Update ruletypes.rst

jertel · Nov 17, 2023 · 4f44d05 · 4f44d05
1 parent 1fa776c
commit 4f44d05
Showing 1 changed file with 89 additions and 92 deletions.
diff --git a/docs/source/ruletypes.rst b/docs/source/ruletypes.rst
@@ -647,16 +647,6 @@ This value will be used if ``generate_kibana_discover_url`` is true and ``kibana
 
 (Optional, string, default ``http://<es_host>:<es_port>/_plugin/kibana/``)
 
-opensearch_url
-^^^^^^^^^^^^^^
-
-``opensearch_url``: The base url of the opensearch application. If not specified, a URL will be constructed using ``es_host``
-and ``es_port``.
-
-This value will be used if ``generate_opensearch_discover_url`` is true and ``opensearch_discover_app_url`` is a relative path
-
-(Optional, string, default ``http://<es_host>:<es_port>/_plugin/kibana/``)
-
 kibana_username
 ^^^^^^^^^^^^^^^
 
@@ -711,39 +701,6 @@ Example kibana_url + kibana_discover_app_url usage::
     alert_text_args: [ kibana_discover_url ]
     alert_text_type: alert_text_only
 
-generate_opensearch_discover_url
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-``generate_opensearch_discover_url``: Enables the generation of the ``opensearch_discover_url`` variable for the Opensearch Discover application.
-This setting requires the following settings are also configured:
-
-- ``opensearch_discover_app_url``
-- ``opensearch_discover_version``
-- ``opensearch_discover_index_pattern_id``
-
-``generate_opensearch_discover_url: true``
-
-Example opensearch_discover_app_url only usage for opensearch::
-
-    generate_opensearch_discover_url: true
-    opensearch_discover_app_url: "http://localhost:5601/app/data-explorer/discover?security_tenant=Admin#"
-    opensearch_discover_index_pattern_id: "4babf380-c3b1-11eb-b616-1b59c2feec54"
-    opensearch_discover_version: "2.11"
-    alert_text: '{}'
-    alert_text_args: [ opensearch_discover_url ]
-    alert_text_type: alert_text_only
-
-Example opensearch_url + opensearch_discover_app_url usage for opensearch::
-
-    generate_opensearch_discover_url: true
-    opensearch_url: "http://localhost:5601/"
-    opensearch_discover_app_url: "app/data-explorer/discover?security_tenant=Admin#"
-    opensearch_discover_index_pattern_id: "4babf380-c3b1-11eb-b616-1b59c2feec54"
-    opensearch_discover_version: "2.11"
-    alert_text: '{}'
-    alert_text_args: [ opensearch_discover_url ]
-    alert_text_type: alert_text_only
-
 shorten_kibana_discover_url
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
@@ -770,17 +727,6 @@ This value should be relative to the base kibana url defined by ``kibana_url`` a
 
 (Optional, string, no default)
 
-opensearch_discover_app_url
-^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-``opensearch_discover_app_url``: The url of the opensearch Discover application used to generate the ``opensearch_discover_url`` variable.
-This value can use `$VAR` and `${VAR}` references to expand environment variables.
-This value should be relative to the base opensearch url defined by ``opensearch_url`` and will vary depending on your installation.
-
-``opensearch_discover_app_url: app/discover#/``
-
-(Optional, string, no default)
-
 kibana_discover_security_tenant
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
@@ -801,18 +747,6 @@ The currently supported versions of Kibana Discover are:
 
 ``kibana_discover_version: '7.15'``
 
-opensearch_discover_version
-^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-``opensearch_discover_version``: Specifies the version of the opensearch Discover application.
-
-The currently supported versions of opensearch Discover are:
-
-- `2.11`
-
-``opensearch_discover_version: '2.11'``
-
-
 kibana_discover_index_pattern_id
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
@@ -837,6 +771,95 @@ You can modify an index pattern's id by exporting the saved object, modifying th
 
