We have built a Repo Document Search Engine[RDSE] using ElasticSearch.
Multiple users from multiple organisation will use the RDSE.
We need to audit those query along with the user information this would enable us to analyse the search queries being performed by different groups of users.
This would give us insight into what a particular group of user or organisation wants or interested in.
I found something similar to this on Elastic Search blog monitoring the queries
We can use the above method to monitor queries but we cannot match with the users.
From my point of view, this can be done by adding placeholders in Query DSL for users.
Example:
{"query": {"match_all": {}}, "user":{"username":"X", "user_organisation":"Y"}}
Is the above possible in ElasticSearch I don't know whether ElasticSearch support above kind of placeholders.
The second one is I have to index the search query every user search in separate ElasticSearch instance but I don't know efficient this will be.