Kibana querying indexes outside of supplied time range

[pjcard]

Kibana version: 5.5.3

Elasticsearch version: 5.5.1

Description of the problem including expected versus actual behavior:
In the discover tab, Kibana seems to be querying indexes which are outside of the time range set for the query

Steps to reproduce:

1. Import sample data with a time-field spanning multiple days using a per-day index with the format test-yyyy-mm-dd, where each index contains data only with the specified day's timestamp.
2. Define an index mapping as test-* without using the two deprecated options. Set its time field correctly.
3. Go to the discover tab, set a range of 2 days. Capture network traffic and note that there is only one query (msearch) which starts with the JSON {"index":["test-*"],
4. Open up the 'elastic request body' from the histogram UI, copy the code into the Search Profiler
5. Run the Search Profiler using the index reported in (3), which is test-*'
6. Note that the query unnecessarily hits every index matched by test-*, rather than just the two indicies containing the the data within the specified time range.
7. Create a new mapping, test-2017* this time use the deprecated "Expand index pattern when searching" option
8. Repeat step 3 using the new mapping, and note that this time only the indicies representing the two relevant days are queried.

[Bargs]

The search hits every index, but beginning in 5.6 elasticsearch added optimizations that will early terminate for any shard that has no results for that time range. So we're hitting every index, but the search should still be very fast.

[pjcard]

OK, thank you for the explanation, that does conform with what I saw.