Skip to content

[Elasticsearch]: Create new data set for ES|QL query logs #13374

New issue
New issue
Open
Open
[Elasticsearch]: Create new data set for ES|QL query logs#13374
Labels
Feature:Stack MonitoringStack Monitoring FeatureIntegration:elasticsearchElasticsearchTeam:Stack MonitoringStack Monitoring team [elastic/stack-monitoring]enhancementNew feature or requestneeds:triage
@consulthys

Description

@consulthys
consulthys
opened on Apr 1, 2025

Integration Name

Elasticsearch [elasticsearch]

Dataset Name

esql_querylog

Integration Version

Latest

Agent Version

Latest

OS Version and Architecture

Any

User Goal

Describe the enhancement:

Following up on elastic/elasticsearch#124094 which will make ES|QL query logs available along the same lines as how ES slow logs work, we should enhance the elasticsearch integration with a new data set to tail those logs. These new logs are slated to be released in 8.19.

A similar enhancement will be made in Filebeat: elastic/beats#43622

Describe a specific use case for the enhancement or feature:

Adding this new data set will allow any ES|QL users:

  1. to collect all the ES|QL queries that are executed in their cluster
  2. to get better performance insights into those ES|QL queries
  3. to know who runs those ES|QL queries

Existing Features

The ES|QL query logs are new logs being released in 8.19 and they fall under the Stack Monitoring umbrella.

What did you see?

N/A

Anything else?

N/A

Metadata

Metadata

Assignees

No one assigned

    Labels

    Feature:Stack MonitoringStack Monitoring FeatureIntegration:elasticsearchElasticsearchTeam:Stack MonitoringStack Monitoring team [elastic/stack-monitoring]enhancementNew feature or requestneeds:triage

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions