Skip to content

get_nodes creates too many buckets when the monitored cluster has many nodes #36892

New issue
Jump to bottom
New issue
Jump to bottom
Open
Open
get_nodes creates too many buckets when the monitored cluster has many nodes#36892
Labels
Team:MonitoringStack Monitoring teambugFixes for quality problems that affect the customer experience
@jpountz

Description

@jpountz
jpountz
opened on May 22, 2019

Kibana version: 7.0.1
Elasticsearch version: 7.0.1

get_nodes creates date_histogram aggregations nested under a terms aggregation that partitions by node. A user reported that this causes issues due to Elasticsearch's search.max_buckets limit that defaults to 10,000 since 7.0, see elastic/elasticsearch#42001.

The number of buckets is in the order of num_nodes * range_width / interval. Given the default interval of 10s and the default range of 1h, this means that the aggregation would fail if the monitored cluster has 28 nodes or more.

I'm happy to discuss options to address this issue.

Activity

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

No one assigned

    Labels

    Team:MonitoringStack Monitoring teambugFixes for quality problems that affect the customer experience

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions