X-Pack APIs

X-Pack is an Elastic Stack extension that bundles security, alerting, monitoring, reporting, and graph capabilities into one easy-to-install package. While the X-Pack components are designed to work together seamlessly, you can easily enable or disable the features you want to use.

Info

X-Pack info provides general info about the installed X-Pack.

class elasticsearch.client.xpack.XPackClient(client)
info(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/info-api.html

Parameters:categories – Comma-separated list of info categories. Can be any of: build, license, features
usage(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/usage-api.html

Parameters:master_timeout – Specify timeout for watch write operation

Graph Explore APIs

Graph Explore API enables you to extract and summarize information about the documents and terms in your Elasticsearch index.

class elasticsearch.client.graph.GraphClient(client)
explore(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/graph-explore-api.html

Parameters:
  • index – A comma-separated list of index names to search; use _all or empty string to perform the operation on all indices
  • body – Graph Query DSL
  • doc_type – A comma-separated list of document types to search; leave empty to perform the operation on all types
  • routing – Specific routing value
  • timeout – Explicit operation timeout

Licensing APIs

Licensing API can be used to manage your licences.

class elasticsearch.client.license.LicenseClient(client)
delete(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/master/delete-license.html

get(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/master/get-license.html

Parameters:
  • accept_enterprise – If the active license is an enterprise license, return type as ‘enterprise’ (default: false)
  • local – Return local information, do not retrieve the state from master node (default: false)
get_basic_status(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/master/get-basic-status.html

get_trial_status(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/master/get-trial-status.html

post(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/master/update-license.html

Parameters:
  • body – licenses to be installed
  • acknowledge – whether the user has acknowledged acknowledge messages (default: false)
post_start_basic(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/master/start-basic.html

Parameters:acknowledge – whether the user has acknowledged acknowledge messages (default: false)
post_start_trial(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/master/start-trial.html

Parameters:
  • acknowledge – whether the user has acknowledged acknowledge messages (default: false)
  • doc_type – The type of trial license to generate (default: “trial”)

Machine Learning APIs

Machine Learning can be useful for discovering new patterns about your data. For a more detailed explanation about X-Pack’s machine learning please refer to the official documentation.

class elasticsearch.client.ml.MlClient(client)
close_job(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-close-job.html

Parameters:
  • job_id – The name of the job to close
  • body – The URL params optionally sent in the body
  • allow_no_jobs – Whether to ignore if a wildcard expression matches no jobs. (This includes _all string or when no jobs have been specified)
  • force – True if the job should be forcefully closed
  • timeout – Controls the time to wait until a job has closed. Default to 30 minutes
delete_calendar(**kwargs)
Parameters:calendar_id – The ID of the calendar to delete
delete_calendar_event(**kwargs)
Parameters:
  • calendar_id – The ID of the calendar to modify
  • event_id – The ID of the event to remove from the calendar
delete_calendar_job(**kwargs)
Parameters:
  • calendar_id – The ID of the calendar to modify
  • job_id – The ID of the job to remove from the calendar
delete_data_frame_analytics(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/delete-dfanalytics.html

Parameters:
  • id – The ID of the data frame analytics to delete
  • force – True if the job should be forcefully deleted
delete_datafeed(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-delete-datafeed.html

Parameters:
  • datafeed_id – The ID of the datafeed to delete
  • force – True if the datafeed should be forcefully deleted
delete_expired_data(**kwargs)
delete_filter(**kwargs)
Parameters:filter_id – The ID of the filter to delete
delete_forecast(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-delete-forecast.html

Parameters:
  • job_id – The ID of the job from which to delete forecasts
  • forecast_id – The ID of the forecast to delete, can be comma delimited list. Leaving blank implies _all
  • allow_no_forecasts – Whether to ignore if _all matches no forecasts
  • timeout – Controls the time to wait until the forecast(s) are deleted. Default to 30 seconds
delete_job(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-delete-job.html

Parameters:
  • job_id – The ID of the job to delete
  • force – True if the job should be forcefully deleted
  • wait_for_completion – Should this request wait until the operation has completed before returning Default: True
delete_model_snapshot(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-delete-snapshot.html

