feat: ESQL query validation against Elastic cluster (#4955)
* Add remote ESQL validation --------- Co-authored-by: Eric Forte <119343520+eric-forte-elastic@users.noreply.github.com> Co-authored-by: eric-forte-elastic <eric.forte@elastic.co> Co-authored-by: Mika Ayenson <mika.ayenson@elastic.co> Co-authored-by: Mika Ayenson, PhD <Mikaayenson@users.noreply.github.com>
This commit is contained in:
Sergey Polzunov
@@ -49,6 +49,10 @@ Using the environment variable `DR_BYPASS_TIMELINE_TEMPLATE_VALIDATION` will byp
|
||||
Using the environment variable `DR_CLI_MAX_WIDTH` will set a custom max width for the click CLI.
|
||||
For instance, some users may want to increase the default value in cases where help messages are cut off.
|
||||
|
||||
Using the environment variable `DR_REMOTE_ESQL_VALIDATION` will enable remote ESQL validation for rules that use ESQL queries. This validation will be performed whenever the rule is loaded including for example the view-rule command. This requires the appropriate kibana_url or cloud_id, api_key, and es_url to be set in the config file or as environment variables.
|
||||
|
||||
Using the environment variable `DR_SKIP_EMPTY_INDEX_CLEANUP` will disable the cleanup of remote testing indexes that are created as part of the remote ESQL validation. By default, these indexes are deleted after the validation is complete, or upon validation error.
|
||||
|
||||
## Importing rules into the repo
|
||||
|
||||
You can import rules into the repo using the `create-rule` or `import-rules-to-repo` commands. Both of these commands will
|
||||
|
||||
Reference in New Issue
Block a user