Is there a transitional setting to automatically register queries as documents in an specific index. I see Percolate but is not exactly the same and also slowqueries, but in this case it goes to a file and you have to have for example Logstash to index them to Elastic.
Would be useful to have the possibility to direct update a setting and begin indexing them and then update it to no do it.
What's your goal? Are you wanting to register/save queries so you can use them later as a query you execute? E.g. sorta like stored procedures in SQL databases?
Or are you wanting to log the queries being executed, to check for slow queries, see what keywords users are querying, etc?
Not really, is more for profile purposes, for example for knowing the queries that some application is doing to elastic, despite it are slow or not
Ah, ok. In that case, there isn't a good, automated way to do it at the moment. The best way to accomplish this is by collecting the queries as they are executed from your application. If you can't do that, the slowlog is the next best. If you set the slowlog to 0ms threshold, it logs all queries.
This obviously isn't ideal, since the log format is somewhat difficult to parse, and queries are recorded on a per-shard basis. But it can work.
We'd like to have better collection of queries in the future, it just hasn't been done yet.
Note: the Shield plugin can do audit logging, so that you know what endpoints users are executing. So that may work for you, depending on your requirements.
Ok, thanks would be nice having it by default 
thanks!
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.