Parameters:
  • job_id – The ID of the job to fetch
  • snapshot_id – The ID of the snapshot to delete
delete_trained_model(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/delete-inference.html

Parameters:model_id – The ID of the trained model to delete
evaluate_data_frame(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/evaluate-dfanalytics.html

Parameters:body – The evaluation definition
explain_data_frame_analytics(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/explain-dfanalytics.html

Parameters:
  • body – The data frame analytics config to explain
  • id – The ID of the data frame analytics to explain
find_file_structure(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-find-file-structure.html

Parameters:
  • body – The contents of the file to be analyzed
  • charset – Optional parameter to specify the character set of the file
  • column_names – Optional parameter containing a comma separated list of the column names for a delimited file
  • delimiter – Optional parameter to specify the delimiter character for a delimited file - must be a single character
  • explain – Whether to include a commentary on how the structure was derived
  • format – Optional parameter to specify the high level file format Valid choices: ndjson, xml, delimited, semi_structured_text
  • grok_pattern – Optional parameter to specify the Grok pattern that should be used to extract fields from messages in a semi- structured text file
  • has_header_row – Optional parameter to specify whether a delimited file includes the column names in its first row
  • line_merge_size_limit – Maximum number of characters permitted in a single message when lines are merged to create messages. Default: 10000
  • lines_to_sample – How many lines of the file should be included in the analysis Default: 1000
  • quote – Optional parameter to specify the quote character for a delimited file - must be a single character
  • should_trim_fields – Optional parameter to specify whether the values between delimiters in a delimited file should have whitespace trimmed from them
  • timeout – Timeout after which the analysis will be aborted Default: 25s
  • timestamp_field – Optional parameter to specify the timestamp field in the file
  • timestamp_format – Optional parameter to specify the timestamp format in the file - may be either a Joda or Java time format
flush_job(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-flush-job.html

Parameters:
  • job_id – The name of the job to flush
  • body – Flush parameters
  • advance_time – Advances time to the given value generating results and updating the model for the advanced interval
  • calc_interim – Calculates interim results for the most recent bucket or all buckets within the latency period
  • end – When used in conjunction with calc_interim, specifies the range of buckets on which to calculate interim results
  • skip_time – Skips time to the given value without generating results or updating the model for the skipped interval
  • start – When used in conjunction with calc_interim, specifies the range of buckets on which to calculate interim results
forecast(**kwargs)
Parameters:
  • job_id – The ID of the job to forecast for
  • duration – The duration of the forecast
  • expires_in – The time interval after which the forecast expires. Expired forecasts will be deleted at the first opportunity.
get_buckets(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-get-bucket.html

Parameters:
  • job_id – ID of the job to get bucket results from
  • body – Bucket selection details if not provided in URI
  • timestamp – The timestamp of the desired single bucket result
  • anomaly_score – Filter for the most anomalous buckets
  • desc – Set the sort direction
  • end – End time filter for buckets
  • exclude_interim – Exclude interim results
  • expand – Include anomaly records
  • from – skips a number of buckets
  • size – specifies a max number of buckets to get
  • sort – Sort buckets by a particular field
  • start – Start time filter for buckets
get_calendar_events(**kwargs)
Parameters:
  • calendar_id – The ID of the calendar containing the events
  • end – Get events before this time
  • from – Skips a number of events
  • job_id – Get events for the job. When this option is used calendar_id must be ‘_all’
  • size – Specifies a max number of events to get
  • start – Get events after this time
get_calendars(**kwargs)
Parameters:
  • body – The from and size parameters optionally sent in the body
  • calendar_id – The ID of the calendar to fetch
  • from – skips a number of calendars
  • size – specifies a max number of calendars to get
get_categories(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-get-category.html

Parameters:
  • job_id – The name of the job
  • body – Category selection details if not provided in URI
  • category_id – The identifier of the category definition of interest
  • from – skips a number of categories
  • size – specifies a max number of categories to get
get_data_frame_analytics(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/get-dfanalytics.html

