Add the ability to select between GET and POST method for queries, in order to support also Elasticsearch servers behind Load Balancers

[carminexx]

Background and remarks

Due to debatable design decisions made in Elasticsearch, the GET with body remained the standard to perform queries, and this is also the default behavior of the Logstash Elasticsearch Input plugin.

The issue is that GET requests with a body are non-standard (or at least "strongly discouraged" in several implementations).

This, for example, makes this Logstash plugin unusable when the Elasticsearch input server is behind a Google Load Balancer, that, by design, strips the request body in a GET request.
The same applies to Elasticsearch servers behind a WAF; behind a reverse proxy with strict enforcements on HTTP request format; and so on.

References

• Regarding Google Cloud Load Balancer, see here: https://issuetracker.google.com/issues/36886282
• And for HTTP/1.1 RFC, see here (section 4.3.1.): https://www.rfc-editor.org/rfc/rfc7231#page-24

Feature proposal

Add the ability to select the actual HTTP method used to perform the requests for queries, allowing the user to choose between the GET (that is, unfortunately, the standard) and the POST (also supported by Elasticsearch) verbs.

A simple idea may be to just add a field when creating the Logstash pipeline, like:

# [source,ruby]
#     input {
#       # Read all documents from Elasticsearch matching the given query
#       elasticsearch {
#         hosts => "localhost"
#         query => '{ "query": { "match": { "statuscode": 200 } }, "sort": [ "_doc" ] }'
#         query_method => 'POST'
#       }
#     }
#
# This would create an Elasticsearch query with the following format:
# [source,json]
#     curl --request POST 'http://localhost:9200/logstash-*/_search?&scroll=1m&size=1000' -d '{
#       "query": {
#         "match": {
#           "statuscode": 200
#         }
#       },
#       "sort": [ "_doc" ]
#     }'```