From 119decb5c6554167e61619fc0689893d7b309b9a Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 11 Jun 2026 08:26:20 +0000 Subject: [PATCH 1/2] Initial plan From 4c36b0ad57cfb98c72f3a43bf9222caba3269fba Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 11 Jun 2026 08:28:32 +0000 Subject: [PATCH 2/2] Tighten Streams page openings --- solutions/observability/streams/management/data-quality.md | 2 +- solutions/observability/streams/management/extract.md | 2 +- .../streams/management/knowledge-indicators.md | 6 +----- solutions/observability/streams/management/partitioning.md | 5 +++-- .../observability/streams/management/significant-events.md | 4 ++-- solutions/observability/streams/management/streamlang.md | 2 +- solutions/observability/streams/streams.md | 4 ++-- solutions/observability/streams/wired-streams.md | 2 +- 8 files changed, 12 insertions(+), 15 deletions(-) diff --git a/solutions/observability/streams/management/data-quality.md b/solutions/observability/streams/management/data-quality.md index e2d80e5a92..52aa1663f3 100644 --- a/solutions/observability/streams/management/data-quality.md +++ b/solutions/observability/streams/management/data-quality.md @@ -14,7 +14,7 @@ products: - id: elastic-stack --- -# Manage data quality [streams-data-quality] +# Manage data quality in Streams [streams-data-quality] From the **Streams** page, use the **Data quality** column to filter your streams by data quality status, then select a stream to examine it more closely. After selecting a stream, use the **Data quality** tab to find failed and degraded documents in your stream. diff --git a/solutions/observability/streams/management/extract.md b/solutions/observability/streams/management/extract.md index b4e3452aae..c2068ee4ee 100644 --- a/solutions/observability/streams/management/extract.md +++ b/solutions/observability/streams/management/extract.md @@ -13,7 +13,7 @@ products: - id: cloud-kubernetes - id: elastic-stack --- -# Process documents [streams-extract-fields] +# Process documents in Streams [streams-extract-fields] After selecting a stream, use the **Processing** tab to add [processors](#streams-extract-processors) and [conditions](#streams-add-processor-conditions) that modify your documents and extract meaningful fields, so you can filter and analyze your data more effectively. diff --git a/solutions/observability/streams/management/knowledge-indicators.md b/solutions/observability/streams/management/knowledge-indicators.md index bdf02e0510..43d6f916ab 100644 --- a/solutions/observability/streams/management/knowledge-indicators.md +++ b/solutions/observability/streams/management/knowledge-indicators.md @@ -17,11 +17,7 @@ products: # Knowledge Indicators [streams-knowledge-indicators] -Knowledge Indicators (KIs) are structured facts that Elastic extracts from your raw log data automatically without requiring schemas, service catalogs, or manual configuration. When you run extraction against a log stream, Elastic analyzes the raw data and returns facts about your environment: which services are running, the underlying infrastructure they rely on, how they depend on each other, and the log schemas they use. - -Rather than a static configuration, this knowledge accumulates over time, automatically expires when a service disappears, and feeds directly into downstream capabilities like Rules, topology maps, AI agent investigations, and dashboards. - -To access Knowledge Indicators, open **Significant Events** from the Streams main page and select the **Knowledge Indicators** tab. +Knowledge Indicators (KIs) are structured facts that Elastic automatically extracts from raw log data without requiring schemas, service catalogs, or manual configuration. When you run extraction on a stream, Elastic returns facts about which services are running, the infrastructure they rely on, how they depend on each other, and the log schemas they use. This knowledge accumulates over time, expires when services disappear, and feeds into Rules, topology maps, AI investigations, and dashboards. Access Knowledge Indicators from **Significant Events** → **Knowledge Indicators** on the Streams main page. :::{admonition} Requirements To use this feature, you need: diff --git a/solutions/observability/streams/management/partitioning.md b/solutions/observability/streams/management/partitioning.md index 94426f5327..ea80b19b2f 100644 --- a/solutions/observability/streams/management/partitioning.md +++ b/solutions/observability/streams/management/partitioning.md @@ -15,12 +15,13 @@ products: --- # Partition data into child streams [streams-partitioning] + +For [wired streams](../wired-streams.md), use the **Partitioning** tab to organize and route log data into meaningful child streams based on manual field-based rules or AI-generated suggestions. Partitioning helps you manage data from multiple systems by creating logical groupings (such as by team or technology) and applying different lifecycles to each partition. This page explains when to partition your data, how to create partitions