Hello Steveg,
I'd be curious about more of the details you're running into so that I could maybe help understand what's going on in your specific situation. It sounds like you've reached out to Support for this before, otherwise I would do the standard suggestion to have them take a look at your specific situation.
A couple of things just to start with a foundation:
1) nDepth works best searching the last week of data. Outside of that your mileage may vary and may vary quite a bit based on your environment.
2) The default search timeout can actually scale up to 30 minutes by default.
Here's the standard KB article for this type of issue if you want to review the standard suggestions:
With proper reservations (48 million events per day, I would say 6 cores and 24 GB at a minimum and 8 and 32 if you wanted better performance) for your setup you should be able to pull back a search for a week in a few minutes if you didn't have any filters. There are definitely other variables that can go into it, so it's worth investigating those as well.
How many rules do you have firing per day? Very active rules can contribute to performance issues.
Have you had Support test the LEM's effective IOPS? I mention this as slower disk (as unlikely as it may be in your situation) can manifest itself as performance issues.
If there is some performance or configuration issues for your LEM, then Support should be able to help identify those and they could be causing an issue with nDepth searches.
That's all assuming the basics though, at least:
Reservations are set appropriately for the event load.
Searching in the last week.
Outside of that situation many more variables can come into play and it would help to have more specific information on what you're running into in your environment.