Parameters:
  • id – The ID of the data frame analytics to fetch
  • allow_no_match – Whether to ignore if a wildcard expression matches no data frame analytics. (This includes _all string or when no data frame analytics have been specified) Default: True
  • from – skips a number of analytics
  • size – specifies a max number of analytics to get Default: 100
get_data_frame_analytics_stats(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/get-dfanalytics-stats.html

Parameters:
  • id – The ID of the data frame analytics stats to fetch
  • allow_no_match – Whether to ignore if a wildcard expression matches no data frame analytics. (This includes _all string or when no data frame analytics have been specified) Default: True
  • from – skips a number of analytics
  • size – specifies a max number of analytics to get Default: 100
get_datafeed_stats(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-get-datafeed-stats.html

Parameters:
  • datafeed_id – The ID of the datafeeds stats to fetch
  • allow_no_datafeeds – Whether to ignore if a wildcard expression matches no datafeeds. (This includes _all string or when no datafeeds have been specified)
get_datafeeds(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-get-datafeed.html

Parameters:
  • datafeed_id – The ID of the datafeeds to fetch
  • allow_no_datafeeds – Whether to ignore if a wildcard expression matches no datafeeds. (This includes _all string or when no datafeeds have been specified)
get_filters(**kwargs)
Parameters:
  • filter_id – The ID of the filter to fetch
  • from – skips a number of filters
  • size – specifies a max number of filters to get
get_influencers(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-get-influencer.html

Parameters:
  • job_id
  • body – Influencer selection criteria
  • desc – whether the results should be sorted in decending order
  • end – end timestamp for the requested influencers
  • exclude_interim – Exclude interim results
  • from – skips a number of influencers
  • influencer_score – influencer score threshold for the requested influencers
  • size – specifies a max number of influencers to get
  • sort – sort field for the requested influencers
  • start – start timestamp for the requested influencers
get_job_stats(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-get-job-stats.html

Parameters:
  • job_id – The ID of the jobs stats to fetch
  • allow_no_jobs – Whether to ignore if a wildcard expression matches no jobs. (This includes _all string or when no jobs have been specified)
get_jobs(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-get-job.html

Parameters:
  • job_id – The ID of the jobs to fetch
  • allow_no_jobs – Whether to ignore if a wildcard expression matches no jobs. (This includes _all string or when no jobs have been specified)
get_model_snapshots(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-get-snapshot.html

Parameters:
  • job_id – The ID of the job to fetch
  • body – Model snapshot selection criteria
  • snapshot_id – The ID of the snapshot to fetch
  • desc – True if the results should be sorted in descending order
  • end – The filter ‘end’ query parameter
  • from – Skips a number of documents
  • size – The default number of documents returned in queries as a string.
  • sort – Name of the field to sort on
  • start – The filter ‘start’ query parameter
get_overall_buckets(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-get-overall-buckets.html

Parameters:
  • job_id – The job IDs for which to calculate overall bucket results
  • body – Overall bucket selection details if not provided in URI
  • allow_no_jobs – Whether to ignore if a wildcard expression matches no jobs. (This includes _all string or when no jobs have been specified)
  • bucket_span – The span of the overall buckets. Defaults to the longest job bucket_span
  • end – Returns overall buckets with timestamps earlier than this time
  • exclude_interim – If true overall buckets that include interim buckets will be excluded
  • overall_score – Returns overall buckets with overall scores higher than this value
  • start – Returns overall buckets with timestamps after this time
  • top_n – The number of top job bucket scores to be used in the overall_score calculation
get_records(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-get-record.html

Parameters:
  • job_id
  • body – Record selection criteria
  • desc – Set the sort direction
  • end – End time filter for records
  • exclude_interim – Exclude interim results
  • from – skips a number of records
  • record_score
  • size – specifies a max number of records to get
  • sort – Sort records by a particular field
  • start – Start time filter for records
get_trained_models(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/get-inference.html

