I will try to explain the scenario, we are sending at most 10 parallel search queries(by diving the 2 weeks time in 10 buckets). Pasting the sample query we are using :
{"from": 0, "size": 0,"query":{"bool":{"must":[{"range": {"timestamp":
{"gte" : "2019-01-28 00:00","lte":"2019-01:30 00:00","format":"YYYY-MM-dd HH:mm", "time_zone": "+0530"}}} ,
{"bool":{"must": [{"bool":{"should": [{"match": {"group1":{"query":"search_str", "type": "phrase"}}},
{"match": {"group2":{"query":"search_str", "type": "phrase"}}}]}}]}}]}},
"aggregations": {"Timestamp":
{"terms": {"field": "timestamp","size": 2147483647,"order": { "_term": "desc"}},
"aggregations": {"dimension1": {"terms": {"field": "d1","size": 2147483647},
"aggregations": {"dimension2": {"terms": {"field": "d2","size": 2147483647},
"aggregations": {"dimension3": {"terms": {"field": "d3","size": 2147483647},
"aggregations": {"value": {"avg": {"field": "field_name"}}}}}}}}}}}}
Que.1 How does Elasticsearch divide these requests into tasks internally? I didn't find any resources regarding this.
Que.2 How can we optimize the query to get similar data in less time? Thinking of using scroll instead of aggregations..which is better?
I'm fairly new to ES so pardon me if I have asked any stupid questions.