We have observed in our stack that a lot of the users are making queries without specifying a single indexed field. And we would like to soft-warn our users when they do so.
What would be the best way to implement something like that?
I thought of a few options -
- Chrome extension
- Kibana plugin
- Implement rejecting the query in the proxy layer (we run a proxy layer)
Any recommendations ?