Parameters:
  • model_id – The ID of the trained models to fetch
  • allow_no_match – Whether to ignore if a wildcard expression matches no trained models. (This includes _all string or when no trained models have been specified) Default: True
  • decompress_definition – Should the model definition be decompressed into valid JSON or returned in a custom compressed format. Defaults to true. Default: True
  • from – skips a number of trained models
  • include_model_definition – Should the full model definition be included in the results. These definitions can be large. So be cautious when including them. Defaults to false.
  • size – specifies a max number of trained models to get Default: 100
get_trained_models_stats(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/get-inference-stats.html

Parameters:
  • model_id – The ID of the trained models stats to fetch
  • allow_no_match – Whether to ignore if a wildcard expression matches no trained models. (This includes _all string or when no trained models have been specified) Default: True
  • from – skips a number of trained models
  • size – specifies a max number of trained models to get Default: 100
info(**kwargs)
open_job(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-open-job.html

Parameters:job_id – The ID of the job to open
post_calendar_events(**kwargs)
Parameters:
  • calendar_id – The ID of the calendar to modify
  • body – A list of events
post_data(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-post-data.html

Parameters:
  • job_id – The name of the job receiving the data
  • body – The data to process
  • reset_end – Optional parameter to specify the end of the bucket resetting range
  • reset_start – Optional parameter to specify the start of the bucket resetting range
preview_datafeed(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-preview-datafeed.html

Parameters:datafeed_id – The ID of the datafeed to preview
put_calendar(**kwargs)
Parameters:
  • calendar_id – The ID of the calendar to create
  • body – The calendar details
put_calendar_job(**kwargs)
Parameters:
  • calendar_id – The ID of the calendar to modify
  • job_id – The ID of the job to add to the calendar
put_data_frame_analytics(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/put-dfanalytics.html

Parameters:
  • id – The ID of the data frame analytics to create
  • body – The data frame analytics configuration
put_datafeed(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-put-datafeed.html

Parameters:
  • datafeed_id – The ID of the datafeed to create
  • body – The datafeed config
put_filter(**kwargs)
Parameters:
  • filter_id – The ID of the filter to create
  • body – The filter details
put_job(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-put-job.html

Parameters:
  • job_id – The ID of the job to create
  • body – The job
put_trained_model(**kwargs)
Parameters:
  • model_id – The ID of the trained models to store
  • body – The trained model configuration
revert_model_snapshot(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-revert-snapshot.html

Parameters:
  • job_id – The ID of the job to fetch
  • snapshot_id – The ID of the snapshot to revert to
  • body – Reversion options
  • delete_intervening_results – Should we reset the results back to the time of the snapshot?
set_upgrade_mode(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-set-upgrade-mode.html

Parameters:
  • enabled – Whether to enable upgrade_mode ML setting or not. Defaults to false.
  • timeout – Controls the time to wait before action times out. Defaults to 30 seconds
start_data_frame_analytics(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/start-dfanalytics.html

Parameters:
  • id – The ID of the data frame analytics to start
  • body – The start data frame analytics parameters
  • timeout – Controls the time to wait until the task has started. Defaults to 20 seconds
start_datafeed(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-start-datafeed.html

Parameters:
  • datafeed_id – The ID of the datafeed to start
  • body – The start datafeed parameters
  • end – The end time when the datafeed should stop. When not set, the datafeed continues in real time
  • start – The start time from where the datafeed should begin
  • timeout – Controls the time to wait until a datafeed has started. Default to 20 seconds
stop_data_frame_analytics(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/stop-dfanalytics.html

Parameters:
  • id – The ID of the data frame analytics to stop
  • body – The stop data frame analytics parameters
  • allow_no_match – Whether to ignore if a wildcard expression matches no data frame analytics. (This includes _all string or when no data frame analytics have been specified)
  • force – True if the data frame analytics should be forcefully stopped
  • timeout – Controls the time to wait until the task has stopped. Defaults to 20 seconds
stop_datafeed(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-stop-datafeed.html

