Support is guaranteed for Elasticsearch version 7.0.0.
When creating this type of connector, you need to define values for the following settings:
Basic settings tab:
Name (required)—a unique name for this type of resource. Must contain 1 to 128 Unicode characters.
Tenant (required)—name of the tenant that owns the resource.
Type (required)—connector type, elastic.
URL (required)—valid URL of the Elasticsearch server.
Elastic credentials—drop-down list in which you can select the secret which stores the credentials for connecting to the Elasticsearch server.
Elastic fingerprint—drop-down list for selecting a secret that stores secrets of the 'fingerprint' type for connecting to the Elasticsearch server and secrets of the 'certificate' type for using a CA certificate.
Index (required)—Name of the index in Elasticsearch.
Query (required)—query to Elasticsearch. We recommend specifying the 'size' parameter in the query to prevent performance issues with KUMA and Elasticsearch.
Query example:
"query" : { "match_all" : {} },"size" : 25
Sorting (required)—sorting order. Possible values: asc, desc.
Poll interval, sec—interval between queries to the Elasticsearch server in seconds if the previous query did not return any events. If Elasticsearch contained events at the time of the request, the connector will receive events until all available events have been received from Elasticsearch.
Description—resource description: up to 4,000 Unicode characters.
Advanced settings tab:
Character encoding setting specifies character encoding. The default value is UTF-8.
Debug—a toggle switch that lets you specify whether resource logging must be enabled. By default, this toggle switch is in the Disabled position.