Struct elasticsearch::eql::EqlSearch
source · pub struct EqlSearch<'a, 'b, B> { /* private fields */ }
Expand description
Builder for the Eql Search API
Returns results matching a query expressed in Event Query Language (EQL)
Implementations
sourceimpl<'a, 'b, B> EqlSearch<'a, 'b, B>where
B: Body,
impl<'a, 'b, B> EqlSearch<'a, 'b, B>where
B: Body,
sourcepub fn new(transport: &'a Transport, parts: EqlSearchParts<'b>) -> Self
pub fn new(transport: &'a Transport, parts: EqlSearchParts<'b>) -> Self
Creates a new instance of EqlSearch with the specified API parts
sourcepub fn body<T>(self, body: T) -> EqlSearch<'a, 'b, JsonBody<T>>where
T: Serialize,
pub fn body<T>(self, body: T) -> EqlSearch<'a, 'b, JsonBody<T>>where
T: Serialize,
The body for the API call
sourcepub fn error_trace(self, error_trace: bool) -> Self
pub fn error_trace(self, error_trace: bool) -> Self
Include the stack trace of returned errors.
sourcepub fn filter_path(self, filter_path: &'b [&'b str]) -> Self
pub fn filter_path(self, filter_path: &'b [&'b str]) -> Self
A comma-separated list of filters used to reduce the response.
sourcepub fn header(self, key: HeaderName, value: HeaderValue) -> Self
pub fn header(self, key: HeaderName, value: HeaderValue) -> Self
Adds a HTTP header
sourcepub fn keep_alive(self, keep_alive: &'b str) -> Self
pub fn keep_alive(self, keep_alive: &'b str) -> Self
Update the time interval in which the results (partial or final) for this search will be available
sourcepub fn keep_on_completion(self, keep_on_completion: bool) -> Self
pub fn keep_on_completion(self, keep_on_completion: bool) -> Self
Control whether the response should be stored in the cluster if it completed within the provided [wait_for_completion] time (default: false)
sourcepub fn request_timeout(self, timeout: Duration) -> Self
pub fn request_timeout(self, timeout: Duration) -> Self
Sets a request timeout for this API call.
The timeout is applied from when the request starts connecting until the response body has finished.
sourcepub fn source(self, source: &'b str) -> Self
pub fn source(self, source: &'b str) -> Self
The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
sourcepub fn wait_for_completion_timeout(
self,
wait_for_completion_timeout: &'b str
) -> Self
pub fn wait_for_completion_timeout(
self,
wait_for_completion_timeout: &'b str
) -> Self
Specify the time that the request should block waiting for the final response