Add docs for ES|QL query logs#131287
Merged
luigidellaquila merged 11 commits intoelastic:mainfrom Jul 16, 2025
Merged
Conversation
luigidellaquila
added
>docs
elasticsearchmachine
added
Team:Docs
Collaborator
|
Pinging @elastic/es-docs (Team:Docs) |
Collaborator
|
Pinging @elastic/es-analytical-engine (Team:Analytics) |
Contributor
leemthompo
reviewed
Jul 15, 2025
Contributor
leemthompo
left a comment
leemthompo
left a comment
There was a problem hiding this comment.
Thanks for moving this PR @luigidellaquila, looks really good, just a few suggestions. Do you need a technical review on this from a dev?
|
|
||
| If you aren’t sure how to start investigating traffic issues, consider enabling the `warn` threshold with a high `30s` threshold at the index level using the [update cluster settings API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cluster-put-settings): | ||
|
|
||
| * Enable for search requests: |
Contributor
There was a problem hiding this comment.
Not sure if this needs to be a bullet? Could benefit from a full sentence for better clarity.
leemthompo
reviewed
Jul 15, 2025
Co-authored-by: Liam Thompson <leemthompo@gmail.com>
Co-authored-by: Liam Thompson <leemthompo@gmail.com>
Co-authored-by: Liam Thompson <leemthompo@gmail.com>
Co-authored-by: Liam Thompson <leemthompo@gmail.com>
Co-authored-by: Liam Thompson <leemthompo@gmail.com>
Co-authored-by: Liam Thompson <leemthompo@gmail.com>
| "event.dataset": "elasticsearch.esql_querylog", | ||
| "process.thread.name": "elasticsearch[runTask-0][esql_worker][T#12]", | ||
| "log.logger": "esql.querylog.query", | ||
| "elasticsearch.cluster.uuid": "KZo1V7TcQM-O6fnqMm1t_g", |
Contributor
There was a problem hiding this comment.
Unrelated to doc change, but I am surprised that we need to add a cluster id to the log.
Contributor
Author
There was a problem hiding this comment.
It's not part of our implementation, I think the JSON logging infrastructure adds it to all the logs. BTW, it's the same in Search slow log
idegtiarenko
approved these changes
Jul 16, 2025
Contributor
idegtiarenko
left a comment
idegtiarenko
left a comment
There was a problem hiding this comment.
Thanks for documenting!
leemthompo
approved these changes
Jul 16, 2025
Contributor
leemthompo
left a comment
leemthompo
left a comment
There was a problem hiding this comment.
Thanks @luigidellaquila!
Contributor
Author
|
Thanks @leemthompo @idegtiarenko ! |
Collaborator
💚 Backport successful
|
luigidellaquila
added a commit
to luigidellaquila/elasticsearch
that referenced
this pull request
Jul 16, 2025
elasticsearchmachine
pushed a commit
that referenced
this pull request
Jul 16, 2025
szybia
added a commit
to szybia/elasticsearch
that referenced
this pull request
Jul 16, 2025
…king * upstream/main: (91 commits) Mute org.elasticsearch.packaging.test.DockerTests test130JavaHasCorrectOwnership elastic#131369 Add exception logging when interrupted (elastic#131153) Mute org.elasticsearch.packaging.test.DockerTests test140CgroupOsStatsAreAvailable elastic#131372 Mute org.elasticsearch.packaging.test.DockerTests test070BindMountCustomPathConfAndJvmOptions elastic#131366 Mute org.elasticsearch.xpack.test.rest.XPackRestIT test {p0=ml/delete_expired_data/Test delete expired data with body parameters} elastic#131364 Mute org.elasticsearch.xpack.esql.vector.VectorSimilarityFunctionsIT testSimilarityBetweenConstantVectorAndField {functionName=v_cosine similarityFunction=COSINE} elastic#131363 Mute org.elasticsearch.xpack.esql.vector.VectorSimilarityFunctionsIT testDifferentDimensions {functionName=v_cosine similarityFunction=COSINE} elastic#131362 Mute org.elasticsearch.xpack.esql.vector.VectorSimilarityFunctionsIT testSimilarityBetweenConstantVectors {functionName=v_cosine similarityFunction=COSINE} elastic#131361 Check SCORE_FUNCTION capability in VerifierTests (elastic#131352) Replace deprecated routingTable table call in tests (elastic#131005) [DOCS] Remove misused applies_to tag (elastic#131349) Adj ivf postings list building (elastic#130843) [Transform] Read metadata from Project State (elastic#131205) Add note on o11y to architecture guide (elastic#131291) Upgrade AWS Java SDK to 2.31.78 (elastic#131050) Support Fields API in conditional ingest processors (elastic#121914) ESQL - KNN function uses prefilters when pushed down to Lucene (elastic#131004) Add docs for ES|QL query logs (elastic#131287) Simplify `expectedFinalRegisterValue` computation (elastic#131274) Mute org.elasticsearch.test.rest.yaml.RcsCcsCommonYamlTestSuiteIT test {p0=search/110_field_collapsing/field collapsing, inner_hits and maxConcurrentGroupRequests} elastic#131348 ...
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adding documentation for ES|QL Query Log, similar to Search Slow Log.