Specialized Elasticsearch features including snapshots, data transforms, watchers, cross-cluster replication, lifecycle management, and observability tools for enterprise-grade data management.
Create and manage snapshots for data backup and recovery.
/**
* Create snapshot
* @param params - Snapshot creation parameters
* @returns Promise with snapshot creation result
*/
function create(params: {
/** Repository name */
repository: Name;
/** Snapshot name */
snapshot: Name;
/** Indices to snapshot */
indices?: Indices;
/** Ignore unavailable indices */
ignore_unavailable?: boolean;
/** Include global state */
include_global_state?: boolean;
/** Partial snapshots allowed */
partial?: boolean;
/** Wait for completion */
wait_for_completion?: boolean;
/** Master node timeout */
master_timeout?: Duration;
/** Feature states to include */
feature_states?: string[];
/** Metadata */
metadata?: Record<string, any>;
}): Promise<TransportResult<SnapshotCreateResponse, unknown>>;
/**
* Restore snapshot
* @param params - Snapshot restore parameters
* @returns Promise with restore result
*/
function restore(params: {
/** Repository name */
repository: Name;
/** Snapshot name */
snapshot: Name;
/** Indices to restore */
indices?: Indices;
/** Ignore unavailable indices */
ignore_unavailable?: boolean;
/** Include global state */
include_global_state?: boolean;
/** Partial restore allowed */
partial?: boolean;
/** Rename pattern */
rename_pattern?: string;
/** Rename replacement */
rename_replacement?: string;
/** Include aliases */
include_aliases?: boolean;
/** Index settings */
index_settings?: IndicesIndexSettings;
/** Ignore index settings */
ignore_index_settings?: string[];
/** Wait for completion */
wait_for_completion?: boolean;
/** Master node timeout */
master_timeout?: Duration;
/** Feature states */
feature_states?: string[];
}): Promise<TransportResult<SnapshotRestoreResponse, unknown>>;
/**
* Get snapshot information
* @param params - Snapshot retrieval parameters
* @returns Promise with snapshot information
*/
function get(params: {
/** Repository name */
repository: Name;
/** Snapshot name or pattern */
snapshot: Names;
/** Master node timeout */
master_timeout?: Duration;
/** Ignore unavailable snapshots */
ignore_unavailable?: boolean;
/** Include repository info */
include_repository?: boolean;
/** Index details */
index_details?: boolean;
/** Index names */
index_names?: boolean;
/** Verbose output */
verbose?: boolean;
/** Human readable */
human?: boolean;
/** Sort field */
sort?: SnapshotSort;
/** Size limit */
size?: number;
/** Order */
order?: SortOrder;
/** From offset */
from_sort_value?: string;
/** After */
after?: string;
/** Offset */
offset?: number;
/** SLM policy filter */
slm_policy_filter?: string;
}): Promise<TransportResult<SnapshotGetResponse, unknown>>;
/**
* Delete snapshot
* @param params - Snapshot deletion parameters
* @returns Promise with deletion result
*/
function delete(params: {
/** Repository name */
repository: Name;
/** Snapshot name */
snapshot: Name;
/** Master node timeout */
master_timeout?: Duration;
}): Promise<TransportResult<SnapshotDeleteResponse, unknown>>;
type SnapshotSort = 'start_time' | 'duration' | 'name' | 'repository' | 'index_count' | 'shard_count' | 'failed_shard_count';
type SortOrder = 'asc' | 'desc';Usage Examples:
// Create repository first
await client.snapshot.createRepository({
repository: "backup-repo",
type: "fs",
settings: {
location: "/mount/backups/elasticsearch",
compress: true
}
});
// Create snapshot
await client.snapshot.create({
repository: "backup-repo",
snapshot: "daily-backup-2024-01-15",
indices: ["important-data-*", "logs-2024-*"],
include_global_state: true,
metadata: {
taken_by: "automated_backup",
taken_because: "daily_backup"
},
wait_for_completion: false
});
// Get snapshot status
const snapshot = await client.snapshot.get({
repository: "backup-repo",
snapshot: "daily-backup-2024-01-15"
});
// Restore from snapshot
await client.snapshot.restore({
repository: "backup-repo",
snapshot: "daily-backup-2024-01-15",
indices: ["important-data-*"],
rename_pattern: "(.+)",
rename_replacement: "restored-$1",
include_global_state: false
});Create and manage data transformation jobs for aggregating and pivoting data.
