IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.
« Get async EQL search API Count API »
Elastic Docs Elasticsearch Guide [7.10] REST APIs Search APIs

Delete async EQL search API

edit

Delete async EQL search API

edit

This functionality is in beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features.

Deletes an async EQL search or a stored synchronous EQL search. The API also deletes results for the search.

DELETE /_eql/search/FkpMRkJGS1gzVDRlM3g4ZzMyRGlLbkEaTXlJZHdNT09TU2VTZVBoNDM3cFZMUToxMDM=

Request

edit

DELETE /_eql/search/<search_id>

Prerequisites

edit
  • If the Elasticsearch security features are enabled, only the user who first submitted the EQL search can delete the search using this API.
  • See Required fields.

Limitations

edit

See EQL limitations.

Path parameters

edit
<search_id>

(Required, string) Identifier for the search to delete.

A search ID is provided in the EQL search API's response for an async search. A search ID is also provided if the request’s keep_on_completion parameter is true.

« Get async EQL search API Count API »