Index: weblogs-2015.12.07 Shard: 0 Reason: ElasticsearchException[org.elasticsearch.common.breaker.CircuitBreakingException: [FIELDDATA] Data too large, data for [@timestamp] would be larger than limit of [6431991398/5.9gb]]; nested: UncheckedExecutionException[org.elasticsearch.common.breaker.CircuitBreakingException: [FIELDDATA] Data too large, data for [@timestamp] would be larger than limit of [6431991398/5.9gb]]; nested: CircuitBreakingException[[FIELDDATA] Data too large, data for [@timestamp] would be larger than limit of [6431991398/5.9gb]];
I think this is an elasticsearch issue, not a kibana issue. Kibana is just showing you the error that came from elasticsearch. I'm not sure how to move this to the elasticsearch discuss topic or if you would start another discussion there.
Yep it's an ES issue, it means your query would have caused an OOM and so it was stopped.
In this case you need to either add more heap to your/add more nodes, reduce the timeframe of the query or reindex everything set as not_analyzed to doc values.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.