/**
* Create transform
* @param params - Transform creation parameters
* @returns Promise with transform creation result
*/
function putTransform(params: {
/** Transform identifier */
transform_id: Id;
/** Source configuration */
source: TransformSource;
/** Destination configuration */
dest: TransformDestination;
/** Pivot configuration */
pivot?: TransformPivot;
/** Latest configuration */
latest?: TransformLatest;
/** Transform description */
description?: string;
/** Frequency */
frequency?: Duration;
/** Sync configuration */
sync?: TransformSyncContainer;
/** Retention policy */
retention_policy?: TransformRetentionPolicy;
/** Settings */
settings?: TransformSettings;
/** Metadata */
_meta?: Record<string, any>;
/** Defer validation */
defer_validation?: boolean;
/** Request timeout */
timeout?: Duration;
}): Promise<TransportResult<TransformPutTransformResponse, unknown>>;
/**
* Start transform
* @param params - Transform start parameters
* @returns Promise with start result
*/
function startTransform(params: {
/** Transform identifier */
transform_id: Id;
/** From time */
from?: string;
/** Request timeout */
timeout?: Duration;
}): Promise<TransportResult<TransformStartTransformResponse, unknown>>;
/**
* Stop transform
* @param params - Transform stop parameters
* @returns Promise with stop result
*/
function stopTransform(params: {
/** Transform identifier */
transform_id: Id;
/** Force stop */
force?: boolean;
/** Wait for completion */
wait_for_completion?: boolean;
/** Allow no match */
allow_no_match?: boolean;
/** Wait for checkpoint */
wait_for_checkpoint?: boolean;
/** Request timeout */
timeout?: Duration;
}): Promise<TransportResult<TransformStopTransformResponse, unknown>>;
interface TransformSource {
/** Source index */
index: Indices;
/** Source query */
query?: QueryDslQueryContainer;
/** Sort configuration */
sort?: SortCombinations[];
/** Runtime mappings */
runtime_mappings?: MappingRuntimeFields;
/** Source filtering */
_source?: SearchSourceConfig;
}
interface TransformDestination {
/** Destination index */
index: IndexName;
/** Destination pipeline */
pipeline?: string;
}
interface TransformPivot {
/** Group by configuration */
group_by: Record<string, TransformPivotGroupBy>;
/** Aggregations */
aggregations: Record<string, AggregationsAggregationContainer>;
/** Max page search size */
max_page_search_size?: number;
}
interface TransformPivotGroupBy {
/** Terms grouping */
terms?: TransformTermsGroupBy;
/** Histogram grouping */
histogram?: TransformHistogramGroupBy;
/** Date histogram grouping */
date_histogram?: TransformDateHistogramGroupBy;
/** Geotile grid grouping */
geotile_grid?: TransformGeoTileGridGroupBy;
}Usage Examples:
// Create sales aggregation transform
await client.transform.putTransform({
transform_id: "daily-sales-summary",
source: {
index: ["sales-*"],
query: {
range: {
timestamp: {
gte: "now-90d"
}
}
}
},
dest: {
index: "daily-sales-summary"
},
pivot: {
group_by: {
date: {
date_histogram: {
field: "timestamp",
calendar_interval: "1d",
time_zone: "UTC"
}
},
product_category: {
terms: {
field: "product.category.keyword"
}
}
},
aggregations: {
total_sales: {
sum: {
field: "amount"
}
},
avg_order_value: {
avg: {
field: "amount"
}
},
order_count: {
value_count: {
field: "order_id"
}
}
}
},
frequency: "1h",
sync: {
time: {
field: "timestamp",
delay: "60s"
}
},
description: "Daily sales summary by product category"
});
// Start the transform
await client.transform.startTransform({
transform_id: "daily-sales-summary"
});Create and manage alerting and notification rules.
