Elasticsearch data source

Elasticsearch is a search and analytics engine used for a variety of use cases. You can create many types of queries to visualize logs or metrics stored in Elasticsearch, and annotate graphs with log events stored in Elasticsearch.

The following resources will help you get started with Elasticsearch and Grafana:

Key capabilities

The Elasticsearch data source supports:

Metrics queries: Aggregate and visualize numeric data using bucket and metric aggregations.
Log queries: Search, filter, and explore log data with Lucene query syntax.
Annotations: Overlay Elasticsearch events on your dashboard graphs.
Alerting: Create alerts based on Elasticsearch query results.

Before you begin

Before you configure the Elasticsearch data source, you need:

An Elasticsearch instance (v7.17+, v8.x, or v9.x)
Network access from Grafana to your Elasticsearch server
Appropriate user credentials or API keys with read access

Note
If you use Amazon OpenSearch Service (the successor to Amazon Elasticsearch Service), use the OpenSearch data source instead.

Supported Elasticsearch versions

Warning
The Elasticsearch data source plugin currently does not support Elastic Cloud Serverless, or any other serverless variant of Elasticsearch.

This data source supports these versions of Elasticsearch:

≥ v7.17
v8.x
v9.x

The Grafana maintenance policy for the Elasticsearch data source aligns with Elastic Product End of Life Dates. Grafana ensures proper functionality for supported versions only. If you use an EOL version of Elasticsearch, you can still run queries, but the query builder displays a warning. Grafana doesn’t guarantee functionality or provide fixes for EOL versions.