Skip to content

[Filebeat] Create new file set for the new querylog file #43622

New issue
New issue
Open
Task
Open
[Filebeat] Create new file set for the new querylog file#43622
Task
Labels
>enhancementFeature:Stack MonitoringFilebeatFilebeatModule:elasticsearchElasticsearch Beats modulesTeam:MonitoringStack Monitoring team
@consulthys

Description

@consulthys
consulthys
opened on Apr 1, 2025

Describe the enhancement:

Following up on elastic/elasticsearch#142295 which will make all query logs (DSL, ES|QL, EQL and SQL) available along the same lines as how ES slow logs work, we should enhance the Filebeat elasticsearch module with a new file set to tail that new log.

Describe a specific use case for the enhancement or feature:

Adding this new file set will allow all Elasticsearch users:

  1. to collect all the DSL, ES|QL, EQL and SQL queries that are executed in their cluster
  2. to get better performance insights into those queries
  3. to know who runs those queries

Metadata

Metadata

Assignees

No one assigned

    Labels

    >enhancementFeature:Stack MonitoringFilebeatFilebeatModule:elasticsearchElasticsearch Beats modulesTeam:MonitoringStack Monitoring team

    Type

    Task

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions