Elasticsearch查询慢日志配置

shard级别的查询慢日志会将慢查询（查询和获取阶段）记录到elasticsearch_cluster_index_search_slowlog.log日志中。

设置查询慢日志各种级别下的阀值，同时也支持多索引（索引名按逗号分隔）和全索引（用*通配符）操作。

curl -XPUT --tlsv1.2 --negotiate -k -v -u : 'https://ip:httport/myindex-001/_settings?pretty' -H 'Content-Type: application/json' -d'
{
"index.search.slowlog.threshold.query.warn": "10s",
"index.search.slowlog.threshold.query.info": "5s",
"index.search.slowlog.threshold.query.debug": "2s",
"index.search.slowlog.threshold.query.trace": "500ms",
"index.search.slowlog.threshold.fetch.warn": "1s",
"index.search.slowlog.threshold.fetch.info": "800ms",
"index.search.slowlog.threshold.fetch.debug": "500ms",
"index.search.slowlog.threshold.fetch.trace": "200ms",
}'

index.search.slowlog.threshold.query.*：对应日志级别下的阀值，查询阶段慢于该阀值即打印日志。

index.search.slowlog.threshold.fetch.*：对应日志级别下的阀值，提取阶段慢于该阀值即打印日志。