
  
  version boolean
  
  path string Required
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  query object Required
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  score_mode string
  
  Values are none, avg, sum, max, or min.
  
  parent_id object
  
  Hide parent_id attributes Show parent_id attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  id string
  
  ignore_unmapped boolean
  
  Indicates whether to ignore an unmapped type and not return any documents instead of an error.
  
  type string
  
  percolate object
  
  Hide percolate attributes Show percolate attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  document object
  
  The source of the document being percolated.
  
  documents array[object]
  
  An array of sources of the documents being percolated.
  
  field string Required
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  id string
  
  index string
  
  name string
  
  The suffix used for the _percolator_document_slot field when multiple percolate queries are specified.
  
  preference string
  
  Preference used to fetch document to percolate.
  
  routing string
  
  version number
  
  pinned object
  
  Hide pinned attributes Show pinned attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  organic object Required
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  ids array[string]
  
  Document IDs listed in the order they are to appear in results. Required if docs is not specified.
  
  docs array[object]
  
  Documents listed in the order they are to appear in results. Required if ids is not specified.
  
  prefix object
  
  Returns documents that contain a specific prefix in a provided field.
  
  External documentation
  
  query_string object
  
  Hide query_string attributes Show query_string attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  allow_leading_wildcard boolean
  
  If true, the wildcard characters * and ? are allowed as the first character of the query string.
  
  analyzer string
  
  Analyzer used to convert text in the query string into tokens.
  
  analyze_wildcard boolean
  
  If true, the query attempts to analyze wildcard terms in the query string.
  
  auto_generate_synonyms_phrase_query boolean
  
  If true, match phrase queries are automatically created for multi-term synonyms.
  
  default_field string
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  default_operator string
  
  Values are and, AND, or, or OR.
  
  enable_position_increments boolean
  
  If true, enable position increments in queries constructed from a query_string search.
  
  escape boolean
  
  fields array[string]
  
  Array of fields to search. Supports wildcards (*).
  
  fuzziness string | number
  
  One of:
  Fuzziness string Fuzziness number
  
  fuzzy_max_expansions number
  
  Maximum number of terms to which the query expands for fuzzy matching.
  
  fuzzy_prefix_length number
  
  Number of beginning characters left unchanged for fuzzy matching.
  
  fuzzy_rewrite string
  
  fuzzy_transpositions boolean
  
  If true, edits for fuzzy matching include transpositions of two adjacent characters (for example, ab to ba).
  
  lenient boolean
  
  If true, format-based errors, such as providing a text value for a numeric field, are ignored.
  
  max_determinized_states number
  
  Maximum number of automaton states required for the query.
  
  minimum_should_match number | string
  
  The minimum number of terms that should match as integer, percentage or range
  
  One of:
  MinimumShouldMatch number MinimumShouldMatch string
  
  phrase_slop number
  
  Maximum number of positions allowed between matching tokens for phrases.
  
  query string Required
  
  Query string you wish to parse and use for search.
  
  quote_analyzer string
  
  Analyzer used to convert quoted text in the query string into tokens. For quoted text, this parameter overrides the analyzer specified in the analyzer parameter.
  
  quote_field_suffix string
  
  Suffix appended to quoted text in the query string. You can use this suffix to use a different analysis method for exact matches.
  
  rewrite string
  
  tie_breaker number
  
  How to combine the queries generated from the individual search terms in the resulting dis_max query.
  
  time_zone string
  
  type string
  
  Values are best_fields, most_fields, cross_fields, phrase, phrase_prefix, or bool_prefix.
  
  range object
  
  Returns documents that contain terms within a provided range.
  
  External documentation
  
  rank_feature object
  
  Hide rank_feature attributes Show rank_feature attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  field string Required
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  saturation object
  
  log object
  
  linear object
  
  sigmoid object
  
  regexp object
  
  Returns documents that contain terms matching a regular expression.
  
  External documentation
  
  rule object
  
  Hide rule attributes Show rule attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  organic object Required
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  ruleset_ids string | array[string]
  
  One of:
  Id string array-2 array[string]
  
  ruleset_id string
  
  match_criteria object Required
  
  script object
  
  Hide script attributes Show script attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  script object Required
  
  Hide script attributes Show script attributes object
  
  source
  
  id string
  
  params object
  
  Specifies any named parameters that are passed into the script as variables. Use parameters instead of hard-coded values to decrease compile time.
  
  lang
  
  options object
  
  script_score object
  
  Hide script_score attributes Show script_score attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  min_score number
  
  Documents with a score lower than this floating point number are excluded from the search results.
  
  query object Required
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  script object Required
  
  Hide script attributes Show script attributes object
  
  source
  
  id string
  
  params object
  
  Specifies any named parameters that are passed into the script as variables. Use parameters instead of hard-coded values to decrease compile time.
  
  lang
  
  options object
  
  semantic object
  
  Hide semantic attributes Show semantic attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  field string Required
  
  The field to query, which must be a semantic_text field type
  
  query string Required
  
  The query text
  
  shape object
  
  Hide shape attributes Show shape attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  ignore_unmapped boolean
  
  When set to true the query ignores an unmapped field and will not match any documents.
  
  simple_query_string object
  
  Hide simple_query_string attributes Show simple_query_string attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  analyzer string
  
