From 4ae2f59c11401cf0e909b81b1d80d43066e9030a Mon Sep 17 00:00:00 2001
From: "Zsolt Gyulai (zgyulai)" <zsolt.gyulai@quest.com>
Date: Mon, 25 Nov 2024 12:19:53 +0100
Subject: [PATCH 1/4] Added new elasticsearch-datastream destination.

Signed-off-by: Zsolt Gyulai (zgyulai) <zsolt.gyulai@quest.com>
---
 .../035_elasticsearch-datastream/README.md    | 30 +++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 doc/_admin-guide/070_Destinations/035_elasticsearch-datastream/README.md

diff --git a/doc/_admin-guide/070_Destinations/035_elasticsearch-datastream/README.md b/doc/_admin-guide/070_Destinations/035_elasticsearch-datastream/README.md
new file mode 100644
index 0000000..507ded1
--- /dev/null
+++ b/doc/_admin-guide/070_Destinations/035_elasticsearch-datastream/README.md
@@ -0,0 +1,30 @@
+---
+title: 'elasticsearch-datastream: Elasticsearch data streams'
+short_title: elasticsearch-datastream
+id: adm-dest-es-datastream
+description: >-
+From syslog-ng OSE 4.8 and later versions, you  can send messages and metrics to [Elasticsearch data streams](https://www.elastic.co/guide/en/elasticsearch/reference/current/data-streams.html) to store your log and metrics data as time series data..
+---
+
+**Declaration**
+
+```config
+destination d_elastic_data_stream {
+  elasticsearch-datastream(
+    url("https://elastic-endpoint:9200/my-data-stream/_bulk")
+    user("elastic")
+    password("ba253DOn434Tc0pY22OI")
+  );
+};
+```
+This driver is a reusable configuration snippet configured to send log messages using the http() driver using a template. You can find the source of this configuration snippet on [GitHub](https://github.com/axoflow/axosyslog/blob/main/scl/elasticsearch/elastic-datastream.conf).
+
+## Prerequisites
+
+* An account for Elasticsearch datastreams with a username and a password.
+
+## Options
+
+Elasticsearch datastream is an HTTP based driver, hence it utilizes the HTTP destination options.
+
+> *Copyright © 2024 Axoflow*

From a8d68f436f99e4aee27a289dfa11eeffcae72bd9 Mon Sep 17 00:00:00 2001
From: "Zsolt Gyulai (zgyulai)" <zsolt.gyulai@quest.com>
Date: Mon, 25 Nov 2024 12:47:45 +0100
Subject: [PATCH 2/4] Small changes to make description visible in output.

Signed-off-by: Zsolt Gyulai (zgyulai) <zsolt.gyulai@quest.com>
---
 .../070_Destinations/035_elasticsearch-datastream/README.md     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/_admin-guide/070_Destinations/035_elasticsearch-datastream/README.md b/doc/_admin-guide/070_Destinations/035_elasticsearch-datastream/README.md
index 507ded1..62e6906 100644
--- a/doc/_admin-guide/070_Destinations/035_elasticsearch-datastream/README.md
+++ b/doc/_admin-guide/070_Destinations/035_elasticsearch-datastream/README.md
@@ -3,7 +3,7 @@ title: 'elasticsearch-datastream: Elasticsearch data streams'
 short_title: elasticsearch-datastream
 id: adm-dest-es-datastream
 description: >-
-From syslog-ng OSE 4.8 and later versions, you  can send messages and metrics to [Elasticsearch data streams](https://www.elastic.co/guide/en/elasticsearch/reference/current/data-streams.html) to store your log and metrics data as time series data..
+    From syslog-ng OSE 4.8 and later versions, you  can send messages and metrics to [Elasticsearch data streams](https://www.elastic.co/guide/en/elasticsearch/reference/current/data-streams.html) to store your log and metrics data as time series data.
 ---
 
 **Declaration**

From 30ae9f4945703d5d9dac1d0c945fcc827b1b2f72 Mon Sep 17 00:00:00 2001
From: "Zsolt Gyulai (zgyulai)" <zsolt.gyulai@quest.com>
Date: Mon, 2 Dec 2024 11:21:00 +0100
Subject: [PATCH 3/4] Small fixes.

