diff --git a/solutions/observability/logs/streams/management/extract.md b/solutions/observability/logs/streams/management/extract.md index 639e483635..8bccb06e82 100644 --- a/solutions/observability/logs/streams/management/extract.md +++ b/solutions/observability/logs/streams/management/extract.md @@ -26,7 +26,6 @@ To add a processor: - [Date](./extract/date.md) - [Dissect](./extract/dissect.md) - [Grok](./extract/grok.md) - - [Key-Value (KV)](./extract/key-value.md) - GeoIP - Rename - Set diff --git a/solutions/observability/logs/streams/management/extract/key-value.md b/solutions/observability/logs/streams/management/extract/key-value.md deleted file mode 100644 index 5a1cb34210..0000000000 --- a/solutions/observability/logs/streams/management/extract/key-value.md +++ /dev/null @@ -1,35 +0,0 @@ ---- -navigation_title: KV processor -applies_to: - serverless: preview - stack: preview 9.1 ---- -# Key value processor [streams-kv-processor] - -The key value (KV) processor allows you to extract key-value pairs from a field and assign them to a target field or the root of the document. - -This functionality uses the {{es}} KV pipeline processor. Refer to the [KV processor](elasticsearch://reference/enrich-processor/kv-processor.md) {{es}} documentation for more information. - -## Required fields [streams-kv-required-fields] - -The KV processor requires the following fields: - -| Field | Description| -| ------- | --------------- | -| Field | The field to be parsed.| -| Field split | Regex pattern used to delimit the key-value pairs. Typically a space character (" "). | -| Value split | Regex pattern used to delimit the key from the value. Typically an equals sign (`=`). | - -## Optional fields [streams-kv-optional-fields] - -The following fields are optional for the KV processor: - -| Field | Description| -| ------- | --------------- | -| Target field | The field to assign the parsed key-value pairs to. If not specified, the key-value pairs are assigned to the root of the document. | -| Include keys | A list of extracted keys to include in the output. If not specified, all keys are included by default. Type and then hit "ENTER" to add keys. | -| Exclude keys | A list of extracted keys to exclude from the output. Type and then hit "ENTER" to add keys. | -| Prefix | A prefix to add to extracted keys. | -| Trim key | A string of characters to trim from extracted keys. | -| Trim value | A string of characters to trim from extracted values. | -| Strip brackets | Removes brackets (`(), <>, []`) and quotes (`', "`) from extracted values.| diff --git a/solutions/toc.yml b/solutions/toc.yml index 9547c5c8a6..971d790238 100644 --- a/solutions/toc.yml +++ b/solutions/toc.yml @@ -422,7 +422,6 @@ toc: - file: observability/logs/streams/management/extract/date.md - file: observability/logs/streams/management/extract/dissect.md - file: observability/logs/streams/management/extract/grok.md - - file: observability/logs/streams/management/extract/key-value.md - file: observability/logs/streams/management/retention.md - file: observability/logs/streams/management/advanced.md - file: observability/incident-management.md @@ -500,7 +499,7 @@ toc: - file: security/ai.md children: - file: security/ai/ease/ease-intro.md - children: + children: - file: security/ai/ease/ease-alerts.md - file: security/ai/ease/ease-value-report.md - file: security/ai/ease/ease-upgrade.md