Elastic 2.2.0 how to find the query

Hi all,

When looking to slow query logs, I found some binary.
I try to find in documentation how to make a link between a query and this binary.

Any idea?

regards
Jean-Luc

Example:
[2016-12-22 08:53:35,630][TRACE][index.search.slowlog.query] took[511.1ms], took_millis[511], types[], stats[], search_type[QUERY_THEN_FETCH], total_shards[1
0], source[{"query_binary":"ewogICAgICAgICJxdWVyeSI6ewogICAgICAgICAgImFuZCI6W3sKICAgICAgICAgICAgInJhbmdlIjp7CiAgICAgICAgICAgICAgImV2ZW50X2RhdGVUaW1lX3Byb2R1Y
3Rpb24iOnsKICAgICAgICAgICAgICAgICJndGUiOiIyMDE2LTEyLTIwVDAwOjAwOjAwIiwKICAgICAgICAgICAgICAgICJsdGUiOiIyMDE2LTEyLTIwVDIzOjU5OjU5IiwKICAgICAgICAgICAgICAgICJ0aW
1lX3pvbmUiOiAiRXVyb3BlL1BhcmlzIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfSwgeyJleGlzdHMiOnsiZmllbGQiOiJ3YXRjaExlZ2FjeSJ9fSAsewogICAgICAgICAgCSJ
ub3QiOiB7CiAgICAgICAgICAJCSJtYXRjaCI6IHsKICAgICAgICAgIAkJCSJldmVudF9zdGF0dXNfY29kZV9mdWxsIjogIlRFTVRFTSIKICAgICAgICAgIAkJfQogICAgICAgICAgCX0KICAgICAgICAgIH1d
CiAgICAgICAgfSwKICAgICAgICAic2l6ZSI6MAogICAgICB9"}], extra_source[],

Please format your code using </> icon as explained in this guide. It will make your post more readable.

Or use markdown style like:

```
CODE
```

query_binary was undocumented and has been removed in 5.0.
Out of curiosity, why are you using it?

Thanks for your answer. I understand why it was difficult to find a doc on this subject.
Also by curiosity; I'm trying to analyse performance on an elastic cluster.
I tried recently to increase the number of nodes without proving that it will be better.
Sometime the system hangs; on slow insert, I found some simple query with several seconds to insert.

On search, there are a lot of search around 500ms wich is not too good too and I wondering about the original query

[2017-10-03 10:26:37,203][INFO ][index.indexing.slowlog.index] took[6.4s], took_millis[6488], type[esProbe], id[a487f390-790a-4c08-86b7-7390e6b5cbd8], routing[] , source[{"application":"colis360","parcel_parcelReferences_ref":"6A14992183610","event_status_code_full":"AARCFM","producers_FileFlow_receivingDateTime":null,"event_places_site_code":"000844","esId":null,"producers_FileFlow_physicalName":"00084420170930152705844668720170930152705201","event_dateTime_production":"2017-09-30T15:26:40.374+02:00","producers_IdFlow":"DISURN","watchLegacy":"2017-10-03T03:51:11.426+02:00","indexMonth":"2017.09","correlationId":"00084420170930152705844668720170930152705201","event_places_site_network":"LA POSTE","header_productionDateTimeEAI":"2017-09-30T15:27:05.251+02:00","messageUuid":"a487f390-790a-4c08-86b7-7390e6b5cbd8","parcelUuid":"dac0de9f-a892-3cf8-b520-387d32a2106e","watchColis360":"2017-10-03T10:26:29.524+02:00"}]

I was more curious about why you are using query_binary in your code. Are you?

No
It is extracted from the log cluster-search_index_search_slowlog.log
I thought there was a trick to exploit this kind of logs

I see. Does it mean you don't know what the client applications are doing with your cluster?

Well, you know, an administrator is not a developer.
When I was an Oracle DBA, I was first analysing slow queries and AFTER asking why it was developed like that.
I read that this log is now written in json format.
On the other hand, a basic "insert" can take more than 6s so there is something else to investigate.
thanks

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.