|
@@ -605,7 +605,7 @@ data, or <<modules-cross-cluster-search,multiple clusters>>.
|
|
|
|
|
|
|
|
To avoid long waits, run an async EQL search. Set `wait_for_completion_timeout`
|
|
To avoid long waits, run an async EQL search. Set `wait_for_completion_timeout`
|
|
|
to a duration you'd like to wait for synchronous results.
|
|
to a duration you'd like to wait for synchronous results.
|
|
|
-+
|
|
|
|
|
|
|
+
|
|
|
[source,console]
|
|
[source,console]
|
|
|
----
|
|
----
|
|
|
GET /my-data-stream/_eql/search
|
|
GET /my-data-stream/_eql/search
|
James Rodewig