I installed my own ELK stack following the docker documentation guideline, now we have a container with ELK installed into it. We've 237,524 logs saved into elasticserch already. For put those messages, I've made a simple node.js script which read from mongodb some documents and push it into elasticsearch directly - no logstash usage.
Log messages have a filed type. So type is our index and his value is the type.
Now, what we're experiencing is that a very bad performance to retrieve logs searching in the discover section, it can take about 15 seconds to shows all results.
The issue seems related to the frontend and not to the backend, in fact, I tried also to make some query using curl and the same resultset of data come up in less than 1 second. We increased the discover:sampleSize property up to 10000 this because we would use ELK in development environment also and sometimes we need to retrieve a large dataset of logs for our investigation. My question is that what I can do to increase that performance? Aside to reduce the discover:sampleSize of course. If you need some other information about my configuration please ask me.
Thanks in advance,