Live Query Resource Consumption Detection
infoThe Live Queries API enables real-time identification of currently executing queries consuming excessive CPU, memory, or running for unexpectedly long durations, allowing immediate intervention before they impact cluster stability.
Query the /_insights/live_queries endpoint to retrieve currently running searches sorted by latency, CPU, or memory. Focus on queries with measurements.latency exceeding expected thresholds or measurements.cpu/memory consumption significantly above baseline.
Use nodeId parameter to scope to specific nodes experiencing issues. Terminate problematic queries if necessary. Analyze query source patterns from verbose output to prevent recurrence. Combine with Top N queries historical data to identify persistent offenders. Implement query timeouts or resource limits based on findings.