Skip to content

Add docs for ES|QL query logs #131287

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 11 commits into from
Jul 16, 2025
Merged

Add docs for ES|QL query logs #131287

merged 11 commits into from
Jul 16, 2025

Conversation

@luigidellaquila
Copy link
Contributor

Adding documentation for ES|QL Query Log, similar to Search Slow Log.

@luigidellaquila luigidellaquila added >docs General docs changes auto-backport Automatically create backport pull requests when merged :Analytics/ES|QL AKA ESQL v9.1.0 labels Jul 15, 2025
@luigidellaquila luigidellaquila mentioned this pull request Jul 15, 2025
Closed
@elasticsearchmachine elasticsearchmachine added Team:Docs Meta label for docs team Team:Analytics Meta label for analytical engine team (ESQL/Aggs/Geo) v9.2.0 labels Jul 15, 2025
@elasticsearchmachine
Copy link
Collaborator

Pinging @elastic/es-docs (Team:Docs)

@elasticsearchmachine
Copy link
Collaborator

Pinging @elastic/es-analytical-engine (Team:Analytics)

@github-actions
Copy link
Contributor

github-actions bot commented Jul 15, 2025
edited
Loading

🔍 Preview links for changed docs

leemthompo
leemthompo reviewed Jul 15, 2025
View reviewed changes
Copy link
Contributor

@leemthompo leemthompo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for moving this PR @luigidellaquila, looks really good, just a few suggestions. Do you need a technical review on this from a dev?

docs/reference/query-languages/esql/esql-query-log.md Outdated

If you aren’t sure how to start investigating traffic issues, consider enabling the `warn` threshold with a high `30s` threshold at the index level using the [update cluster settings API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-put-settings):

* Enable for search requests:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure if this needs to be a bullet? Could benefit from a full sentence for better clarity.

leemthompo
leemthompo reviewed Jul 15, 2025
View reviewed changes
luigidellaquila and others added 8 commits July 16, 2025 09:23
idegtiarenko
idegtiarenko reviewed Jul 16, 2025
View reviewed changes
docs/reference/query-languages/esql/esql-query-log.md
"event.dataset": "elasticsearch.esql_querylog",
"process.thread.name": "elasticsearch[runTask-0][esql_worker][T#12]",
"log.logger": "esql.querylog.query",
"elasticsearch.cluster.uuid": "KZo1V7TcQM-O6fnqMm1t_g",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unrelated to doc change, but I am surprised that we need to add a cluster id to the log.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's not part of our implementation, I think the JSON logging infrastructure adds it to all the logs. BTW, it's the same in Search slow log

idegtiarenko
idegtiarenko approved these changes Jul 16, 2025
View reviewed changes
Copy link
Contributor

@idegtiarenko idegtiarenko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for documenting!

leemthompo
leemthompo approved these changes Jul 16, 2025
View reviewed changes
Copy link
Contributor

@leemthompo leemthompo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @luigidellaquila!

@luigidellaquila
Copy link
Contributor Author

Thanks @leemthompo @idegtiarenko !

@luigidellaquila luigidellaquila merged commit 7146681 into elastic:main Jul 16, 2025
10 checks passed
@luigidellaquila luigidellaquila mentioned this pull request Jul 16, 2025
Merged
@elasticsearchmachine
Copy link
Collaborator

💚 Backport successful

Status Branch Result
9.1

luigidellaquila added a commit to luigidellaquila/elasticsearch that referenced this pull request Jul 16, 2025
@luigidellaquila
Add docs for ES|QL query logs (elastic#131287)
41238c8
elasticsearchmachine pushed a commit that referenced this pull request Jul 16, 2025
@luigidellaquila
Add docs for ES|QL query logs (#131287) (#131351)
cb03572
szybia added a commit to szybia/elasticsearch that referenced this pull request Jul 16, 2025
@szybia
Merge remote-tracking branch 'upstream/main' into index-pipeline-trac…
f8b7217 
…king

* upstream/main: (91 commits)
  Mute org.elasticsearch.packaging.test.DockerTests test130JavaHasCorrectOwnership elastic#131369
  Add exception logging when interrupted (elastic#131153)
  Mute org.elasticsearch.packaging.test.DockerTests test140CgroupOsStatsAreAvailable elastic#131372
  Mute org.elasticsearch.packaging.test.DockerTests test070BindMountCustomPathConfAndJvmOptions elastic#131366
  Mute org.elasticsearch.xpack.test.rest.XPackRestIT test {p0=ml/delete_expired_data/Test delete expired data with body parameters} elastic#131364
  Mute org.elasticsearch.xpack.esql.vector.VectorSimilarityFunctionsIT testSimilarityBetweenConstantVectorAndField {functionName=v_cosine similarityFunction=COSINE} elastic#131363
  Mute org.elasticsearch.xpack.esql.vector.VectorSimilarityFunctionsIT testDifferentDimensions {functionName=v_cosine similarityFunction=COSINE} elastic#131362
  Mute org.elasticsearch.xpack.esql.vector.VectorSimilarityFunctionsIT testSimilarityBetweenConstantVectors {functionName=v_cosine similarityFunction=COSINE} elastic#131361
  Check SCORE_FUNCTION capability in VerifierTests (elastic#131352)
  Replace deprecated routingTable table call in tests (elastic#131005)
  [DOCS] Remove misused applies_to tag (elastic#131349)
  Adj ivf postings list building (elastic#130843)
  [Transform] Read metadata from Project State (elastic#131205)
  Add note on o11y to architecture guide (elastic#131291)
  Upgrade AWS Java SDK to 2.31.78 (elastic#131050)
  Support Fields API in conditional ingest processors (elastic#121914)
  ESQL - KNN function uses prefilters when pushed down to Lucene (elastic#131004)
  Add docs for ES|QL query logs (elastic#131287)
  Simplify `expectedFinalRegisterValue` computation (elastic#131274)
  Mute org.elasticsearch.test.rest.yaml.RcsCcsCommonYamlTestSuiteIT test {p0=search/110_field_collapsing/field collapsing, inner_hits and maxConcurrentGroupRequests} elastic#131348
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@idegtiarenko idegtiarenko idegtiarenko approved these changes

@leemthompo leemthompo leemthompo approved these changes

Assignees

No one assigned

Labels

:Analytics/ES|QL AKA ESQL auto-backport Automatically create backport pull requests when merged >docs General docs changes Team:Analytics Meta label for analytical engine team (ESQL/Aggs/Geo) Team:Docs Meta label for docs team v9.1.0 v9.2.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@luigidellaquila @elasticsearchmachine @idegtiarenko @leemthompo