  Analyzer used to convert text in the query string into tokens.
  
  analyze_wildcard boolean
  
  If true, the query attempts to analyze wildcard terms in the query string.
  
  auto_generate_synonyms_phrase_query boolean
  
  If true, the parser creates a match_phrase query for each multi-position token.
  
  default_operator string
  
  Values are and, AND, or, or OR.
  
  fields array[string]
  
  Array of fields you wish to search. Accepts wildcard expressions. You also can boost relevance scores for matches to particular fields using a caret (^) notation. Defaults to the index.query.default_field index setting, which has a default value of *.
  
  flags
  
  fuzzy_max_expansions number
  
  Maximum number of terms to which the query expands for fuzzy matching.
  
  fuzzy_prefix_length number
  
  Number of beginning characters left unchanged for fuzzy matching.
  
  fuzzy_transpositions boolean
  
  If true, edits for fuzzy matching include transpositions of two adjacent characters (for example, ab to ba).
  
  lenient boolean
  
  If true, format-based errors, such as providing a text value for a numeric field, are ignored.
  
  minimum_should_match number | string
  
  The minimum number of terms that should match as integer, percentage or range
  
  One of:
  MinimumShouldMatch number MinimumShouldMatch string
  
  query string Required
  
  Query string in the simple query string syntax you wish to parse and use for search.
  
  quote_field_suffix string
  
  Suffix appended to quoted text in the query string.
  
  span_containing object
  
  Hide span_containing attributes Show span_containing attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  big object Required
  
  Hide big attributes Show big attributes object
  
  span_gap object
  
  Can only be used as a clause in a span_near query.
  
  span_term object
  
  The equivalent of the term query but for use with other span queries.
  
  little object Required
  
  Hide little attributes Show little attributes object
  
  span_gap object
  
  Can only be used as a clause in a span_near query.
  
  span_term object
  
  The equivalent of the term query but for use with other span queries.
  
  span_field_masking object
  
  Hide span_field_masking attributes Show span_field_masking attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  field string Required
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  query object Required
  
  Hide query attributes Show query attributes object
  
  span_gap object
  
  Can only be used as a clause in a span_near query.
  
  span_term object
  
  The equivalent of the term query but for use with other span queries.
  
  span_first object
  
  Hide span_first attributes Show span_first attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  end number Required
  
  Controls the maximum end position permitted in a match.
  
  match object Required
  
  Hide match attributes Show match attributes object
  
  span_gap object
  
  Can only be used as a clause in a span_near query.
  
  span_term object
  
  The equivalent of the term query but for use with other span queries.
  
  span_multi object
  
  Hide span_multi attributes Show span_multi attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  match object Required
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  span_near object
  
  Hide span_near attributes Show span_near attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  clauses array[object] Required
  
  Array of one or more other span type queries.
  
  in_order boolean
  
  Controls whether matches are required to be in-order.
  
  slop number
  
  Controls the maximum number of intervening unmatched positions permitted.
  
  span_not object
  
  Hide span_not attributes Show span_not attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  dist number
  
  The number of tokens from within the include span that can’t have overlap with the exclude span. Equivalent to setting both pre and post.
  
  exclude object Required
  
  Hide exclude attributes Show exclude attributes object
  
  span_gap object
  
  Can only be used as a clause in a span_near query.
  
  span_term object
  
  The equivalent of the term query but for use with other span queries.
  
  include object Required
  
  Hide include attributes Show include attributes object
  
  span_gap object
  
  Can only be used as a clause in a span_near query.
  
  span_term object
  
  The equivalent of the term query but for use with other span queries.
  
  post number
  
  The number of tokens after the include span that can’t have overlap with the exclude span.
  
  pre number
  
  The number of tokens before the include span that can’t have overlap with the exclude span.
  
  span_or object
  
  Hide span_or attributes Show span_or attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  clauses array[object] Required
  
  Array of one or more other span type queries.
  
  span_term object
  
  Matches spans containing a term.
  
  External documentation
  
  span_within object
  
  Hide span_within attributes Show span_within attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  big object Required
  
  Hide big attributes Show big attributes object
  
  span_gap object
  
  Can only be used as a clause in a span_near query.
  
  span_term object
  
  The equivalent of the term query but for use with other span queries.
  
  little object Required
  
  Hide little attributes Show little attributes object
  
  span_gap object
  
  Can only be used as a clause in a span_near query.
  
  span_term object
  
  The equivalent of the term query but for use with other span queries.
  
  sparse_vector object
  
  Hide sparse_vector attributes Show sparse_vector attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  field string Required
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  query string
  
  The query text you want to use for search. If inference_id is specified, query must also be specified.
  
  prune boolean Technical preview; Added in 8.15.0
  
  Whether to perform pruning, omitting the non-significant tokens from the query to improve query performance. If prune is true but the pruning_config is not specified, pruning will occur but default values will be used. Default: false
  
  pruning_config object
  
  query_vector object
  
  Dictionary of precomputed sparse vectors and their associated weights. Only one of inference_id or query_vector may be supplied in a request.
  
  inference_id string
  
  term object
  
  Returns documents that contain an exact term in a provided field. To return a document, the query term must exactly match the queried field's value, including whitespace and capitalization.
  
