Simple queries takes lots of time and uses 100% cpu

aimarjg · November 14, 2019, 1:49pm

ok, good hint

first query, 500 results

second query after clearing the cache with following:
POST /winlogbeat-2019.11.14/_cache/clear
POST /winlogbeat-2019.11.13/_cache/clear

Result:
# POST /winlogbeat-2019.11.14/_cache/clear
{
"_shards" : {
"total" : 5,
"successful" : 5,
"failed" : 0
}
}

# POST /winlogbeat-2019.11.13/_cache/clear
{
  "_shards" : {
    "total" : 5,
    "successful" : 5,
    "failed" : 0
  }
}

Query time: 129ms
Request time: 634ms

so... even after clearing cache, second query is very fast (for the same data); how is that possible?!

Topic		Replies	Views
Filter and Query same taking some time Elasticsearch	7	369	July 6, 2017
Query Performance Elasticsearch	10	1911	July 6, 2017
Improve query time Elasticsearch	16	2162	July 6, 2017
Many slow transactions at index_search_slow_log_file Elasticsearch	12	545	July 6, 2017
Slow search process in kibana Discover Kibana	5	348	June 3, 2021