Plugins: Apply adhoc filter in Elasticsearch logs query (#21346)

Fixes #21086

public/app/plugins/datasource/elasticsearch/datasource.ts

@@ -343,7 +343,7 @@ export class ElasticDatasource extends DataSourceApi<ElasticsearchQuery, Elastic
         target.metrics = [queryDef.defaultMetricAgg()];
         // Setting this for metrics queries that are typed as logs
         target.isLogsQuery = true;
-        queryObj = this.queryBuilder.getLogsQuery(target, queryString);
+        queryObj = this.queryBuilder.getLogsQuery(target, adhocFilters, queryString);
       } else {
         if (target.alias) {
           target.alias = this.templateSrv.replace(target.alias, options.scopedVars, 'lucene');

public/app/plugins/datasource/elasticsearch/query_builder.ts

@@ -379,7 +379,7 @@ export class ElasticQueryBuilder {
     return query;
   }
 
-  getLogsQuery(target: any, querystring: string) {
+  getLogsQuery(target: any, adhocFilters?: any, querystring?: string) {
     let query: any = {
       size: 0,
       query: {
@@ -389,6 +389,8 @@ export class ElasticQueryBuilder {
       },
     };
 
+    this.addAdhocFilters(query, adhocFilters);
+
     if (target.query) {
       query.query.bool.filter.push({
         query_string: {

public/app/plugins/datasource/elasticsearch/specs/query_builder.test.ts

@@ -476,7 +476,6 @@ describe('ElasticQueryBuilder', () => {
 
         it('should set correct explicit sorting', () => {
           const order = testGetTermsQuery({ order: 'desc' });
-          console.log({ order });
           checkSort(order, 'desc');
           expect(order._count).toBeUndefined();
         });
@@ -496,11 +495,68 @@ describe('ElasticQueryBuilder', () => {
         });
       });
 
-      it('getTermsQuery should request documents and date histogram', () => {
-        const query = builder.getLogsQuery({}, '');
-        console.log({ query });
-        expect(query).toHaveProperty('query.bool.filter');
-        expect(query.aggs['2']).toHaveProperty('date_histogram');
+      describe('getLogsQuery', () => {
+        it('should return query with defaults', () => {
+          const query = builder.getLogsQuery({}, null, '*');
+
+          expect(query.size).toEqual(500);
+
+          const expectedQuery = {
+            bool: {
+              filter: [{ range: { '@timestamp': { gte: '$timeFrom', lte: '$timeTo', format: 'epoch_millis' } } }],
+            },
+          };
+          expect(query.query).toEqual(expectedQuery);
+
+          expect(query.sort).toEqual({ '@timestamp': { order: 'desc', unmapped_type: 'boolean' } });
+
+          const expectedAggs = {
+            2: {
+              aggs: {},
+              date_histogram: {
+                extended_bounds: { max: '$timeTo', min: '$timeFrom' },
+                field: '@timestamp',
+                format: 'epoch_millis',
+                interval: '$__interval',
+                min_doc_count: 0,
+              },
+            },
+          };
+          expect(query.aggs).toMatchObject(expectedAggs);
+        });
+
+        it('with querystring', () => {
+          const query = builder.getLogsQuery({ query: 'foo' }, null, 'foo');
+
+          const expectedQuery = {
+            bool: {
+              filter: [
+                { range: { '@timestamp': { gte: '$timeFrom', lte: '$timeTo', format: 'epoch_millis' } } },
+                { query_string: { analyze_wildcard: true, query: 'foo' } },
+              ],
+            },
+          };
+          expect(query.query).toEqual(expectedQuery);
+        });
+
+        it('with adhoc filters', () => {
+          const adhocFilters = [
+            { key: 'key1', operator: '=', value: 'value1' },
+            { key: 'key2', operator: '!=', value: 'value2' },
+            { key: 'key3', operator: '<', value: 'value3' },
+            { key: 'key4', operator: '>', value: 'value4' },
+            { key: 'key5', operator: '=~', value: 'value5' },
+            { key: 'key6', operator: '!~', value: 'value6' },
+          ];
+          const query = builder.getLogsQuery({}, adhocFilters, '*');
+
+          expect(query.query.bool.must[0].match_phrase['key1'].query).toBe('value1');
+          expect(query.query.bool.must_not[0].match_phrase['key2'].query).toBe('value2');
+          expect(query.query.bool.filter[1].range['key3'].lt).toBe('value3');
+          expect(query.query.bool.filter[2].range['key4'].gt).toBe('value4');
+          expect(query.query.bool.filter[3].regexp['key5']).toBe('value5');
+          expect(query.query.bool.filter[4].bool.must_not.regexp['key6']).toBe('value6');
+        });
       });
     });
   });