Delete async EQL search API
editDelete async EQL search API
editDeletes an async EQL search or a stored synchronous EQL search. The API also deletes results for the search.
resp = client.eql.delete( id="FkpMRkJGS1gzVDRlM3g4ZzMyRGlLbkEaTXlJZHdNT09TU2VTZVBoNDM3cFZMUToxMDM=", ) print(resp)
response = client.eql.delete( id: 'FkpMRkJGS1gzVDRlM3g4ZzMyRGlLbkEaTXlJZHdNT09TU2VTZVBoNDM3cFZMUToxMDM=' ) puts response
const response = await client.eql.delete({ id: "FkpMRkJGS1gzVDRlM3g4ZzMyRGlLbkEaTXlJZHdNT09TU2VTZVBoNDM3cFZMUToxMDM=", }); console.log(response);
DELETE /_eql/search/FkpMRkJGS1gzVDRlM3g4ZzMyRGlLbkEaTXlJZHdNT09TU2VTZVBoNDM3cFZMUToxMDM=
Request
editDELETE /_eql/search/<search_id>
Prerequisites
edit-
If the Elasticsearch security features are enabled, only the following users can use this API to delete a search:
-
Users with the
cancel_task
cluster privilege - The user who first submitted the search
-
Users with the
- See Required fields.
Limitations
editSee EQL limitations.
Path parameters
edit-
<search_id>
-
(Required, string) Identifier for the search to delete.
A search ID is provided in the EQL search API's response for an async search. A search ID is also provided if the request’s
keep_on_completion
parameter istrue
.