AWS opensearch-service documentation change
Summary
Simplified introductory content about direct query functionality. Removed detailed setup steps and condensed explanations about data source configuration. Updated terminology (e.g., 'Kibana' to 'Dashboards').
Security assessment
Editorial changes focused on content clarity and conciseness. No security-related content added or modified beyond general service mentions.
Diff
diff --git a/opensearch-service/latest/developerguide/direct-query.md b/opensearch-service/latest/developerguide/direct-query.md index e0db2cc80..03dced33c 100644 --- a//opensearch-service/latest/developerguide/direct-query.md +++ b//opensearch-service/latest/developerguide/direct-query.md @@ -9 +9 @@ QuotasSupported AWS Regions -You can use Amazon OpenSearch Service _direct query_ to analyze data in Amazon CloudWatch Logs, Amazon S3, and Amazon Security Lake. OpenSearch Service provides a zero-ETL integration as a way to analyze your log data using OpenSearch SQL or OpenSearch Piped Processing Language (PPL) without incurring the friction of building ingestion pipelines or switching between analytics tools. This approach eliminates the need for data movement or duplication, allowing you to analyze your data where it rests using OpenSearch Discover. When you want to switch from querying data at rest to actively monitoring with dashboards or alerts, you can build indexed views on the data and ingest it into an OpenSearch Service index. +Use Amazon OpenSearch Service direct query to analyze data in Amazon CloudWatch Logs, Amazon S3, and Amazon Security Lake without building ingestion pipelines. This zero-ETL integration lets you query data in place using OpenSearch SQL or PPL, and explore it in **Discover**. @@ -11,5 +11 @@ You can use Amazon OpenSearch Service _direct query_ to analyze data in Amazon C -To get started, you configure a data source in the OpenSearch Service console. For Amazon S3, you use the domain's connections, while for CloudWatch Logs and Security Lake, you use connected data sources under Central Management in the console. Amazon S3 and Security Lake both use tables in AWS Glue Data Catalog to represent your data structure, including schema, file type, and partitioning. For Amazon S3, you create these tables within OpenSearch Query Workbench using CREATE TABLE SQL statements. For Amazon Security Lake, the tables in AWS Glue are already set up during the Security Lake setup process. CloudWatch Logs similarly has pre-configured log groups. - -After you set up your data source, you sign in to Discover, where you can select your data source and choose the relevant tables (for Amazon S3 and Security Lake) or log groups (for CloudWatch Logs). From there, you can start querying your data directly. - -To use advanced analytics features of OpenSearch Service for data monitoring, such as building dashboards and full-text search, you ingest data from your direct query data source by creating an indexed view on the data. You can create indexed views using common SQL indexing techniques, such as skipping indexes, materialized views, and covering indexes (where supported). To help you get started quickly building dashboards, you can use pre-built templates for common log types like VPC Flow Logs, AWS CloudTrail logs, and AWS WAF logs. +To get started, configure your data source in the OpenSearch Service console. For Amazon S3, use domain connections and create tables with SQL in Query Workbench. CloudWatch Logs and Security Lake use preconfigured sources and AWS Glue Data Catalog tables. @@ -173 +169 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please -Restart the Dashboard or Kibana process on a node +Restarting the Dashboards process