diff --git a/x-pack/plugins/observability_solution/logs_shared/server/lib/adapters/log_entries/kibana_log_entries_adapter.ts b/x-pack/plugins/observability_solution/logs_shared/server/lib/adapters/log_entries/kibana_log_entries_adapter.ts
index e4eed9b61d349..10b19ebb5d472 100644
--- a/x-pack/plugins/observability_solution/logs_shared/server/lib/adapters/log_entries/kibana_log_entries_adapter.ts
+++ b/x-pack/plugins/observability_solution/logs_shared/server/lib/adapters/log_entries/kibana_log_entries_adapter.ts
@@ -28,6 +28,21 @@ import { TIMESTAMP_FIELD, TIEBREAKER_FIELD } from '../../../../common/constants'
 
 const TIMESTAMP_FORMAT = 'epoch_millis';
 
+const MAX_BUCKETS = 1000;
+
+function getBucketIntervalStarts(
+  startTimestamp: number,
+  endTimestamp: number,
+  bucketSize: number
+): Date[] {
+  // estimated number of buckets
+  const bucketCount = Math.ceil((endTimestamp - startTimestamp) / bucketSize);
+  if (bucketCount > MAX_BUCKETS) {
+    throw new Error(`Requested too many buckets: ${bucketCount} > ${MAX_BUCKETS}`);
+  }
+  return timeMilliseconds(new Date(startTimestamp), new Date(endTimestamp), bucketSize);
+}
+
 export class LogsSharedKibanaLogEntriesAdapter implements LogEntriesAdapter {
   constructor(private readonly framework: KibanaFramework) {}
 
@@ -134,11 +149,7 @@ export class LogsSharedKibanaLogEntriesAdapter implements LogEntriesAdapter {
     bucketSize: number,
     filterQuery?: LogEntryQuery
   ): Promise<LogSummaryBucket[]> {
-    const bucketIntervalStarts = timeMilliseconds(
-      new Date(startTimestamp),
-      new Date(endTimestamp),
-      bucketSize
-    );
+    const bucketIntervalStarts = getBucketIntervalStarts(startTimestamp, endTimestamp, bucketSize);
 
     const query = {
       allow_no_indices: true,