Parameters:
  • datafeed_id – The ID of the datafeed to stop
  • allow_no_datafeeds – Whether to ignore if a wildcard expression matches no datafeeds. (This includes _all string or when no datafeeds have been specified)
  • force – True if the datafeed should be forcefully stopped.
  • timeout – Controls the time to wait until a datafeed has stopped. Default to 20 seconds
update_datafeed(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-update-datafeed.html

Parameters:
  • datafeed_id – The ID of the datafeed to update
  • body – The datafeed update settings
update_filter(**kwargs)
Parameters:
  • filter_id – The ID of the filter to update
  • body – The filter update
update_job(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-update-job.html

Parameters:
  • job_id – The ID of the job to create
  • body – The job update settings
update_model_snapshot(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ml-update-snapshot.html

Parameters:
  • job_id – The ID of the job to fetch
  • snapshot_id – The ID of the snapshot to update
  • body – The model snapshot properties to update
validate(**kwargs)
Parameters:body – The job config
validate_detector(**kwargs)
Parameters:body – The detector

Security APIs

Security API can be used to help secure your Elasticsearch cluster. Integrating with LDAP and Active Directory.

class elasticsearch.client.security.SecurityClient(client)
authenticate(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-authenticate.html

change_password(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-change-password.html

Parameters:
  • body – the new password for the user
  • username – The username of the user to change the password for
  • refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
clear_cached_realms(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-cache.html

Parameters:
  • realms – Comma-separated list of realms to clear
  • usernames – Comma-separated list of usernames to clear from the cache
clear_cached_roles(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-role-cache.html

Parameters:name – Role name
create_api_key(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-create-api-key.html

Parameters:
  • body – The api key request to create an API key
  • refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
delete_privileges(**kwargs)
Parameters:
  • application – Application name
  • name – Privilege name
  • refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
delete_role(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-delete-role.html

Parameters:
  • name – Role name
  • refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
delete_role_mapping(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-delete-role-mapping.html

Parameters:
  • name – Role-mapping name
  • refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
delete_user(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-delete-user.html

Parameters:
  • username – username
  • refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
disable_user(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-disable-user.html

Parameters:
  • username – The username of the user to disable
  • refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
enable_user(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-enable-user.html

Parameters:
  • username – The username of the user to enable
  • refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
get_api_key(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-api-key.html

Parameters:
  • id – API key id of the API key to be retrieved
  • name – API key name of the API key to be retrieved
  • owner – flag to query API keys owned by the currently authenticated user
  • realm_name – realm name of the user who created this API key to be retrieved
  • username – user name of the user who created this API key to be retrieved
get_builtin_privileges(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-builtin-privileges.html

get_privileges(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-privileges.html

Parameters:
  • application – Application name
  • name – Privilege name
get_role(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-role.html

Parameters:name – Role name
get_role_mapping(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-role-mapping.html

Parameters:name – Role-Mapping name
get_token(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-token.html

Parameters:body – The token request to get
get_user(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-user.html

Parameters:username – A comma-separated list of usernames
get_user_privileges(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-privileges.html

has_privileges(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-has-privileges.html

Parameters:
  • body – The privileges to test
  • user – Username
invalidate_api_key(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-invalidate-api-key.html

Parameters:body – The api key request to invalidate API key(s)
invalidate_token(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-invalidate-token.html

Parameters:body – The token to invalidate
put_privileges(**kwargs)
Parameters:
  • body – The privilege(s) to add
  • refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
put_role(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-role.html

Parameters:
  • name – Role name
  • body – The role to add
  • refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
put_role_mapping(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-role-mapping.html

Parameters:
  • name – Role-mapping name
  • body – The role mapping to add
  • refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for
put_user(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-user.html

Parameters:
  • username – The username of the User
  • body – The user to add
  • refresh – If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes. Valid choices: true, false, wait_for

Watcher APIs

Watcher API can be used to notify you when certain pre-defined thresholds have happened.

class elasticsearch.client.watcher.WatcherClient(client)
ack_watch(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/watcher-api-ack-watch.html

Parameters:
  • watch_id – Watch ID
  • action_id – A comma-separated list of the action ids to be acked
activate_watch(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/watcher-api-activate-watch.html