 ``kibana_discover_index_pattern_id: 4e97d188-8a45-4418-8a37-07ed69b4d34c``
 
+kibana_discover_columns
+^^^^^^^^^^^^^^^^^^^^^^^
+
+``kibana_discover_columns``: The columns to display in the generated Kibana Discover application link.
+Defaults to the ``_source`` column.
+
+``kibana_discover_columns: [ timestamp, message ]``
+
+kibana_discover_from_timedelta
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+``kibana_discover_from_timedelta``:  The offset to the `from` time of the Kibana Discover link's time range.
+The `from` time is calculated by subtracting this timedelta from the event time.  Defaults to 10 minutes.
+
+``kibana_discover_from_timedelta: minutes: 2``
+
+kibana_discover_to_timedelta
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+``kibana_discover_to_timedelta``:  The offset to the `to` time of the Kibana Discover link's time range.
+The `to` time is calculated by adding this timedelta to the event time.  Defaults to 10 minutes.
+
+``kibana_discover_to_timedelta: minutes: 2``
+
+opensearch_url
+^^^^^^^^^^^^^^
+
+``opensearch_url``: The base url of the opensearch application. If not specified, a URL will be constructed using ``es_host``
+and ``es_port``.
+
+This value will be used if ``generate_opensearch_discover_url`` is true and ``opensearch_discover_app_url`` is a relative path
+
+(Optional, string, default ``http://<opensearch_host>:<opensearch_port>/_plugin/_dashboards/``)
+
+generate_opensearch_discover_url
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+``generate_opensearch_discover_url``: Enables the generation of the ``opensearch_discover_url`` variable for the Opensearch Discover application.
+This setting requires the following settings are also configured:
+
+- ``opensearch_discover_app_url``
+- ``opensearch_discover_version``
+- ``opensearch_discover_index_pattern_id``
+
+``generate_opensearch_discover_url: true``
+
+Example opensearch_discover_app_url only usage for opensearch::
+
+    generate_opensearch_discover_url: true
+    opensearch_discover_app_url: "http://localhost:5601/app/data-explorer/discover?security_tenant=Admin#"
+    opensearch_discover_index_pattern_id: "4babf380-c3b1-11eb-b616-1b59c2feec54"
+    opensearch_discover_version: "2.11"
+    alert_text: '{}'
+    alert_text_args: [ opensearch_discover_url ]
+    alert_text_type: alert_text_only
+
+Example opensearch_url + opensearch_discover_app_url usage for opensearch::
+
+    generate_opensearch_discover_url: true
+    opensearch_url: "http://localhost:5601/"
+    opensearch_discover_app_url: "app/data-explorer/discover?security_tenant=Admin#"
+    opensearch_discover_index_pattern_id: "4babf380-c3b1-11eb-b616-1b59c2feec54"
+    opensearch_discover_version: "2.11"
+    alert_text: '{}'
+    alert_text_args: [ opensearch_discover_url ]
+    alert_text_type: alert_text_only
+
+opensearch_discover_app_url
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+``opensearch_discover_app_url``: The url of the opensearch Discover application used to generate the ``opensearch_discover_url`` variable.
+This value can use `$VAR` and `${VAR}` references to expand environment variables.
+This value should be relative to the base opensearch url defined by ``opensearch_url`` and will vary depending on your installation.
+
+``opensearch_discover_app_url: app/discover#/``
+
+(Optional, string, no default)
+
+opensearch_discover_version
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+``opensearch_discover_version``: Specifies the version of the opensearch Discover application.
+
+The currently supported versions of opensearch Discover are:
+
+- `2.11`
+
+``opensearch_discover_version: '2.11'``
+
 opensearch_discover_index_pattern_id
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
@@ -860,14 +883,6 @@ You can modify an index pattern's id by exporting the saved object, modifying th
 
 ``opensearch_discover_index_pattern_id: 4e97d188-8a45-4418-8a37-07ed69b4d34c``
 
-kibana_discover_columns
-^^^^^^^^^^^^^^^^^^^^^^^
-
-``kibana_discover_columns``: The columns to display in the generated Kibana Discover application link.
-Defaults to the ``_source`` column.
-
-``kibana_discover_columns: [ timestamp, message ]``
-
 opensearch_discover_columns
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
@@ -876,16 +891,6 @@ Defaults to the ``_source`` column.
 
 ``opensearch_discover_columns: [ timestamp, message ]``
 
-
-kibana_discover_from_timedelta
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-``kibana_discover_from_timedelta``:  The offset to the `from` time of the Kibana Discover link's time range.
-The `from` time is calculated by subtracting this timedelta from the event time.  Defaults to 10 minutes.
-
-``kibana_discover_from_timedelta: minutes: 2``
-
-
 opensearch_discover_from_timedelta
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
@@ -894,14 +899,6 @@ The `from` time is calculated by subtracting this timedelta from the event time.
 
 ``opensearch_discover_from_timedelta: minutes: 2``
 
-kibana_discover_to_timedelta
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-``kibana_discover_to_timedelta``:  The offset to the `to` time of the Kibana Discover link's time range.
-The `to` time is calculated by adding this timedelta to the event time.  Defaults to 10 minutes.
-
-``kibana_discover_to_timedelta: minutes: 2``
-
 opensearch_discover_to_timedelta
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^