Kibana (5.x version) times out and changes status to RED for some time if a user submits any query taking long time like searching across all indexes with query starting with *. Kibana recovers automatically but its inaccessible during that time for all users. Please note that ES is still accessible and can be queried using curl etc.
Can we kill such query from backend or any other way to stop the in-process query from Kibana. There is no way to stop the in-process query from kibana.
How can we make Kibana immediately available after status changes to RED due to query timeout.
Can you share the status you are getting? The only searching we do as a part of our healthcheck (which determines the elasticsearch plugins status) is against the kibana index, which I can't imagine would be blocked by the slow query you're describing...
First thing that comes to mind is using a separate cluster for kibana admin and data, this is done with the elasticsearch.tribe.url and might not be around forever, but it would isolate the healthcheck and kibana index from slow queries executed by other users...
Any logs or errors or screenshots you can provide would be helpful.
The issue occurs if a user fires a long running query from Kibana which times out after 300000ms as shown in screenshot. This makes Kibana inaccessible to other users as well. While the status is red I am able to query ES health using curl. Hope this clarifies.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
