Module: Elasticsearch::API::TextStructure::Actions

Included in:: TextStructureClient

Defined in:: lib/elasticsearch/api/namespace/text_structure.rb,
lib/elasticsearch/api/actions/text_structure/find_structure.rb,
lib/elasticsearch/api/actions/text_structure/test_grok_pattern.rb

Instance Method Summary collapse

#find_structure(arguments = {}) ⇒ Object

Finds the structure of a text file.
#test_grok_pattern(arguments = {}) ⇒ Object

Tests a Grok pattern on some text.

Instance Method Details

#find_structure(arguments = {}) ⇒ `Object`

Finds the structure of a text file. The text file must contain data that is suitable to be ingested into Elasticsearch.

Parameters:

arguments (Hash) (defaults to: {}) —

a customizable set of options

Options Hash (arguments):

:lines_to_sample (Integer) —

How many lines of the file should be included in the analysis
:line_merge_size_limit (Integer) —

Maximum number of characters permitted in a single message when lines are merged to create messages.
:timeout (Time) —

Timeout after which the analysis will be aborted
:charset (String) —

Optional parameter to specify the character set of the file
:format (String) —

Optional parameter to specify the high level file format (options: ndjson, xml, delimited, semi_structured_text)
:has_header_row (Boolean) —

Optional parameter to specify whether a delimited file includes the column names in its first row
:column_names (List) —

Optional parameter containing a comma separated list of the column names for a delimited file
:delimiter (String) —

Optional parameter to specify the delimiter character for a delimited file - must be a single character
:quote (String) —

Optional parameter to specify the quote character for a delimited file - must be a single character
:should_trim_fields (Boolean) —

Optional parameter to specify whether the values between delimiters in a delimited file should have whitespace trimmed from them
:grok_pattern (String) —

Optional parameter to specify the Grok pattern that should be used to extract fields from messages in a semi-structured text file
:ecs_compatibility (String) —

Optional parameter to specify the compatibility mode with ECS Grok patterns - may be either ‘v1’ or ‘disabled’
:timestamp_field (String) —

Optional parameter to specify the timestamp field in the file
:timestamp_format (String) —

Optional parameter to specify the timestamp format in the file - may be either a Joda or Java time format
:explain (Boolean) —

Whether to include a commentary on how the structure was derived
:headers (Hash) —

Custom HTTP headers
:body (Hash) —

The contents of the file to be analyzed (Required)

Raises:

(ArgumentError)

See Also:

https://www.elastic.co/guide/en/elasticsearch/reference/8.13/find-structure.html

# File 'lib/elasticsearch/api/actions/text_structure/find_structure.rb', line 47

def find_structure(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'text_structure.find_structure' }

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = '_text_structure/find_structure'
  params = Utils.process_params(arguments)

  payload = if body.is_a? Array
              Elasticsearch::API::Utils.__bulkify(body)
            else
              body
            end

  headers.merge!('Content-Type' => 'application/x-ndjson')
  Elasticsearch::API::Response.new(
    perform_request(method, path, params, payload, headers, request_opts)
  )
end

#test_grok_pattern(arguments = {}) ⇒ `Object`

Tests a Grok pattern on some text.