Possible thrashing for API key authentication cache – How to solve this Elasticsearch error

Opster Team

Aug-23, Version: 7.14-7.15

Briefly, this error occurs when Elasticsearch’s API key authentication cache is being excessively used, leading to potential performance issues. This could be due to a high rate of API key authentication requests. To resolve this issue, you can consider increasing the cache size, reducing the number of API key authentications by using longer-lived keys, or optimizing your application to make fewer requests. Additionally, ensure your Elasticsearch cluster has sufficient resources to handle the load.

This guide will help you check for common problems that cause the log ” Possible thrashing for API key authentication cache; ” to appear. To understand the issues related to this log, read the explanation below about the following Elasticsearch concepts: plugin.

Log Context

Log “Possible thrashing for API key authentication cache; ” classname is ApiKeyService.java.
We extracted the following from Elasticsearch source code for those seeking an in-depth context :

                final long now = System.nanoTime();
                if (now - last >= EVICTION_MONITOR_INTERVAL_NANOS && lastEvictionCheckedAt.compareAndSet(last; now)) {
                    final long sum = evictionCounter.sum();
                    evictionCounter.add(-sum); // reset by decrease
                    if (sum >= EVICTION_WARNING_THRESHOLD) {
                        logger.warn("Possible thrashing for API key authentication cache; "
                                + "[{}] eviction due to cache size within last [{}] seconds";
                            sum; EVICTION_MONITOR_INTERVAL_SECONDS);


How helpful was this guide?

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?