Configurable query logging using search pipelines #11188
Description
Is your feature request related to a problem? Please describe.
On #10650, I tried to derail things a little by asking "Couldn't these coordinator-level slow logs just be implemented as a SearchResponseProcessor? That would keep the code out of OpenSearch core (at least out of /server), be much more configurable (since search pipelines JSON config is way better than flat index settings), and could integrate nicely with cool future ideas like views.
That said, I could understand the argument for making coordinator slow logs "look like" shard-level slow logs, though I respectfully think they're both wrong. Consistently wrong is still consistent, and consistency is a good thing.
Describe the solution you'd like
Let's build a new, better query logging component using search pipelines!
It will be better than the existing slow logs, because it won't be limited to just slow logs. You can log any query you want, with orthogonal selector logic. Maybe you want to log any queries with "expensive" clauses (e.g. wildcards). Maybe you want to log all queries that had zero matches. You can log any query that contains the word "moose" (if you're so inclined).
Additionally, I don't want this logging component to have to output to a file. It should support configurable sinks. For v1, I would ship with a sink that writes to an OpenSearch index. You can use OpenSearch to search your query logs, since I hear that OpenSearch is pretty good for searching logs.
Describe alternatives you've considered
Arguably, this is the alternative to something like coordinator-level slow logs (e.g. #10650).
Additional context
N/A