Time Complexity: Index patterns for time-series
O(n)
0
0
Index patterns for time-series in Elasticsearch - Time & Space Complexity
Understanding Time Complexity
When working with time-series data in Elasticsearch, how fast queries run depends on how indexes are organized.
We want to understand how the number of indexes affects the time it takes to search data.
Scenario Under Consideration
Analyze the time complexity of this index pattern query.
GET /logs-2023.06.01,logs-2023.06.02,logs-2023.06.03/_search
{
"query": {
"range": {
"timestamp": {
"gte": "2023-06-01T00:00:00",
"lt": "2023-06-04T00:00:00"
}
}
}
}
This query searches across three daily indexes for logs within a date range.
Identify Repeating Operations
Look at what repeats when the query runs.
- Primary operation: Searching each index separately.
- How many times: Once per index included in the pattern.
How Execution Grows With Input
As you add more daily indexes to the pattern, the query runs on more indexes.
| Input Size (number of indexes) | Approx. Operations |
|---|---|
| 10 | 10 searches |
| 100 | 100 searches |
| 1000 | 1000 searches |
Pattern observation: The work grows directly with the number of indexes searched.
Final Time Complexity
Time Complexity: O(n)
This means the query time grows linearly as you add more indexes to search.
Common Mistake
[X] Wrong: "Searching multiple indexes is as fast as searching one because Elasticsearch is fast."
[OK] Correct: Each index adds extra work because Elasticsearch searches them in parallel, but the total work still grows with the number of indexes.
Interview Connect
Understanding how index patterns affect query time helps you design better data storage and faster searches in real projects.
Self-Check
"What if we combined daily indexes into one big index? How would the time complexity change?"