  External documentation
  
  terms object
  
  Hide terms attributes Show terms attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  terms_set object
  
  Returns documents that contain a minimum number of exact terms in a provided field. To return a document, a required number of terms must exactly match the field values, including whitespace and capitalization.
  
  External documentation
  
  text_expansion object Deprecated Generally available; Added in 8.8.0
  
  Uses a natural language processing model to convert the query text into a list of token-weight pairs which are then used in a query against a sparse vector or rank features field.
  
  External documentation
  
  weighted_tokens object Deprecated Generally available; Added in 8.13.0
  
  Supports returning text_expansion query results by sending in precomputed tokens with the query.
  
  External documentation
  
  wildcard object
  
  Returns documents that contain terms matching a wildcard pattern.
  
  External documentation
  
  wrapper object
  
  Hide wrapper attributes Show wrapper attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  query string Required
  
  A base64 encoded query. The binary data format can be any of JSON, YAML, CBOR or SMILE encodings
  
  type object
  
  Hide type attributes Show type attributes object
  
  boost number
  
  Floating point number used to decrease or increase the relevance scores of the query. Boost values are relative to the default value of 1.0. A boost value between 0 and 1.0 decreases the relevance score. A value greater than 1.0 increases the relevance score.
  
  _name string
  
  value string Required
  
  query_delay string
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
  
  runtime_mappings object
  
  Hide runtime_mappings attribute Show runtime_mappings attribute object
  
  * object Additional properties
  
  Hide * attributes Show * attributes object
  
  fields object
  
  For type composite
  
  Hide fields attribute Show fields attribute object
  
  * object Additional properties
  
  Hide * attribute Show * attribute object
  
  type string Required
  
  Values are boolean, composite, date, double, geo_point, geo_shape, ip, keyword, long, or lookup.
  
  fetch_fields array[object]
  
  For type lookup
  
  Hide fetch_fields attributes Show fetch_fields attributes object
  
  field string Required
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  format string
  
  format string
  
  A custom format for date type runtime fields.
  
  input_field string
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  target_field string
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  target_index string
  
  script object
  
  Hide script attributes Show script attributes object
  
  source string | object
  
  One of:
  ScriptSource string SearchRequestBody object
  
  id string
  
  params object
  
  Specifies any named parameters that are passed into the script as variables. Use parameters instead of hard-coded values to decrease compile time.
  
  Hide params attribute Show params attribute object
  
  * object Additional properties
  
  lang string
  
  Any of:
  ScriptLanguage string ScriptLanguage string
  
  Values are painless, expression, mustache, or java.
  
  options object
  
  Hide options attribute Show options attribute object
  
  * string Additional properties
  
  type string Required
  
  Values are boolean, composite, date, double, geo_point, geo_shape, ip, keyword, long, or lookup.
  
  script_fields object
  
  Specifies scripts that evaluate custom expressions and returns script fields to the datafeed. The detector configuration objects in a job can contain functions that use these script fields.
  
  Hide script_fields attribute Show script_fields attribute object
  
  * object Additional properties
  
  Hide * attributes Show * attributes object
  
  script object Required
  
  Hide script attributes Show script attributes object
  
  source string | object
  
  One of:
  ScriptSource string SearchRequestBody object
  
  id string
  
  params object
  
  Specifies any named parameters that are passed into the script as variables. Use parameters instead of hard-coded values to decrease compile time.
  
  Hide params attribute Show params attribute object
  
  * object Additional properties
  
  lang string
  
  Any of:
  ScriptLanguage string ScriptLanguage string
  
  Values are painless, expression, mustache, or java.
  
  options object
  
  Hide options attribute Show options attribute object
  
  * string Additional properties
  
  ignore_failure boolean
  
  scroll_size number
  
  The size parameter that is used in Elasticsearch searches when the datafeed does not use aggregations. The maximum value is the value of index.max_result_window, which is 10,000 by default.
- description string
  
  A description of the job.
- groups array[string]
  
  A list of job groups. A job can belong to no groups or many.
- job_id string
- job_type string
  
  Reserved for future use, currently set to anomaly_detector.
- model_plot_config object
  Hide model_plot_config attributes Show model_plot_config attributes object
  
  annotations_enabled boolean Generally available; Added in 7.9.0
  
  If true, enables calculation and storage of the model change annotations for each entity that is being analyzed.
  
  enabled boolean
  
  If true, enables calculation and storage of the model bounds for each entity that is being analyzed.
  
  terms string
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
- model_snapshot_retention_days number
  
  Advanced configuration option, which affects the automatic removal of old model snapshots for this job. It specifies the maximum period of time (in days) that snapshots are retained. This period is relative to the timestamp of the most recent snapshot for this job. The default value is 10, which means snapshots ten days older than the newest snapshot are deleted.
- renormalization_window_days number
  
  Advanced configuration option. The period over which adjustments to the score are applied, as new data is seen. The default value is the longer of 30 days or 100 bucket_spans.
- results_index_name string
- results_retention_days number
  
  Advanced configuration option. The period of time (in days) that results are retained. Age is calculated relative to the timestamp of the latest bucket result. If this property has a non-null value, once per day at 00:30 (server time), results that are the specified number of days older than the latest bucket result are deleted from Elasticsearch. The default value is null, which means all results are retained. Annotations generated by the system also count as results for retention purposes; they are deleted after the same number of days as results. Annotations added by users are retained forever.

