Optimizing Elasticsearch for Timeseries data

spiral_circ · November 30, 2015, 7:30pm

Hi,

We use elasticsearch to store financial stock data, and was wondering if there is any optimizations that can be done to improve the performance w.r.t timeseries data.

We have around 3 million documents on a 2 node cluster. We have a field in the documents called "Time" which holds date+time value till milliseconds in epoch format, ex: 1448841600000.

Our basic use-case is to fetch the given number of the documents going back in time. Ex: Fetch the latest 1000 documents. This takes 5 seconds currently.

I was wondering if there is any tweaking that can be done so that elasticsearch optimizes the way it stores data for such usecases ?

Our current mapping for "Time" field:

"Time": {
"type": "long",
"fielddata": { }
},

Any help is appreciated.

Thanks,
Srikanth

warkolm · November 30, 2015, 8:16pm

Check out https://www.elastic.co/blog/elasticsearch-as-a-time-series-data-store to start.

Are you using time series indices?

spiral_circ · December 1, 2015, 9:38pm

Warkolm,

Thanks for the link, we kind of have similar mapping on our side.
By time series indices if you mean having different indices based on date/time, we dont. We have one index which holds all the data. Our usecase is to fetch the latest N documents irrespective of the date they below to.

Thanks,
Srikanth

warkolm · December 2, 2015, 6:38am

That's not ideal, I would change that.