[Streams] Update wired streams endpoints#5231
[Streams] Update wired streams endpoints#5231mdbirnstiehl wants to merge 7 commits intoelastic:mainfrom
Conversation
✅ Vale Linting ResultsNo issues found on modified lines! The Vale linter checks documentation changes against the Elastic Docs style guide. To use Vale locally or report issues, refer to Elastic style guide for Vale. |
|
@mohamedhamed-ahmed One thing I wasn't sure on, do users need to specify an endpoint, or is that something that happens automatically? I'm thinking mainly of the ship to wired streams section and whether or not we need to make updates there. |
@mdbirnstiehl Using one of the new endpoints needs to be explicitly decided depending on the format of logs being sent. We should no longer mention the usage of the old logs endpoint as its now deprecated, users will need to send their logs to either 1 of the 2 new endpoints as there is no way of doing this automatically. |
| Once you've sent your data to the `/logs` endpoint, open the stream and use the **Partitioning** tab to organize and route the data into meaningful child streams. For example, you can partition your logs into child streams their source or type: | ||
| Once you've sent your data to a wired streams endpoint, open the stream and use the **Partitioning** tab to organize and route the data into meaningful child streams. For example, you can partition your logs into child streams their source or type: | ||
|
|
||
| - Route application logs to a `logs.myapp` child stream. |
There was a problem hiding this comment.
maybe it would be ideal if we can update the examples as well to reflect the new endpoints as we can no longer have a logs.myapp child stream
| For example, suppose you have a noisy firewall and a quiet custom application sending logs to the same stream. You don't need to retain the firewall logs for as long and they take up disk space. In this case, you can partition the stream and assign a different [{{ilm-init}} policy or retention setting](./retention.md) to each child stream: | ||
|
|
||
| ```bash | ||
| logs |
3 participants
This PR closes #5139 and updates the wired streams docs to include the new endpoints that will be going out in serverless and 9.4.