Skip to content

Configure Search Slow Logs

Description

Amazon Elasticsearch Search Slow Logs provide insights into how fast or slow queries and fetches are performing. Once enabled, your logs are captured in CloudWatch Logs under the log group you specify. By correctly analyzing your slow logs you can keep track of all the search queries that take longer than a certain specified amount of time to execute.

For further information about Search Slow Logs, refer to the Amazon Elasticsearch documentation.

Rationale

Enable Search Slow Logs to understand why searches are slow and how to optimize them.

Applies To

  • Databases

Tags

This rule is applied when the following tags are present:

Tag With Value
secureclouddb/provider aws
secureclouddb/service elasticsearch

Default Rule

const { isAwsElasticsearch } = aws

/**
 * @param {Object} awsElasticsearchDomainStatus - Elasticsearch Domain Status
 * @returns {boolean} true if the Search Slow Logging group is configured
 */
function validate(databaseSettings) {

    const { enabled, logGroupArn } =
        isAwsElasticsearch(databaseSettings) &&
        databaseSettings.awsDatabaseInstance.elasticsearchDomain.logPublishingOptions &&
        databaseSettings.awsDatabaseInstance.elasticsearchDomain.logPublishingOptions.searchSlowLogs || {}

    const success = enabled && !!logGroupArn // To avoid empty arn

    return {
        success,
    }
}

// invoke
validate(databaseSettings);