Parameters:watch_id – Watch ID
deactivate_watch(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/watcher-api-deactivate-watch.html

Parameters:watch_id – Watch ID
delete_watch(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/watcher-api-delete-watch.html

Parameters:id – Watch ID
execute_watch(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/watcher-api-execute-watch.html

Parameters:
  • body – Execution control
  • id – Watch ID
  • debug – indicates whether the watch should execute in debug mode
get_watch(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/watcher-api-get-watch.html

Parameters:id – Watch ID
put_watch(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/watcher-api-put-watch.html

Parameters:
  • id – Watch ID
  • body – The watch
  • active – Specify whether the watch is in/active by default
  • if_primary_term – only update the watch if the last operation that has changed the watch has the specified primary term
  • if_seq_no – only update the watch if the last operation that has changed the watch has the specified sequence number
  • version – Explicit version number for concurrency control
start(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/watcher-api-start.html

stats(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/watcher-api-stats.html

Parameters:
  • metric – Controls what additional stat metrics should be include in the response Valid choices: _all, queued_watches, current_watches, pending_watches
  • emit_stacktraces – Emits stack traces of currently running watches
  • metric – Controls what additional stat metrics should be include in the response Valid choices: _all, queued_watches, current_watches, pending_watches
stop(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/watcher-api-stop.html

Migration APIs

Migration API helps simplify upgrading X-Pack indices from one version to another.

class elasticsearch.client.migration.MigrationClient(client)
deprecations(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/migration-api-deprecation.html

Parameters:index – Index pattern

Enrich APIs

Enrich API can be used to add data from your existing indices to incoming documents during ingest.

class elasticsearch.client.enrich.EnrichClient(client)
delete_policy(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/enrich-delete-policy.html

Parameters:name – The name of the enrich policy
execute_policy(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/enrich-execute-policy.html

Parameters:
  • name – The name of the enrich policy
  • wait_for_completion – Should the request should block until the execution is complete. Default: True
get_policy(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/enrich-get-policy.html

Parameters:name – A comma-separated list of enrich policy names
put_policy(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/enrich-put-policy.html

Parameters:
  • name – The name of the enrich policy
  • body – The enrich policy to register
stats(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/enrich-stats.html

SQL APIs

The SQL REST API accepts SQL in a JSON document, executes it, and returns the results.

class elasticsearch.client.sql.SqlClient(client)
clear_cursor(**kwargs)
Parameters:body – Specify the cursor value in the cursor element to clean the cursor.
query(**kwargs)
Parameters:
  • body – Use the query element to start a query. Use the cursor element to continue a query.
  • format – a short version of the Accept header, e.g. json, yaml
translate(**kwargs)
Parameters:body – Specify the query in the query element.

Cross-Cluster Replication APIs

Cross-Cluster Replication API used to perform cross-cluster replication operations.

class elasticsearch.client.ccr.CcrClient(client)
delete_auto_follow_pattern(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ccr-delete-auto-follow-pattern.html

Parameters:name – The name of the auto follow pattern.
follow(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ccr-put-follow.html

Parameters:
  • index – The name of the follower index
  • body – The name of the leader index and other optional ccr related parameters
  • wait_for_active_shards – Sets the number of shard copies that must be active before returning. Defaults to 0. Set to all for all shard copies, otherwise set to any non-negative value less than or equal to the total number of copies for the shard (number of replicas + 1) Default: 0
follow_info(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ccr-get-follow-info.html

Parameters:index – A comma-separated list of index patterns; use _all to perform the operation on all indices
follow_stats(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ccr-get-follow-stats.html

Parameters:index – A comma-separated list of index patterns; use _all to perform the operation on all indices
forget_follower(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current

Parameters:
  • index – the name of the leader index for which specified follower retention leases should be removed
  • body – the name and UUID of the follower index, the name of the cluster containing the follower index, and the alias from the perspective of that cluster for the remote cluster containing the leader index
get_auto_follow_pattern(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ccr-get-auto-follow-pattern.html