/**
* Put watch
* @param params - Watch creation parameters
* @returns Promise with watch creation result
*/
function putWatch(params: {
/** Watch identifier */
id: Id;
/** Watch trigger */
trigger?: WatcherTriggerContainer;
/** Watch input */
input?: WatcherInputContainer;
/** Watch condition */
condition?: WatcherConditionContainer;
/** Watch actions */
actions?: Record<string, WatcherActionContainer>;
/** Watch metadata */
metadata?: Record<string, any>;
/** Transform */
transform?: WatcherTransformContainer;
/** Throttle period */
throttle_period?: Duration;
/** Throttle period in millis */
throttle_period_in_millis?: number;
/** Active flag */
active?: boolean;
/** If sequence number */
if_seq_no?: SequenceNumber;
/** If primary term */
if_primary_term?: number;
/** Version */
version?: VersionNumber;
}): Promise<TransportResult<WatcherPutWatchResponse, unknown>>;
/**
* Execute watch
* @param params - Watch execution parameters
* @returns Promise with execution result
*/
function executeWatch(params?: {
/** Watch identifier */
id?: Id;
/** Debug flag */
debug?: boolean;
/** Watch definition */
watch?: WatcherWatch;
/** Action modes */
action_modes?: Record<string, WatcherActionExecutionMode>;
/** Alternative input */
alternative_input?: Record<string, any>;
/** Ignore condition */
ignore_condition?: boolean;
/** Record execution */
record_execution?: boolean;
/** Simulated actions */
simulated_actions?: WatcherSimulatedActions;
/** Trigger event */
trigger_event?: WatcherScheduleTriggerEvent;
}): Promise<TransportResult<WatcherExecuteWatchResponse, unknown>>;
interface WatcherTriggerContainer {
schedule?: WatcherScheduleContainer;
}
interface WatcherInputContainer {
simple?: Record<string, any>;
search?: WatcherSearchInput;
http?: WatcherHttpInput;
chain?: WatcherChainInput;
}
interface WatcherConditionContainer {
always?: Record<string, never>;
never?: Record<string, never>;
compare?: WatcherCompareCondition;
array_compare?: WatcherArrayCompareCondition;
script?: WatcherScriptCondition;
}
interface WatcherActionContainer {
email?: WatcherEmailAction;
webhook?: WatcherWebhookAction;
index?: WatcherIndexAction;
logging?: WatcherLoggingAction;
slack?: WatcherSlackAction;
pagerduty?: WatcherPagerDutyAction;
}
type WatcherActionExecutionMode = 'simulate' | 'force_simulate' | 'execute' | 'force_execute' | 'skip';Usage Examples:
// Create error monitoring watch
await client.watcher.putWatch({
id: "error-rate-monitor",
trigger: {
schedule: {
interval: "5m"
}
},
input: {
search: {
request: {
search_type: "query_then_fetch",
indices: ["logs-*"],
body: {
query: {
bool: {
filter: [
{ range: { "@timestamp": { gte: "now-5m" } } },
{ term: { "level": "ERROR" } }
]
}
},
aggs: {
error_count: {
cardinality: {
field: "message.keyword"
}
}
}
}
}
}
},
condition: {
compare: {
"ctx.payload.aggregations.error_count.value": {
gt: 10
}
}
},
actions: {
send_email: {
email: {
to: ["ops-team@company.com"],
subject: "High Error Rate Alert",
body: "Error rate has exceeded threshold: {{ctx.payload.aggregations.error_count.value}} unique errors in the last 5 minutes"
}
},
send_slack: {
slack: {
message: {
to: ["#alerts"],
text: "🚨 High error rate detected: {{ctx.payload.aggregations.error_count.value}} unique errors"
}
}
}
},
throttle_period: "10m"
});
// Test the watch
const execution = await client.watcher.executeWatch({
id: "error-rate-monitor",
debug: true,
record_execution: false
});Manage cross-cluster replication for data synchronization across clusters.
/**
* Put auto follow pattern
* @param params - Auto follow pattern parameters
* @returns Promise with auto follow result
*/
function putAutoFollowPattern(params: {
/** Pattern name */
name: Name;
/** Remote cluster */
remote_cluster: string;
/** Leader index patterns */
leader_index_patterns: string[];
/** Follow index pattern */
follow_index_pattern?: string;
/** Settings */
settings?: CcrAutoFollowPatternSettings;
/** Max read request operation count */
max_read_request_operation_count?: number;
/** Max outstanding read requests */
max_outstanding_read_requests?: number;
/** Max read request size */
max_read_request_size?: ByteSize;
/** Max write request operation count */
max_write_request_operation_count?: number;
/** Max write request size */
max_write_request_size?: ByteSize;
/** Max outstanding write requests */
max_outstanding_write_requests?: number;
/** Max write buffer count */
max_write_buffer_count?: number;
/** Max write buffer size */
max_write_buffer_size?: ByteSize;
/** Max retry delay */
max_retry_delay?: Duration;
/** Read poll timeout */
read_poll_timeout?: Duration;
}): Promise<TransportResult<CcrPutAutoFollowPatternResponse, unknown>>;
/**
* Follow index
* @param params - Follow index parameters
* @returns Promise with follow result
*/
function follow(params: {
/** Index name */
index: IndexName;
/** Remote cluster */
remote_cluster: string;
/** Leader index */
leader_index: IndexName;
/** Settings */
settings?: Record<string, any>;
/** Max read request operation count */
max_read_request_operation_count?: number;
/** Max outstanding read requests */
max_outstanding_read_requests?: number;
/** Max read request size */
max_read_request_size?: ByteSize;
/** Max write request operation count */
max_write_request_operation_count?: number;
/** Max write request size */
max_write_request_size?: ByteSize;
/** Max outstanding write requests */
max_outstanding_write_requests?: number;
/** Max write buffer count */
max_write_buffer_count?: number;
/** Max write buffer size */
max_write_buffer_size?: ByteSize;
/** Max retry delay */
max_retry_delay?: Duration;
/** Read poll timeout */
read_poll_timeout?: Duration;
/** Wait for active shards */
wait_for_active_shards?: WaitForActiveShards;
/** Master timeout */
master_timeout?: Duration;
}): Promise<TransportResult<CcrFollowResponse, unknown>>;
type ByteSize = string;
type WaitForActiveShards = number | 'all';Usage Examples:
// Set up auto-follow pattern
await client.ccr.putAutoFollowPattern({
name: "logs-pattern",
remote_cluster: "cluster_two",
leader_index_patterns: ["logs-*", "metrics-*"],
follow_index_pattern: "replica-{{leader_index}}",
settings: {
"index.number_of_replicas": 0
},
max_read_request_operation_count: 1000,
max_outstanding_read_requests: 100
});
// Follow specific index
await client.ccr.follow({
index: "follower-index",
remote_cluster: "cluster_two",
leader_index: "leader-index",
max_read_request_operation_count: 1000,
max_write_request_operation_count: 1000
});Manage index lifecycle policies for automated index management.