Responses

200 application/json

POST /_ml/datafeeds/{datafeed_id}/_preview

GET _ml/datafeeds/datafeed-high_sum_total_sales/_preview

curl \
 --request POST 'http://api.example.com/_ml/datafeeds/{datafeed_id}/_preview' \
 --header "Content-Type: application/json" \
 --data '{"datafeed_config":{"aggregations":{},"chunking_config":{"mode":"auto","time_span":"string"},"datafeed_id":"string","delayed_data_check_config":{"check_window":"string","enabled":true},"frequency":"string","indices":"string","indices_options":{"allow_no_indices":true,"expand_wildcards":"string","ignore_unavailable":true,"ignore_throttled":true},"job_id":"string","max_empty_searches":42.0,"query":{"bool":{"boost":42.0,"_name":"string","filter":{},"minimum_should_match":42.0,"must":{},"must_not":{},"should":{}},"boosting":{"boost":42.0,"_name":"string","negative_boost":42.0,"negative":{},"positive":{}},"common":{},"combined_fields":{"boost":42.0,"_name":"string","fields":["string"],"query":"string","auto_generate_synonyms_phrase_query":true,"operator":"or","minimum_should_match":42.0,"zero_terms_query":"none"},"constant_score":{"boost":42.0,"_name":"string","filter":{}},"dis_max":{"boost":42.0,"_name":"string","queries":[{}],"tie_breaker":42.0},"distance_feature":{"boost":42.0,"_name":"string","origin":{},"pivot":{},"field":"string"},"exists":{"boost":42.0,"_name":"string","field":"string"},"function_score":{"boost":42.0,"_name":"string","boost_mode":"multiply","functions":[{}],"max_boost":42.0,"min_score":42.0,"query":{},"score_mode":"multiply"},"fuzzy":{},"geo_bounding_box":{"boost":42.0,"_name":"string","type":"memory","validation_method":"coerce","ignore_unmapped":true},"geo_distance":{"boost":42.0,"_name":"string","distance":"string","distance_type":"arc","validation_method":"coerce","ignore_unmapped":true},"geo_grid":{},"geo_polygon":{"boost":42.0,"_name":"string","validation_method":"coerce","ignore_unmapped":true},"geo_shape":{"boost":42.0,"_name":"string","ignore_unmapped":true},"has_child":{"boost":42.0,"_name":"string","ignore_unmapped":true,"inner_hits":{"name":"string","size":42.0,"from":42.0,"collapse":{"field":"string","max_concurrent_group_searches":42.0,"collapse":{}},"docvalue_fields":[{}],"explain":true,"highlight":{},"ignore_unmapped":true,"script_fields":{"additionalProperty1":{},"additionalProperty2":{}},"seq_no_primary_term":true,"fields":["string"],"sort":["string"],"_source":true,"stored_fields":"string","track_scores":true,"version":true},"max_children":42.0,"min_children":42.0,"query":{},"score_mode":"none","type":"string"},"has_parent":{"boost":42.0,"_name":"string","ignore_unmapped":true,"inner_hits":{"name":"string","size":42.0,"from":42.0,"collapse":{"field":"string","max_concurrent_group_searches":42.0,"collapse":{}},"docvalue_fields":[{}],"explain":true,"highlight":{},"ignore_unmapped":true,"script_fields":{"additionalProperty1":{},"additionalProperty2":{}},"seq_no_primary_term":true,"fields":["string"],"sort":["string"],"_source":true,"stored_fields":"string","track_scores":true,"version":true},"parent_type":"string","query":{},"score":true},"ids":{"boost":42.0,"_name":"string","values":"string"},"intervals":{},"knn":{"boost":42.0,"_name":"string","field":"string","query_vector":[42.0],"query_vector_builder":{"text_embedding":{"model_id":"string","model_text":"string"}},"num_candidates":42.0,"k":42.0,"filter":{},"similarity":42.0,"rescore_vector":{"oversample":42.0}},"match":{},"match_all":{"boost":42.0,"_name":"string"},"match_bool_prefix":{},"match_none":{"boost":42.0,"_name":"string"},"match_phrase":{},"match_phrase_prefix":{},"more_like_this":{"boost":42.0,"_name":"string","analyzer":"string","boost_terms":42.0,"fail_on_unsupported_field":true,"fields":["string"],"include":true,"like":"string","max_doc_freq":42.0,"max_query_terms":42.0,"max_word_length":42.0,"min_doc_freq":42.0,"minimum_should_match":42.0,"min_term_freq":42.0,"min_word_length":42.0,"routing":"string","stop_words":"_arabic_","unlike":"string","version":42.0,"version_type":"internal"},"multi_match":{"boost":42.0,"_name":"string","analyzer":"string","auto_generate_synonyms_phrase_query":true,"cutoff_frequency":42.0,"fields":"string","fuzziness":"string","fuzzy_rewrite":"string","fuzzy_transpositions":true,"lenient":true,"max_expansions":42.0,"minimum_should_match":42.0,"operator":"and","prefix_length":42.0,"query":"string","slop":42.0,"tie_breaker":42.0,"type":"best_fields","zero_terms_query":"all"},"nested":{"boost":42.0,"_name":"string","ignore_unmapped":true,"inner_hits":{"name":"string","size":42.0,"from":42.0,"collapse":{"field":"string","max_concurrent_group_searches":42.0,"collapse":{}},"docvalue_fields":[{}],"explain":true,"highlight":{},"ignore_unmapped":true,"script_fields":{"additionalProperty1":{},"additionalProperty2":{}},"seq_no_primary_term":true,"fields":["string"],"sort":["string"],"_source":true,"stored_fields":"string","track_scores":true,"version":true},"path":"string","query":{},"score_mode":"none"},"parent_id":{"boost":42.0,"_name":"string","id":"string","ignore_unmapped":true,"type":"string"},"percolate":{"boost":42.0,"_name":"string","document":{},"documents":[{}],"field":"string","id":"string","index":"string","name":"string","preference":"string","routing":"string","version":42.0},"pinned":{"boost":42.0,"_name":"string","organic":{},"ids":["string"],"docs":[{}]},"prefix":{},"query_string":{"boost":42.0,"_name":"string","allow_leading_wildcard":true,"analyzer":"string