Parameters:name – The name of the auto follow pattern.
pause_auto_follow_pattern(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ccr-pause-auto-follow-pattern.html

Parameters:name – The name of the auto follow pattern that should pause discovering new indices to follow.
pause_follow(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ccr-post-pause-follow.html

Parameters:index – The name of the follower index that should pause following its leader index.
put_auto_follow_pattern(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ccr-put-auto-follow-pattern.html

Parameters:
  • name – The name of the auto follow pattern.
  • body – The specification of the auto follow pattern
resume_auto_follow_pattern(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ccr-resume-auto-follow-pattern.html

Parameters:name – The name of the auto follow pattern to resume discovering new indices to follow.
resume_follow(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ccr-post-resume-follow.html

Parameters:
  • index – The name of the follow index to resume following.
  • body – The name of the leader index and other optional ccr related parameters
stats(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ccr-get-stats.html

unfollow(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current

Parameters:index – The name of the follower index that should be turned into a regular index.

Monitoring APIs

Monitoring API used to collect data from the Elasticsearch nodes, Logstash nodes, Kibana instances, and Beats in your cluster.

class elasticsearch.client.monitoring.MonitoringClient(client)
bulk(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/master/monitor-elasticsearch-cluster.html

Parameters:
  • body – The operation definition and data (action-data pairs), separated by newlines
  • doc_type – Default document type for items which don’t provide one
  • interval – Collection interval (e.g., ’10s’ or ‘10000ms’) of the payload
  • system_api_version – API Version of the monitored system
  • system_id – Identifier of the monitored system

Rollup APIs

Rollup API enables searching through rolled-up data using the standard query DSL.

class elasticsearch.client.rollup.RollupClient(client)
delete_job(**kwargs)
Parameters:id – The ID of the job to delete
get_jobs(**kwargs)
Parameters:id – The ID of the job(s) to fetch. Accepts glob patterns, or left blank for all jobs
get_rollup_caps(**kwargs)
Parameters:id – The ID of the index to check rollup capabilities on, or left blank for all jobs
get_rollup_index_caps(**kwargs)
Parameters:index – The rollup index or index pattern to obtain rollup capabilities from.
put_job(**kwargs)
Parameters:
  • id – The ID of the job to create
  • body – The job configuration
Parameters:
  • index – The indices or index-pattern(s) (containing rollup or regular data) that should be searched
  • body – The search request body
  • doc_type – The doc type inside the index
  • rest_total_hits_as_int – Indicates whether hits.total should be rendered as an integer or an object in the rest search response
  • typed_keys – Specify whether aggregation and suggester names should be prefixed by their respective types in the response
start_job(**kwargs)
Parameters:id – The ID of the job to start
stop_job(**kwargs)
Parameters:
  • id – The ID of the job to stop
  • timeout – Block for (at maximum) the specified duration while waiting for the job to stop. Defaults to 30s.
  • wait_for_completion – True if the API should block until the job has fully stopped, false if should be executed async. Defaults to false.

Snapshot Lifecycle Management APIs

Snapshot Lifecycle Management API can be used to set up policies to automatically take snapshots and control how long they are retained.

class elasticsearch.client.slm.SlmClient(client)
delete_lifecycle(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/slm-api-delete-policy.html

Parameters:policy_id – The id of the snapshot lifecycle policy to remove
execute_lifecycle(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/slm-api-execute-lifecycle.html

Parameters:policy_id – The id of the snapshot lifecycle policy to be executed
execute_retention(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/slm-api-execute-retention.html

get_lifecycle(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/slm-api-get-policy.html

Parameters:policy_id – Comma-separated list of snapshot lifecycle policies to retrieve
get_stats(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/master/slm-api-get-stats.html

get_status(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/slm-api-get-status.html

put_lifecycle(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/slm-api-put-policy.html

Parameters:
  • policy_id – The id of the snapshot lifecycle policy
  • body – The snapshot lifecycle policy definition to register
start(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/slm-api-start.html

stop(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/slm-api-stop.html

Index Lifecycle Management APIs

Index Lifecycle Management API used to set up policies to automatically manage the index lifecycle.

