[Feat Req] Elasticsearch Adhoc filter query by query_string vs match_phrase #12447
Description
Please include this information:
What Grafana version are you using? 5.2
What datasource are you using? Elasticsearch
What OS are you running grafana on? CentOS 7.4
What did you do? Adhoc filter in dashboard
What was the expected result? Cannot use the full power of Elasticsearch's Query DSL language
What happened instead? Limited to restrictive match_phrase configuration
Include raw network request & response: get by opening Chrome Dev Tools (F12, Ctrl+Shift+I on windows, Cmd+Opt+I on Mac), go the network tab.
The adhoc query builder for Elasticsearch Data Source uses match_phrase. If instead used query_string, would provide enhanced query capabilities with adhoc queries (multiple match options per selected field, OR, grouped, wildcard), allowing a greater use of the Elasticsearch query capabilities, while maintaining the standard layout of the Adhoc query filters. Today, to use the more complex queries, you must edit each panel's Metric-Query-Lucene Query field to match, which is labor intensive for each dashboard panel.
We have been doing this for sometime with our large Elasticsearch cluster, but was waiting until after ES Alerting was released, to ensure there was no impact. Will submit a PR.
This was one of the most requested changes by our team related to using Grafana with Elasticsearch.
Ref:
https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-query-string-query.html