Hi all,
I would like to get metrics about how many requests does Elasticsearch receive grouped by ip of the request sender.
My objective is to find which of my services are querying the most.
I checked the stats endpoint but found no hint.
Thanks in advance
Hi manropinxu!
You'll want the ES audit log for that: Enable audit logging | Elasticsearch Guide [8.3] | Elastic
Those events will contain an origin.address. You won't get exact per-query info but you will get info about connection & authentication.
Auditing search queries | Elasticsearch Guide [8.3] | Elastic has some details on how to get more query details.
The X-Opaque-Id header can also be helpful when trying to find clients causing slow queries or long-running tasks.
Observability | Elasticsearch JavaScript Client [8.3] | Elastic has details on that for the javascript client, but any elasticsearch client should support it.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.