IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.
Elastic Docs Elasticsearch Guide [7.10] REST APIs Search APIs
« Get async EQL search API Count API »

Delete async EQL search APIedit

This functionality is in beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features.

Deletes an async EQL search or a stored synchronous EQL search. The API also deletes results for the search.

DELETE /_eql/search/FkpMRkJGS1gzVDRlM3g4ZzMyRGlLbkEaTXlJZHdNT09TU2VTZVBoNDM3cFZMUToxMDM=

Requestedit

DELETE /_eql/search/<search_id>

Prerequisitesedit

  • If the Elasticsearch security features are enabled, only the user who first submitted the EQL search can delete the search using this API.
  • See Required fields.

Limitationsedit

See EQL limitations.

Path parametersedit

<search_id>

(Required, string) Identifier for the search to delete.

A search ID is provided in the EQL search API's response for an async search. A search ID is also provided if the request’s keep_on_completion parameter is true.

« Get async EQL search API Count API »