Skip to content

Configure Index Slow Logs

Description

Amazon Elasticsearch Index Slow Logs provide insights into how fast or slow indexing operations are performed. Once enabled, your logs are captured in CloudWatch Logs under the log group you specify. By correctly analyzing your index slow logs you can keep track of all the index operations that take longer than a certain specified amount of time to execute.

For further information about Index Slow Logs, refer to the Amazon Elasticsearch documentation.

Rationale

Enable Index Slow Logs to understand why indexing/adding documents take so long, and optize these operations.

Applies To

  • Databases

Tags

This rule is applied when the following tags are present:

Tag With Value
secureclouddb/provider aws
secureclouddb/service elasticsearch

Default Rule

const { isAwsElasticsearch } = aws

/**
 * @param {Object} awsElasticsearchDomainStatus - Elasticsearch Domain Status
 * @returns {boolean} true if the Index Slow Logging group is configured
 */
function validate(databaseSettings) {

    const { enabled, logGroupArn } =
        isAwsElasticsearch(databaseSettings) &&
        databaseSettings.awsDatabaseInstance.elasticsearchDomain.logPublishingOptions &&
        databaseSettings.awsDatabaseInstance.elasticsearchDomain.logPublishingOptions.indexSlowLogs || {}

    const success = enabled && !!logGroupArn // To avoid empty arn

    return {
        success,
    }
}

// invoke
validate(databaseSettings);