ELK Issue with some search terms for any time range - 

http://xxx:5601/app/kibana#/discover?_g=(refreshInterval:(display:Off,pause:!f,value:0),time:(from:now-7d,mode:quick,to:now))&_a=(columns:!(_source),index:d1ad9790-94bb-11e8-85c0-d98c57cd80e4,interval:auto,query:(language:lucene,query:'*deptAndGL'),sort:!(timestamp,desc))

error - 

No results found 

Unfortunately Services could not find any results matching the customer search.

Customer is using an index with a date field. It is possible that their query does not match anything in the current time range, or that there is no data at all in the currently selected time range. Click the button below to open the time picker. For future reference, open the time picker by clicking on the  time picker button in the top right corner of the screen.

Refine the query

The search bar at the top uses Elasticsearch's support for Lucene Query String syntax. Let's say we're searching web server logs that have been parsed into a few fields.

Release : 1.2.1

Component : CA DOI AO PLATFORM COMPONENTS

- Highlighting raw_message. This highlights the entire message. So this why the shard access failed. This needs to be switched to raw_message_new. But that would be a future product change.
- Increased highlight.max_analyzed_offset from 100000 to 700000.
- Disabled highlighting
- Changed request timeout from 3000 to 90000
- Changed index to use replica index.