In our elasticsearch datastore there are more than 120 million records but kibana is pulling up only 30 million records. Is there any way to view all the records.
Can you provide more details? What application in Kibana are you trying to use? Where is the 30 million number coming from?
The 30 million records are syslog events. On an average there are events > 100K coming within every 15 minutes. On dev tools i am able to query and get the actual number of records but in the discover tab if i chose the time period "This Year" i don't see more than 30 million events. Could you please help me ?
In the Discover app, can you open the network tab of your browser’s dev tools and grab the actual request being sent and received from elasticsearch? It should be a request to the _msearch endpoint. That should help us figure out if the problem lies in ES or kibana.
Thanks for your help. I fixed the issue; it was the timefield used in discover app was a wrong one. After changing, the discover tab is working fine.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.