","analyze_wildcard":true,"auto_generate_synonyms_phrase_query":true,"default_field":"string","default_operator":"and","enable_position_increments":true,"escape":true,"fields":["string"],"fuzziness":"string","fuzzy_max_expansions":42.0,"fuzzy_prefix_length":42.0,"fuzzy_rewrite":"string","fuzzy_transpositions":true,"lenient":true,"max_determinized_states":42.0,"minimum_should_match":42.0,"phrase_slop":42.0,"query":"string","quote_analyzer":"string","quote_field_suffix":"string","rewrite":"string","tie_breaker":42.0,"time_zone":"string","type":"best_fields"},"range":{},"rank_feature":{"boost":42.0,"_name":"string","field":"string","saturation":{"pivot":42.0},"log":{"scaling_factor":42.0},"linear":{},"sigmoid":{"pivot":42.0,"exponent":42.0}},"regexp":{},"rule":{"boost":42.0,"_name":"string","organic":{},"ruleset_ids":"string","ruleset_id":"string","match_criteria":{}},"script":{"boost":42.0,"_name":"string","script":{"source":"string","id":"string","params":{"additionalProperty1":{},"additionalProperty2":{}},"lang":"painless","options":{"additionalProperty1":"string","additionalProperty2":"string"}}},"script_score":{"boost":42.0,"_name":"string","min_score":42.0,"query":{},"script":{"source":"string","id":"string","params":{"additionalProperty1":{},"additionalProperty2":{}},"lang":"painless","options":{"additionalProperty1":"string","additionalProperty2":"string"}}},"semantic":{"boost":42.0,"_name":"string","field":"string","query":"string"},"shape":{"boost":42.0,"_name":"string","ignore_unmapped":true},"simple_query_string":{"boost":42.0,"_name":"string","analyzer":"string","analyze_wildcard":true,"auto_generate_synonyms_phrase_query":true,"default_operator":"and","fields":["string"],"flags":"NONE","fuzzy_max_expansions":42.0,"fuzzy_prefix_length":42.0,"fuzzy_transpositions":true,"lenient":true,"minimum_should_match":42.0,"query":"string","quote_field_suffix":"string"},"span_containing":{"boost":42.0,"_name":"string","big":{"span_field_masking":{},"span_first":{},"span_gap":{"additionalProperty1":42.0,"additionalProperty2":42.0},"span_multi":{},"span_near":{},"span_not":{},"span_or":{},"span_term":{},"span_within":{}},"little":{"span_field_masking":{},"span_first":{},"span_gap":{"additionalProperty1":42.0,"additionalProperty2":42.0},"span_multi":{},"span_near":{},"span_not":{},"span_or":{},"span_term":{},"span_within":{}}},"span_field_masking":{"boost":42.0,"_name":"string","field":"string","query":{"span_containing":{},"span_first":{},"span_gap":{"additionalProperty1":42.0,"additionalProperty2":42.0},"span_multi":{},"span_near":{},"span_not":{},"span_or":{},"span_term":{},"span_within":{}}},"span_first":{"boost":42.0,"_name":"string","end":42.0,"match":{"span_containing":{},"span_field_masking":{},"span_gap":{"additionalProperty1":42.0,"additionalProperty2":42.0},"span_multi":{},"span_near":{},"span_not":{},"span_or":{},"span_term":{},"span_within":{}}},"span_multi":{"boost":42.0,"_name":"string","match":{}},"span_near":{"boost":42.0,"_name":"string","clauses":[{"span_gap":{},"span_term":{}}],"in_order":true,"slop":42.0},"span_not":{"boost":42.0,"_name":"string","dist":42.0,"exclude":{"span_containing":{},"span_field_masking":{},"span_first":{},"span_gap":{"additionalProperty1":42.0,"additionalProperty2":42.0},"span_multi":{},"span_near":{},"span_or":{},"span_term":{},"span_within":{}},"include":{"span_containing":{},"span_field_masking":{},"span_first":{},"span_gap":{"additionalProperty1":42.0,"additionalProperty2":42.0},"span_multi":{},"span_near":{},"span_or":{},"span_term":{},"span_within":{}},"post":42.0,"pre":42.0},"span_or":{"boost":42.0,"_name":"string","clauses":[{"span_gap":{},"span_term":{}}]},"span_term":{},"span_within":{"boost":42.0,"_name":"string","big":{"span_containing":{},"span_field_masking":{},"span_first":{},"span_gap":{"additionalProperty1":42.0,"additionalProperty2":42.0},"span_multi":{},"span_near":{},"span_not":{},"span_or":{},"span_term":{}},"little":{"span_containing":{},"span_field_masking":{},"span_first":{},"span_gap":{"additionalProperty1":42.0,"additionalProperty2":42.0},"span_multi":{},"span_near":{},"span_not":{},"span_or":{},"span_term":{}}},"sparse_vector":{"boost":42.0,"_name":"string","field":"string","query":"string","prune":true,"pruning_config":{"tokens_freq_ratio_threshold":42.0,"tokens_weight_threshold":42.0,"only_score_pruned_tokens":true},"query_vector":{"additionalProperty1":42.0,"additionalProperty2":42.0},"inference_id":"string"},"term":{},"terms":{"boost":42.0,"_name":"string"},"terms_set":{},"text_expansion":{},"weighted_tokens":{},"wildcard":{},"wrapper":{"boost":42.0,"_name":"string","query":"string"},"type":{"boost":42.0,"_name":"string","value":"string"}},"query_delay":"string","runtime_mappings":{"additionalProperty1":{"fields":{"additionalProperty1":{"type":"boolean"},"additionalProperty2":{"type":"boolean"}},"fetch_fields":[{"field":"string","format":"string"}],"format":"string","input_field":"string","target_field":"string","target_index":"string","script":{"source":"string","id":"string","params":{"additionalProperty1":{},"additionalProperty2":{}},"lang":"painless","options":{"additionalProperty1":"string","additionalProperty2":"string"}},"type":"boolean"},"additionalProperty2":{"fields":{"additionalProperty1":{"type":"boolean"},"additionalProperty2":{"type":"boolean"}},"fetch_fields":[{"field":"string","format":"string"}],"format":"string","input_field":"string","target_field":"string","target