[Feat Req] Elasticsearch Adhoc filter query by query_string vs match_phrase

[davewat]

Please include this information:

What Grafana version are you using? 5.2

What datasource are you using? Elasticsearch

What OS are you running grafana on? CentOS 7.4

What did you do? Adhoc filter in dashboard

What was the expected result? Cannot use the full power of Elasticsearch's Query DSL language

What happened instead? Limited to restrictive match_phrase configuration

Include raw network request & response: get by opening Chrome Dev Tools (F12, Ctrl+Shift+I on windows, Cmd+Opt+I on Mac), go the network tab.

The adhoc query builder for Elasticsearch Data Source uses match_phrase. If instead used query_string, would provide enhanced query capabilities with adhoc queries (multiple match options per selected field, OR, grouped, wildcard), allowing a greater use of the Elasticsearch query capabilities, while maintaining the standard layout of the Adhoc query filters. Today, to use the more complex queries, you must edit each panel's Metric-Query-Lucene Query field to match, which is labor intensive for each dashboard panel.

We have been doing this for sometime with our large Elasticsearch cluster, but was waiting until after ES Alerting was released, to ensure there was no impact. Will submit a PR.

This was one of the most requested changes by our team related to using Grafana with Elasticsearch.

Ref:
https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-query-string-query.html

[davewat]

Example of advanced Elasticsearch query capability.

[gretamosa]

Related #10918

[Elfo404]

I'm not really sure about it, but we may already have this feature.

we don't

[Elfo404]

given the way adHoc filters currently work, I'm not sure this would add much value.
As also mentioned in #12450 probably the best way to this for now is by using a variable.