Profiling : "took" is much higher than all breakdown times

Retenodus · March 7, 2018, 7:36pm

Hello,

I have some kibana queries which take a very long time (it timeouts) and I struggle to see why, with Elasticsearch/Kibana 6.1.

My indice is 50Go in 10 hosts
For testing, I try a query on a very narrow timeframe (2s)
The query returns 16 results, then I use a GlobalOrdinalsStringTermsAggregator
The field aggregated are really ip addresses (all valid, I checked them) but the type is "string" in Elasticsearch

So in order to troubleshoot that, I tried to use the profiling API (see the result here)

Which surprises me is the big difference between "took" and the time breakdowns. What could be concerned by "took" except what's in the profiling ?

I read here that it could me network/http related but that does not explain why it's specifically on this aggregation.

Does someone know what could be the issue ?

Thank you,
Regards,
Grégoire

Retenodus · March 12, 2018, 11:27am

Hello,

Does someone have any idea why this query would take such a long time on a small sample of data ? The query is given here. Which other parameters would have an influence in these response times ?

Regards,
Grégoire

system · April 9, 2018, 11:27am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Time Difference with "took" and python timer Elasticsearch	6	506	December 28, 2021
Took is having a different value than the time ES is taking to show the result in Kibana Elasticsearch	6	485	April 4, 2019
Profile API time does not match top-level "took" Elasticsearch	2	987	July 5, 2017
Kibana search profiler accuracy Elasticsearch	4	286	November 17, 2021
Explain difference between Kibana "time ellapsed" and query "took" Kibana	8	1242	November 2, 2020

Profiling : "took" is much higher than all breakdown times

Related topics