_index":"string","script":{"source":"string","id":"string","params":{"additionalProperty1":{},"additionalProperty2":{}},"lang":"painless","options":{"additionalProperty1":"string","additionalProperty2":"string"}},"type":"boolean"}},"script_fields":{"additionalProperty1":{"script":{"source":"string","id":"string","params":{"additionalProperty1":{},"additionalProperty2":{}},"lang":"painless","options":{"additionalProperty1":"string","additionalProperty2":"string"}},"ignore_failure":true},"additionalProperty2":{"script":{"source":"string","id":"string","params":{"additionalProperty1":{},"additionalProperty2":{}},"lang":"painless","options":{"additionalProperty1":"string","additionalProperty2":"string"}},"ignore_failure":true}},"scroll_size":42.0},"job_config":{"allow_lazy_open":true,"analysis_config":{"bucket_span":"string","categorization_analyzer":"string","categorization_field_name":"string","categorization_filters":["string"],"detectors":[{"by_field_name":"string","custom_rules":[{"actions":["skip_result"],"conditions":[{}],"scope":{}}],"detector_description":"string","detector_index":42.0,"exclude_frequent":"all","field_name":"string","function":"string","over_field_name":"string","partition_field_name":"string","use_null":true}],"influencers":["string"],"latency":"string","model_prune_window":"string","multivariate_by_fields":true,"per_partition_categorization":{"enabled":true,"stop_on_warn":true},"summary_count_field_name":"string"},"analysis_limits":{"categorization_examples_limit":42.0,"model_memory_limit":42.0},"background_persist_interval":"string","custom_settings":{},"daily_model_snapshot_retention_after_days":42.0,"data_description":{"format":"string","time_field":"string","time_format":"string","field_delimiter":"string"},"datafeed_config":{"aggregations":{},"chunking_config":{"mode":"auto","time_span":"string"},"datafeed_id":"string","delayed_data_check_config":{"check_window":"string","enabled":true},"frequency":"string","indices":"string","indices_options":{"allow_no_indices":true,"expand_wildcards":"string","ignore_unavailable":true,"ignore_throttled":true},"job_id":"string","max_empty_searches":42.0,"query":{"bool":{"boost":42.0,"_name":"string","filter":{},"minimum_should_match":42.0,"must":{},"must_not":{},"should":{}},"boosting":{"boost":42.0,"_name":"string","negative_boost":42.0,"negative":{},"positive":{}},"common":{},"combined_fields":{"boost":42.0,"_name":"string","fields":["string"],"query":"string","auto_generate_synonyms_phrase_query":true,"operator":"or","minimum_should_match":42.0,"zero_terms_query":"none"},"constant_score":{"boost":42.0,"_name":"string","filter":{}},"dis_max":{"boost":42.0,"_name":"string","queries":[{}],"tie_breaker":42.0},"distance_feature":{},"exists":{"boost":42.0,"_name":"string","field":"string"},"function_score":{"boost":42.0,"_name":"string","boost_mode":"multiply","functions":[{}],"max_boost":42.0,"min_score":42.0,"query":{},"score_mode":"multiply"},"fuzzy":{},"geo_bounding_box":{"boost":42.0,"_name":"string","type":"memory","validation_method":"coerce","ignore_unmapped":true},"geo_distance":{"boost":42.0,"_name":"string","distance":"string","distance_type":"arc","validation_method":"coerce","ignore_unmapped":true},"geo_grid":{},"geo_polygon":{"boost":42.0,"_name":"string","validation_method":"coerce","ignore_unmapped":true},"geo_shape":{"boost":42.0,"_name":"string","ignore_unmapped":true},"has_child":{"boost":42.0,"_name":"string","ignore_unmapped":true,"inner_hits":{"name":"string","size":42.0,"from":42.0,"collapse":{},"docvalue_fields":[{}],"explain":true,"ignore_unmapped":true,"script_fields":{},"seq_no_primary_term":true,"fields":["string"],"stored_fields":"string","track_scores":true,"version":true},"max_children":42.0,"min_children":42.0,"query":{},"score_mode":"none","type":"string"},"has_parent":{"boost":42.0,"_name":"string","ignore_unmapped":true,"inner_hits":{"name":"string","size":42.0,"from":42.0,"collapse":{},"docvalue_fields":[{}],"explain":true,"ignore_unmapped":true,"script_fields":{},"seq_no_primary_term":true,"fields":["string"],"stored_fields":"string","track_scores":true,"version":true},"parent_type":"string","query":{},"score":true},"ids":{"boost":42.0,"_name":"string","values":"string"},"intervals":{},"knn":{"boost":42.0,"_name":"string","field":"string","query_vector":[42.0],"query_vector_builder":{"text_embedding":{}},"num_candidates":42.0,"k":42.0,"filter":{},"similarity":42.0,"rescore_vector":{"oversample":42.0}},"match":{},"match_all":{"boost":42.0,"_name":"string"},"match_bool_prefix":{},"match_none":{"boost":42.0,"_name":"string"},"match_phrase":{},"match_phrase_prefix":{},"more_like_this":{"boost":42.0,"_name":"string","analyzer":"string","boost_terms":42.0,"fail_on_unsupported_field":true,"fields":["string"],"include":true,"like":["string"],"max_doc_freq":42.0,"max_query_terms":42.0,"max_word_length":42.0,"min_doc_freq":42.0,"minimum_should_match":42.0,"min_term_freq":42.0,"min_word_length":42.0,"routing":"string","stop_words":"_arabic_","unlike":["string"],"version":42.0,"version_type":"internal"},"multi_match":{"boost":42.0,"_name":"string","analyzer":"string","auto_generate_synonyms_phrase_query":true,"cutoff_frequency":42.0,"fields":"string","fuzziness":"string","fuzzy_rewrite":"string","fuzzy_transpositions":true,"lenient":true,"max_expansions":42.0,"minimum_should_match":42.0,"operator":"and","prefix_length":42.0,"query":"string","slop":42.0,"tie_breaker":42.0,