Kibana response time is slow

Elastic Stack Elasticsearch
1

Hello,

I am currently using the stack ELK for monitoring.

Here is my hardware specs :

Two machine : 30GB and 8CPU (15 GB JVM Heap).
Two small machine for logstash and kibana.
We are doing about 5MB to 500MB per index, 25 million documents.
4 shard per index, replication 1.

_cat/nodes :

heap.percent  ram.percent  ​​load node.role  master  ​name
   67 ​​​           7        ​0.18     ​​d ​        m  ​ elasticsearch-1
   5 ​            19 ​      0.02     ​​- ​        - ​​  logstash
   70            7        0.65     d          *   elasticsearch-2
   6             51       0.00     -         -            kibana

Currently kibana use about 6 seconds for display the data.
We use elasticsearch 1.7.2 and kibana 4.1.2.
I don't understand what is my bottleneck and I would greatly appreciate any help.

2

Hi,

Which index pattern are you using? For Kibana 4.1.2 make sure you've created your index patterns with "Use event times to create index names" checked. This will only search the indices that contain the time range you've specified and not all indices that match your pattern (ie. logstash-*).

https://www.elastic.co/guide/en/kibana/4.1/settings.html

3

This is because Kibana does a multi-search for all your "widgets" (you can see ajax queries in chrome console).

I have no idea why a such design, but it slows and makes my elasticsearch crash (I guess a big dashboard will make lot of concurrent I/O then boom!).