class elasticsearch.client.ilm.IlmClient(client)
delete_lifecycle(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ilm-delete-lifecycle.html

Parameters:policy – The name of the index lifecycle policy
explain_lifecycle(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ilm-explain-lifecycle.html

Parameters:
  • index – The name of the index to explain
  • only_errors – filters the indices included in the response to ones in an ILM error state, implies only_managed
  • only_managed – filters the indices included in the response to ones managed by ILM
get_lifecycle(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ilm-get-lifecycle.html

Parameters:policy – The name of the index lifecycle policy
get_status(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ilm-get-status.html

move_to_step(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ilm-move-to-step.html

Parameters:
  • index – The name of the index whose lifecycle step is to change
  • body – The new lifecycle step to move to
put_lifecycle(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ilm-put-lifecycle.html

Parameters:
  • policy – The name of the index lifecycle policy
  • body – The lifecycle policy definition to register
remove_policy(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ilm-remove-policy.html

Parameters:index – The name of the index to remove policy on
retry(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ilm-retry-policy.html

Parameters:index – The name of the indices (comma-separated) whose failed lifecycle step is to be retry
start(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ilm-start.html

stop(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/ilm-stop.html

Transform APIs

Transform API manages transformation operations from grabbing data from source indices, transforms it, and saves it to a destination index.

class elasticsearch.client.transform.TransformClient(client)
delete_transform(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/delete-transform.html

Parameters:
  • transform_id – The id of the transform to delete
  • force – When true, the transform is deleted regardless of its current state. The default value is false, meaning that the transform must be stopped before it can be deleted.
get_transform(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/get-transform.html

Parameters:
  • transform_id – The id or comma delimited list of id expressions of the transforms to get, ‘_all’ or ‘*’ implies get all transforms
  • allow_no_match – Whether to ignore if a wildcard expression matches no transforms. (This includes _all string or when no transforms have been specified)
  • from – skips a number of transform configs, defaults to 0
  • size – specifies a max number of transforms to get, defaults to 100
get_transform_stats(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/get-transform-stats.html

Parameters:
  • transform_id – The id of the transform for which to get stats. ‘_all’ or ‘*’ implies all transforms
  • allow_no_match – Whether to ignore if a wildcard expression matches no transforms. (This includes _all string or when no transforms have been specified)
  • from – skips a number of transform stats, defaults to 0
  • size – specifies a max number of transform stats to get, defaults to 100
preview_transform(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/preview-transform.html

Parameters:body – The definition for the transform to preview
put_transform(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/put-transform.html

Parameters:
  • transform_id – The id of the new transform.
  • body – The transform definition
  • defer_validation – If validations should be deferred until transform starts, defaults to false.
start_transform(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/start-transform.html

Parameters:
  • transform_id – The id of the transform to start
  • timeout – Controls the time to wait for the transform to start
stop_transform(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/stop-transform.html

Parameters:
  • transform_id – The id of the transform to stop
  • allow_no_match – Whether to ignore if a wildcard expression matches no transforms. (This includes _all string or when no transforms have been specified)
  • force – Whether to force stop a failed transform or not. Default to false
  • timeout – Controls the time to wait until the transform has stopped. Default to 30 seconds
  • wait_for_checkpoint – Whether to wait for the transform to reach a checkpoint before stopping. Default to false
  • wait_for_completion – Whether to wait for the transform to fully stop before returning or not. Default to false
update_transform(**kwargs)

https://www.elastic.co/guide/en/elasticsearch/reference/current/update-transform.html

Parameters:
  • transform_id – The id of the transform.
  • body – The update transform definition
  • defer_validation – If validations should be deferred until transform starts, defaults to false.

Deprecation APIs

Deprecation API used to retrieve information about different cluster, node, and index level settings that use deprecated features that will be removed or changed in the next major version.

class elasticsearch.client.deprecation.DeprecationClient(client)
info(**kwargs)

http://www.elastic.co/guide/en/migration/current/migration-api-deprecation.html

Parameters:index – Index pattern