Hello,
we are on ES6.8 with a big cluster (many terabytes indexed per day), and sometimes the search thread pool fills up (currently the len is set to 1000).
We would like to know which queries are filling our search queue.
I'm aware of "slowlog", but I would like to know:
Thanks
The slowlog mechanism is logging queries that exceed a manually configured threshold, it does not introduce some new heavy query mechanism, if you are afraid of that.
And it is the one key to find slow queries, there are no other. The other workaround I could imagine is to log the full query time from start to query being returned in your application, that will also include network traffic (which is a good thing to have a full overview).
Thanks for your answer.
We would also like to know who is the user that is running a certain slow query.
We've found this parameter in the documentation (of audit):
xpack.security.audit.index.events.emit_request_body: true
but I would like to know if it's possible to enable query tracing only for slow queries (the above parameter seems to do it for every request).
Thanks
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.