This is documentation for the next version of Grafana documentation. For the latest stable release, go to the latest version.

Documentation Grafana documentation Data sources Elasticsearch

Elasticsearch data source

Elasticsearch is a search and analytics engine used for a variety of use cases. The built-in Elasticsearch data source lets you query and visualize logs or metrics stored in Elasticsearch, and annotate graphs with log events.

Key capabilities

The Elasticsearch data source supports:

• Metrics queries: Aggregate and visualize numeric data using bucket and metric aggregations.
• Log queries: Search, filter, and explore log data with Lucene query syntax.
• Annotations: Overlay Elasticsearch events on your dashboard graphs.
• Alerting: Create alerts based on Elasticsearch query results.
• ES|QL queries (experimental): Query data using Elasticsearch’s pipe-based query language.

Before you begin

Before you configure the Elasticsearch data source, you need:

• An Elasticsearch instance (v7.17+, v8.x, or v9.x)
• Network access from Grafana to your Elasticsearch server
• Appropriate user credentials or API keys with read access

Supported Elasticsearch versions

This data source supports these versions of Elasticsearch:

• ≥ v7.17
• v8.x
• v9.x
• Elastic Cloud Serverless

The Grafana maintenance policy for the Elasticsearch data source aligns with Elastic Product End of Life Dates. Grafana ensures proper functionality for supported versions only. If you use an EOL version of Elasticsearch, you can still run queries, but the query builder displays a warning. Grafana doesn’t guarantee functionality or provide fixes for EOL versions.

Get started

The following documentation helps you set up and use the Elasticsearch data source:

• Configure the data source
• Query editor
• Template variables
• Annotations
• Alerting
• Troubleshooting

Plugin updates

Starting with Grafana v13.0, the Elasticsearch data source is a standalone plugin, pre-installed in both Grafana OSS and Enterprise. This enables more frequent updates independent of Grafana releases. Grafana automatically checks the plugin catalog and installs the latest version on each server restart.

To adjust this behavior:

• Opt out of auto-updates: Set preinstall_auto_update to false in your configuration file.
• Update manually: Update at any time from the Administration > Plugins page without restarting Grafana.

Additional resources

Once you have configured the Elasticsearch data source, you can:

• Use Explore to run ad hoc queries against your Elasticsearch data.
• Configure and use template variables for dynamic dashboards.
• Add Transformations to process query results.
• Build dashboards to visualize your Elasticsearch data.

Related data sources

• OpenSearch - For Amazon OpenSearch Service.
• Loki - Grafana’s log aggregation system.