important: this is not about using opensearch/elasticsearch to do log correlation (for which you find thousands of answers on the web) but instead about how to correlate the logs of elasticsearch itself with consumer applications which interact with it.
we’re running elasticsearch/opensearch in a kubernetes cluster as well as all consumers which interact with it (write data, run search queries, etc.). all applications (incl. our elasticsearch/opensearch clusters) log to standard out in a JSON format which in turn gets aggregated by the k8s infrastructure and stored in a dedicated elasticsearch cluster (monitoring infrastructure of the k8s cluster, unrelated to the one we’re running).
for our other applications we can do log correlation by sending a correlation ID with all (synchronous) calls. i couldn’t find anything about elasticsearch / opensearch also supporting a correlation ID which it then would write to its own log (as said, searching for this solution is hard as you always find answers for using elasticsearch for log correlation ).
is there some way to send correlation IDs with all calls to elasticsearch / opensearch which then also get logged? or would this be a new feature in which case i’d raise a new ticket for it?