Hi, I have 4 nodes in a cluster. I ingest netflow through ELK 40~50G data per day with 3 replica shards, and query about 3000 times per second. I found the query perfomance is not good. I am trying to find out the bottle neck.Now it almost doesn't have Garbage collection overhead.
(1)query syntax
(2)hardware limit
(3)shards allocation
(4)distribute the query node not specified one node to query.
I want to know which one is the main reason.
thank you in advance!