Elasticsearch

Endpoint	elastic
URL	https://${OBSERVE_CUSTOMER}.collect.observeinc.com/v1/elastic
Maximum Request Size	4MB

Elasticsearch provides a popular search and analytics engine that exposes a large number of REST APIs.

To enable ingesting data, Observe implements a subset of the Bulk API, with the following caveats:

• /{target}/_bulk endpoint not supported.

• update and delete actions are ignored.

For backward compatibility with existing Elasticsearch clients, Observe also implements the following endpoints:

• HEAD requests for /_template/{name} always return 200 OK. This avoids clients attempting to create templates. Templates are not necessary in the Observe architecture.

• requests to /_xpack endpoints return a 400 error. These requests are usually due to client misconfiguration, and this allows the request to fail in a more visible way.