Are there any downsides to using Dev Tools to search?

kanrab · July 13, 2021, 2:20pm

Suppose I make a Dev Tool Query like this:

GET _search 

{ 

   "query": { 

      "terms": { 

  	   "DestinationIP": [ 

    	      "100.42.74.212", 

    	      "101.50.1.23", 

    	      "101.99.90.41", 

    	      "103.114.160.253" 

  	      ] 

} 

   } 

}

Are there any serious downsides in doing so?

tony · July 13, 2021, 3:11pm

You would be searching all the indices. That would be a hit on the cluster.

BlackMetalz · July 14, 2021, 10:52am

You don’t need to do this i guess

kanrab · July 14, 2021, 2:19pm

How does this differ from a generic search? How do I view and specify my indices?

kanrab · July 14, 2021, 2:19pm

Why wouldn’t I need to?

tony · July 14, 2021, 2:43pm

Here is some of the basic api usage Popular APIs - Open Distro Documentation
The generic search you are doing is going to search all indices, so basically if you have 10 indices with 1gb of data each, it is going to search 10gb worth of data, rather than just 1gb of data if you can specify the index you want.

Topic		Replies	Views
Tools or tips for calculating fields' contributions to index size OpenSearch	2	249	October 24, 2022
Lengthy Opensearch Query formed from SQL using opendistro Open Source Elasticsearch and Kibana discuss , feature-request	0	303	January 20, 2023
Index settings total_fields.limit still exist? Index Management configure	1	1420	February 7, 2023
Writing DSL Query to find documents for dyanmic fields in the index Open Source Elasticsearch and Kibana	1	404	February 7, 2023
Clarification relevant to wildcard query General Feedback	2	1249	August 9, 2022

Are there any downsides to using Dev Tools to search?

Related Topics