manually or with AI, and best practices for partition granularity. + :::{note} The **Partitioning** tab and the ability to route data into child streams is only available on [wired streams](../wired-streams.md). ::: -For [wired streams](../wired-streams.md), the wired streams endpoints act as the entry point for all your log data. - Once you've sent your data to a wired streams endpoint, open the stream and use the **Partitioning** tab to organize and route the data into meaningful child streams. For example, you can partition your logs into child streams their source or type: - Route application logs to a `logs.otel.myapp` child stream. diff --git a/solutions/observability/streams/management/significant-events.md b/solutions/observability/streams/management/significant-events.md index 3f26f451ee..9590ed5acc 100644 --- a/solutions/observability/streams/management/significant-events.md +++ b/solutions/observability/streams/management/significant-events.md @@ -14,9 +14,9 @@ products: - id: elastic-stack --- -# Add significant events +# Add significant events to Streams [streams-significant-events] -Significant Events periodically runs a query on your stream to find important events. Significant events could be error messages, exceptions, or other log messages that are of interest to you. +Significant Events periodically runs a query on your stream to find important events. Use it to create significant-event queries from AI suggestions or custom filters, and to surface errors, exceptions, or other log messages that matter to you. To define significant events, either: diff --git a/solutions/observability/streams/management/streamlang.md b/solutions/observability/streams/management/streamlang.md index 77f431ef7e..9c3e2181ad 100644 --- a/solutions/observability/streams/management/streamlang.md +++ b/solutions/observability/streams/management/streamlang.md @@ -15,7 +15,7 @@ products: --- # Streamlang [streams-streamlang-overview] -Streamlang is a YAML domain-specific language (DSL) for defining stream processing and routing logic. Streamlang provides a consistent processing interface that can be converted to multiple execution targets, including {{es}} ingest pipelines and ES|QL. This allows processing to run at ingest time or query time without rewriting rules. +Streamlang is a YAML domain-specific language (DSL) for defining stream processing and routing logic in Streams. It provides a consistent processing interface that can be converted to multiple execution targets, including {{es}} ingest pipelines and ES|QL. This allows processing to run at ingest time or query time without rewriting rules. Use this page to understand Streamlang structure, syntax, processors, and conditions. You can write Streamlang directly using the [YAML editing mode](./extract.md#streams-editing-yaml-mode) in the **Processing** tab or the [interactive mode](./extract.md#streams-editing-interactive-mode) which generates Streamlang behind the scenes. diff --git a/solutions/observability/streams/streams.md b/solutions/observability/streams/streams.md index 8807ce58a1..5dd771dd15 100644 --- a/solutions/observability/streams/streams.md +++ b/solutions/observability/streams/streams.md @@ -14,9 +14,9 @@ products: - id: elastic-stack --- -# Streams +# Manage data streams in Kibana [streams] -Streams provides a single, centralized UI within {{kib}} that streamlines common tasks like extracting fields, setting data retention, and routing data, so you don't need to use multiple applications or manually configure underlying {{es}} components. +Streams provides a single, centralized UI within {{kib}} that streamlines common tasks like extracting fields, setting data retention, and routing data, so you don't need to use multiple applications or manually configure underlying {{es}} components. Use this page to understand the different stream types, where to access Streams, and how to manage individual streams. :::{agent-skill} :url: https://github.com/elastic/agent-skills/tree/main/skills/kibana/streams diff --git a/solutions/observability/streams/wired-streams.md b/solutions/observability/streams/wired-streams.md index a94479b16d..2d1bb93b4e 100644 --- a/solutions/observability/streams/wired-streams.md +++ b/solutions/observability/streams/wired-streams.md @@ -10,7 +10,7 @@ products: # Wired streams [streams-wired-streams] -Wired streams send your documents to a wired streams endpoint, from which you can route data into child streams based on [partitioning](./management/partitioning.md) rules you set up manually or with the help of AI suggestions. +Wired streams receive log data through a dedicated endpoint and route it into child streams based on partitioning rules. Unlike classic streams that work with existing data streams, wired streams let you organize streams hierarchically with automatic inheritance of mappings, lifecycle settings, and processors. This page explains wired stream field naming conventions, how to enable and send data to wired streams, and how to view them in Discover. :::::{applies-switch}