/**
* Put lifecycle policy
* @param params - Policy creation parameters
* @returns Promise with policy creation result
*/
function putLifecycle(params: {
/** Policy name */
name: Name;
/** Policy definition */
policy?: IlmPolicy;
/** Master timeout */
master_timeout?: Duration;
/** Request timeout */
timeout?: Duration;
}): Promise<TransportResult<IlmPutLifecycleResponse, unknown>>;
/**
* Get lifecycle policy
* @param params - Policy retrieval parameters
* @returns Promise with policy information
*/
function getLifecycle(params?: {
/** Policy name */
name?: Name;
/** Master timeout */
master_timeout?: Duration;
}): Promise<TransportResult<IlmGetLifecycleResponse, unknown>>;
interface IlmPolicy {
/** Policy phases */
phases?: IlmPhases;
/** Metadata */
_meta?: Record<string, any>;
}
interface IlmPhases {
/** Hot phase */
hot?: IlmHotPhase;
/** Warm phase */
warm?: IlmWarmPhase;
/** Cold phase */
cold?: IlmColdPhase;
/** Frozen phase */
frozen?: IlmFrozenPhase;
/** Delete phase */
delete?: IlmDeletePhase;
}
interface IlmHotPhase {
/** Min age */
min_age?: Duration;
/** Actions */
actions?: IlmHotPhaseActions;
}
interface IlmHotPhaseActions {
/** Rollover action */
rollover?: IlmRolloverAction;
/** Set priority action */
set_priority?: IlmSetPriorityAction;
/** Shrink action */
shrink?: IlmShrinkAction;
/** Force merge action */
forcemerge?: IlmForceMergeAction;
/** Searchable snapshot action */
searchable_snapshot?: IlmSearchableSnapshotAction;
}Usage Examples:
// Create ILM policy for log data
await client.ilm.putLifecycle({
name: "logs-policy",
policy: {
phases: {
hot: {
actions: {
rollover: {
max_size: "5GB",
max_age: "1d",
max_docs: 10000000
},
set_priority: {
priority: 100
}
}
},
warm: {
min_age: "7d",
actions: {
set_priority: {
priority: 50
},
shrink: {
number_of_shards: 1
},
forcemerge: {
max_num_segments: 1
}
}
},
cold: {
min_age: "30d",
actions: {
set_priority: {
priority: 0
}
}
},
delete: {
min_age: "90d"
}
}
}
});
// Apply policy to index template
await client.indices.putIndexTemplate({
name: "logs-template",
index_patterns: ["logs-*"],
template: {
settings: {
"index.lifecycle.name": "logs-policy",
"index.lifecycle.rollover_alias": "logs-active"
}
}
});type Name = string;
type Names = string | string[];
type Indices = string | string[];
type IndexName = string;
type Id = string;
type Duration = string;
type SequenceNumber = number;
type VersionNumber = number;
interface IndicesIndexSettings {
number_of_shards?: number;
number_of_replicas?: number;
// ... other index settings
}
interface QueryDslQueryContainer {
bool?: any;
term?: any;
range?: any;
match?: any;
// ... other query types
}
interface AggregationsAggregationContainer {
sum?: any;
avg?: any;
cardinality?: any;
terms?: any;
date_histogram?: any;
// ... other aggregation types
}
interface SortCombinations {
[field: string]: 'asc' | 'desc' | { order: 'asc' | 'desc' };
}
interface MappingRuntimeFields {
[field: string]: MappingRuntimeField;
}
interface SearchSourceConfig {
includes?: string[];
excludes?: string[];
}
interface CcrAutoFollowPatternSettings {
[setting: string]: any;
}