summaryrefslogtreecommitdiffstats
path: root/health/guides/elasticsearch/elasticsearch_node_indices_search_time_query.md
diff options
context:
space:
mode:
Diffstat (limited to 'health/guides/elasticsearch/elasticsearch_node_indices_search_time_query.md')
-rw-r--r--health/guides/elasticsearch/elasticsearch_node_indices_search_time_query.md44
1 files changed, 44 insertions, 0 deletions
diff --git a/health/guides/elasticsearch/elasticsearch_node_indices_search_time_query.md b/health/guides/elasticsearch/elasticsearch_node_indices_search_time_query.md
new file mode 100644
index 000000000..3a82a64ac
--- /dev/null
+++ b/health/guides/elasticsearch/elasticsearch_node_indices_search_time_query.md
@@ -0,0 +1,44 @@
+### Understand the alert
+
+This alert is triggered when the average search time for Elasticsearch queries has been higher than the defined warning thresholds. If you receive this alert, it means that your search performance is degraded, and queries are running slower than usual.
+
+### What does search performance mean?
+
+Search performance in Elasticsearch refers to how quickly and efficiently search queries are executed, and the respective results are returned. Good search performance is essential for providing fast and relevant results in applications and services relying on Elasticsearch for their search capabilities.
+
+### What causes degraded search performance?
+
+Several factors can cause search performance degradation, including:
+
+- High system load, causing CPU, memory or disk I/O bottlenecks
+- Poorly optimized search queries
+- High query rate, resulting in a large number of concurrent queries
+- Insufficient hardware or resources allocated to Elasticsearch
+
+### Troubleshoot the alert
+
+1. Check the Elasticsearch logs for any error messages or warnings:
+
+ ```
+ cat /var/log/elasticsearch/elasticsearch.log
+ ```
+
+2. Monitor the system resources (CPU, memory, and disk I/O) using tools like `top`, `vmstat`, and `iotop`. Determine if there are any resource bottlenecks affecting the search performance.
+
+3. Analyze and optimize the slow search queries by using the Elasticsearch [Slow Log](https://www.elastic.co/guide/en/elasticsearch/reference/current/index-modules-slowlog.html).
+
+4. Evaluate the cluster health status by running the following Elasticsearch API command:
+
+ ```
+ curl -XGET 'http://localhost:9200/_cluster/health?pretty'
+ ```
+
+ Check for any issues that may be impacting the search performance.
+
+5. Assess the number of concurrent queries and, if possible, reduce the query rate or distribute the load among additional Elasticsearch nodes.
+
+6. If the issue persists, consider scaling up your Elasticsearch deployment or allocating additional resources to the affected nodes to improve their performance.
+
+### Useful resources
+
+1. [Tune for Search Speed - Elasticsearch Guide](https://www.elastic.co/guide/en/elasticsearch/reference/current/tune-for-search-speed.html)
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-18 03:58:13 +0000