"type":"best_fields","zero_terms_query":"all"},"nested":{"boost":42.0,"_name":"string","ignore_unmapped":true,"inner_hits":{"name":"string","size":42.0,"from":42.0,"collapse":{},"docvalue_fields":[{}],"explain":true,"ignore_unmapped":true,"script_fields":{},"seq_no_primary_term":true,"fields":["string"],"stored_fields":"string","track_scores":true,"version":true},"path":"string","query":{},"score_mode":"none"},"parent_id":{"boost":42.0,"_name":"string","id":"string","ignore_unmapped":true,"type":"string"},"percolate":{"boost":42.0,"_name":"string","document":{},"documents":[{}],"field":"string","id":"string","index":"string","name":"string","preference":"string","routing":"string","version":42.0},"pinned":{"boost":42.0,"_name":"string","organic":{},"ids":["string"],"docs":[{}]},"prefix":{},"query_string":{"boost":42.0,"_name":"string","allow_leading_wildcard":true,"analyzer":"string","analyze_wildcard":true,"auto_generate_synonyms_phrase_query":true,"default_field":"string","default_operator":"and","enable_position_increments":true,"escape":true,"fields":["string"],"fuzziness":"string","fuzzy_max_expansions":42.0,"fuzzy_prefix_length":42.0,"fuzzy_rewrite":"string","fuzzy_transpositions":true,"lenient":true,"max_determinized_states":42.0,"minimum_should_match":42.0,"phrase_slop":42.0,"query":"string","quote_analyzer":"string","quote_field_suffix":"string","rewrite":"string","tie_breaker":42.0,"time_zone":"string","type":"best_fields"},"range":{},"rank_feature":{"boost":42.0,"_name":"string","field":"string","saturation":{},"log":{},"linear":{},"sigmoid":{}},"regexp":{},"rule":{"boost":42.0,"_name":"string","organic":{},"ruleset_ids":"string","ruleset_id":"string","match_criteria":{}},"script":{"boost":42.0,"_name":"string","script":{"id":"string","params":{},"options":{}}},"script_score":{"boost":42.0,"_name":"string","min_score":42.0,"query":{},"script":{"id":"string","params":{},"options":{}}},"semantic":{"boost":42.0,"_name":"string","field":"string","query":"string"},"shape":{"boost":42.0,"_name":"string","ignore_unmapped":true},"simple_query_string":{"boost":42.0,"_name":"string","analyzer":"string","analyze_wildcard":true,"auto_generate_synonyms_phrase_query":true,"default_operator":"and","fields":["string"],"fuzzy_max_expansions":42.0,"fuzzy_prefix_length":42.0,"fuzzy_transpositions":true,"lenient":true,"minimum_should_match":42.0,"query":"string","quote_field_suffix":"string"},"span_containing":{"boost":42.0,"_name":"string","big":{"span_gap":{},"span_term":{}},"little":{"span_gap":{},"span_term":{}}},"span_field_masking":{"boost":42.0,"_name":"string","field":"string","query":{"span_gap":{},"span_term":{}}},"span_first":{"boost":42.0,"_name":"string","end":42.0,"match":{"span_gap":{},"span_term":{}}},"span_multi":{"boost":42.0,"_name":"string","match":{}},"span_near":{"boost":42.0,"_name":"string","clauses":[{}],"in_order":true,"slop":42.0},"span_not":{"boost":42.0,"_name":"string","dist":42.0,"exclude":{"span_gap":{},"span_term":{}},"include":{"span_gap":{},"span_term":{}},"post":42.0,"pre":42.0},"span_or":{"boost":42.0,"_name":"string","clauses":[{}]},"span_term":{},"span_within":{"boost":42.0,"_name":"string","big":{"span_gap":{},"span_term":{}},"little":{"span_gap":{},"span_term":{}}},"sparse_vector":{"boost":42.0,"_name":"string","field":"string","query":"string","prune":true,"pruning_config":{},"query_vector":{},"inference_id":"string"},"term":{},"terms":{"boost":42.0,"_name":"string"},"terms_set":{},"text_expansion":{},"weighted_tokens":{},"wildcard":{},"wrapper":{"boost":42.0,"_name":"string","query":"string"},"type":{"boost":42.0,"_name":"string","value":"string"}},"query_delay":"string","runtime_mappings":{"additionalProperty1":{"fields":{"additionalProperty1":{"type":"boolean"},"additionalProperty2":{"type":"boolean"}},"fetch_fields":[{"field":"string","format":"string"}],"format":"string","input_field":"string","target_field":"string","target_index":"string","script":{"source":"string","id":"string","params":{"additionalProperty1":{},"additionalProperty2":{}},"lang":"painless","options":{"additionalProperty1":"string","additionalProperty2":"string"}},"type":"boolean"},"additionalProperty2":{"fields":{"additionalProperty1":{"type":"boolean"},"additionalProperty2":{"type":"boolean"}},"fetch_fields":[{"field":"string","format":"string"}],"format":"string","input_field":"string","target_field":"string","target_index":"string","script":{"source":"string","id":"string","params":{"additionalProperty1":{},"additionalProperty2":{}},"lang":"painless","options":{"additionalProperty1":"string","additionalProperty2":"string"}},"type":"boolean"}},"script_fields":{"additionalProperty1":{"script":{"source":"string","id":"string","params":{"additionalProperty1":{},"additionalProperty2":{}},"lang":"painless","options":{"additionalProperty1":"string","additionalProperty2":"string"}},"ignore_failure":true},"additionalProperty2":{"script":{"source":"string","id":"string","params":{"additionalProperty1":{},"additionalProperty2":{}},"lang":"painless","options":{"additionalProperty1":"string","additionalProperty2":"string"}},"ignore_failure":true}},"scroll_size":42.0},"description":"string","groups":["string"],"job_id":"string","job_type":"string","model_plot_config":{"annotations_enabled":true,"enabled":true,"terms":"string"},"model_snapshot_retention_days":42.0,"renormalization_window_days":42.0,"results_index_name":"string","results_retention_days":42.0}}'

