Hello,
We are testing an Elasticsearch cluster. Here are details.
- ES & Kibana version - OpenDistro 1.11.0
- Cluster has 2 data only nodes and 2 master only nodes.
- One index - It has 3 shards and 1 replica
- The index has ~ 5.5 million records. Primary store size is 44.9gb. While creating index, no field mapping is defined.( types for fields).
If we invoke search API on Elasticsearch from Kibana’s Dev tools, the response is always fast, in less than 500ms. Below one returns about 600 records.
GET /myIndex/_search?pretty
{
"query": {
"bool": {
"must": [
{"match_phrase": {"content": "ABC"}},
{"match_phrase": {"content": "PQR"}},
{"match_phrase": {"content": "XYZ"}}
]
}
}
}
If we run similar query in Kibana’s Discover using index pattern that has only myIndex, the query is not responding most of the time.
content : ABC and content : PQR and content : XYZ
Kibana docker is run with below command. All kibana configuration is default with certificates added.
docker run -d -p 5601:5601 -v /opt/kibana/kibana.yml:/usr/share/kibana/config/kibana.yml --name odfe-kibana amazon/opendistro-for-elasticsearch-kibana:1.11.0
Where could be issue in this case ? Is there anything we should check on Kibana side for this? Thanks in advance.