Hi,
How do i get the total size of data received at my elasticsearch cluster for last 12 hours?
_stats API give total size of the cluster, but i need to filter out for only last 12 hours data received by elasticsearch
what is the query,or any specific API?
Help needed.
Regards,
Ramya
If you are looking for the size in bytes, it's not really doable unless you added previously the mapper size plugin.
If you are using time based indices you can may be try to guess what was the size for the last 2 days using index stats API.
Another basic solution would be to compute the average size of a typical document, count the number of documents during the period you want and multiply by this average size.
@dadoonet
How to do this
If you are using time based indices you can may be try to guess what was the size for the last 2 days using index stats API.
Hi @RamyaGowda Ramya
or you can determine size of daily indices if you have. And try to guess size of last 12 hour.
Switch for bytes:
bytes=b
ES Query
GET /_cat/indices/itles-sec*?v&bytes=b&h=index,store.size&s=store.size:asc
output:
index store.size
itles-sec-2019.06.23 33776464751
....@vasek Hi Vasek,
how could we guess how much data we recived for last 12 hours? it is a huge data that we are receiving.
Is there any filters can i apply on timestamp
I was thinking in a simple way.
33776464751 per day = per 24 hours
33776464751 / 2 = 16888232375.5
But I point out that it is not accurate but it is very fast.
Of course you can use this approach If amount of received data is the same between 0-12 and 12-24.
@vasek
Thank you 
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.