Name

Unique name of the resource. The maximum length of the name is 128 Unicode characters.

Required setting.

Tenant

The name of the tenant that owns the resource.

Required setting.

Type

Connector type, elastic.

Required setting.

URL

URL of the Elasticsearch server.

Required setting.

Elastic credentials

Secret that stores the credentials for connecting to the Elasticsearch server.

Elastic fingerprint

Secret that stores secrets of the 'fingerprint' type for connecting to the Elasticsearch server and secrets of the 'certificate' type for using a CA certificate.

Index

Name of the index in Elasticsearch.

Required setting.

Query

Elasticsearch query. We recommend specifying the size parameter in the query to prevent performance problems with KUMA and Elasticsearch, as well as the sort parameter for the sorting order.

The following values are possible for the sort parameter in the query: asc, desc, or a custom sorting order by specific fields in accordance with the Elasticsearch syntax. To sort by a specific field, we recommend also specifying the "missing" : "_first" parameter next to the "order" parameter to prevent errors in cases when this field is absent in any document. For example, "sort": { "DestinationDnsDomain.keyword": {"order": "desc", "missing" : "_first" } }. For more details on sorting, please refer to the Elasticsearch documentation.

Query example:

"query" : { "match_all" : {} }, "size" : 25, "sort": {"_doc" : "asc"}

Required setting.

Poll interval, sec

Interval between queries to the Elasticsearch server in seconds if the previous query did not return any events. If Elasticsearch contained events at the time of the request, the connector will receive events until all available events have been received from Elasticsearch.

Description

Description of the resource. The maximum length of the description is 4000 Unicode characters.

Character encoding

Character encoding. The default is UTF-8.

Debug

Ths switch enables resource logging. This toggle switch is turned off by default.