Documentation preview

This is a preview of your version @2025-06-09 which is not yet released.

View current documentation

Preview a datafeed Generally available; Added in 5.4.0

Path parameters

Query parameters

Body

filter object | array[object]

minimum_should_match number | string

must object | array[object]

must_not object | array[object]

should object | array[object]

minimum_should_match number | string

distance_feature object

_source boolean | object

_source boolean | object

values string | array[string]

filter object | array[object]

like string | object | array[string | object]

minimum_should_match number | string

stop_words string | array[string]

unlike string | object | array[string | object]

fuzziness string | number

minimum_should_match number | string

_source boolean | object

fuzziness string | number

minimum_should_match number | string

ruleset_ids string | array[string]

source string | object

lang string

source string | object

lang string

flags string

minimum_should_match number | string

source string | object

lang string

source string | object

lang string

categorization_analyzer string | object

model_memory_limit number | string

filter object | array[object]

minimum_should_match number | string

must object | array[object]

must_not object | array[object]

should object | array[object]

minimum_should_match number | string

distance_feature object

values string | array[string]

filter object | array[object]

minimum_should_match number | string

stop_words string | array[string]

fuzziness string | number

minimum_should_match number | string

fuzziness string | number

minimum_should_match number | string

ruleset_ids string | array[string]

minimum_should_match number | string

source string | object

lang string

source string | object

lang string

Responses

Documentation preview