Signed-off-by: Zsolt Gyulai (zgyulai) <zsolt.gyulai@quest.com>
---
 _data/external_links.yml                               | 10 ++++++++++
 .../035_elasticsearch-datastream/README.md             |  5 +++--
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/_data/external_links.yml b/_data/external_links.yml
index b4f5cc0..35d8dd0 100644
--- a/_data/external_links.yml
+++ b/_data/external_links.yml
@@ -608,6 +608,11 @@ gh-es:
   url: https://github.com/syslog-ng/syslog-ng/tree/master/scl/elasticsearch
   title: [ "Elasticsearch configuration snippet on GitHub" ]
 
+gh-es-ds:
+  id: gh-es-ds
+  url: https://github.com/axoflow/axosyslog/blob/main/scl/elasticsearch/elastic-datastream.conf
+  title: [ "Elasticsearch datastream configuration snippet on GitHub" ]
+  
 gh-fortigate:
   id: gh-fortigate
   url: https://github.com/syslog-ng/syslog-ng/blob/master/scl/fortigate/fortigate.conf
@@ -796,6 +801,11 @@ ebpf:
   url: https://ebpf.io/
   title: [ "Extended Berkeley Packet Filter" ]
 
+elastic-ds:
+  id: elastic-ds
+  url: https://www.elastic.co/guide/en/elasticsearch/reference/current/data-streams.html
+  title: [ "Elasticsearch data streams" ]
+
 gcp-ser:
   id: gcp-ser
   url: https://cloud.google.com/iam/docs/service-account-overview
diff --git a/doc/_admin-guide/070_Destinations/035_elasticsearch-datastream/README.md b/doc/_admin-guide/070_Destinations/035_elasticsearch-datastream/README.md
index 62e6906..1d89f6f 100644
--- a/doc/_admin-guide/070_Destinations/035_elasticsearch-datastream/README.md
+++ b/doc/_admin-guide/070_Destinations/035_elasticsearch-datastream/README.md
@@ -3,7 +3,7 @@ title: 'elasticsearch-datastream: Elasticsearch data streams'
 short_title: elasticsearch-datastream
 id: adm-dest-es-datastream
 description: >-
-    From syslog-ng OSE 4.8 and later versions, you  can send messages and metrics to [Elasticsearch data streams](https://www.elastic.co/guide/en/elasticsearch/reference/current/data-streams.html) to store your log and metrics data as time series data.
+    From {{ site.product.short_name }} 4.8 and later versions, you  can send messages and metrics to Elasticsearch data streams to store your log and metrics data as time series data.
 ---
 
 **Declaration**
@@ -17,7 +17,8 @@ destination d_elastic_data_stream {
   );
 };
 ```
-This driver is a reusable configuration snippet configured to send log messages using the http() driver using a template. You can find the source of this configuration snippet on [GitHub](https://github.com/axoflow/axosyslog/blob/main/scl/elasticsearch/elastic-datastream.conf).
+
+This driver is a reusable configuration snippet configured to send log messages using the http() driver using a template. You can find the Elasticsearch datastream configuration snippet on GitHub.
 
 ## Prerequisites
 

From 586d59defb5c0b68dd4a0d6d5e28040947934eaa Mon Sep 17 00:00:00 2001
From: "Zsolt Gyulai (zgyulai)" <zsolt.gyulai@quest.com>
Date: Tue, 4 Feb 2025 10:37:06 +0100
Subject: [PATCH 4/4] Adjusted link.

Signed-off-by: Zsolt Gyulai (zgyulai) <zsolt.gyulai@quest.com>
---
 _data/external_links.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/_data/external_links.yml b/_data/external_links.yml
index 35d8dd0..ad49c3c 100644
--- a/_data/external_links.yml
+++ b/_data/external_links.yml
@@ -610,7 +610,7 @@ gh-es:
 
 gh-es-ds:
   id: gh-es-ds
-  url: https://github.com/axoflow/axosyslog/blob/main/scl/elasticsearch/elastic-datastream.conf
+  url: https://github.com/syslog-ng/syslog-ng/blob/master/scl/elasticsearch/elastic-datastream.conf
   title: [ "Elasticsearch datastream configuration snippet on GitHub" ]
   
 gh-fortigate: