Skip to content

Elasticsearch

January 9, 2025
August 3, 2015

Elasticsearch

Elasticsearch | Elastic
Elasticsearch Reference | Elastic
Elasticsearch Clients | Elastic
Elasticsearch Plugins and Integrations | Elastic
Elasticsearch: The Definitive Guide | Elastic For 2.x

Open Distro for Elasticsearch | Open Distro AWS's distro after Elasticsearch.co's license change

A Practical Introduction to Elasticsearch | Elastic
Elasticsearch 5.0.0 GA released | Elastic
Six Ways to Crash Elasticsearch | Elastic
Monitoring Kafka with Elastic Stack: Filebeat | Elastic uses 5.0 ingest pipeline
Setting Up Elasticsearch for a Blog | Elastic create index, mapping via API, 2.x
Elasticsearch as a NoSQL Database | Elastic
Reindex is coming! | Elastic

Elasticsearch by Example: Part 1 – codeburst
Elasticsearch by Example: Part 2 – codeburst
Elasticsearch by Example: Part 3 – codeburst
Elasticsearch by Example: Part 4 – codeburst
Elasticsearch by Example: Part 5 – codeburst

Get data from Elasticsearch by id using http from @wfbutton on @eggheadio
Using Elasticsearch as the Primary Data Store
rekibnikufesin/elasticsearch-intro
dwyl/learn-elasticsearch: Learn how to use ElasticSearch to power a great search experience for your project/product/website.

Elasticsearch Cheat Sheet for developers
A Useful Elasticsearch Cheat Sheet in Times of Trouble
Elasticsearch Developer Cheat Sheet
Elasticsearch Devops Cheat Sheet and Snippets

Getting started with Elasticsearch and Node.js - Part 1
Getting started with Elasticsearch and Node.js - Part 2
Getting started with Elasticsearch and Node.js - Part 3

CLI API

# create index
http PUT http://elasticsearch:9200/INDEX
# get index
http -b http://elasticsearch:9200/INDEX?pretty
# get index mapping (schema)
http -b http://elasticsearch:9200/INDEX/_mapping
# get all indices
http -b http://elasticsearch:9200/_cat/indices?pretty
# get all index templates
http -b http://elasticsearch:9200/_template?pretty

# _reindex
curl -XPOST elasticsearch:9200/_reindex?pretty -d'{
  "source": {
    "index": "src",
    "query": {
      "match": {
        "tags": "bananas"
      }
    }
  },
  "dest": {
    "index": "dest"
  }
}'
http -b POST http://elasticsearch:9200/_reindex?pretty << EOF
{
  "source": {
    "index": "src",
    "query": {
      "match": {
        "tags": "bananas"
      }
    }
  },
  "dest": {
    "index": "dest"
  }
}
EOF

# performance, stats
## show on-going tasks
http "http://elasticsearch:9200/_tasks?pretty&detailed&actions=*reindex,*byquery"

# insert document
http -b POST http://elasticsearch:9200/INDEX/TYPE?pretty << EOF
{
  "userId": 10,
  "name": {
    "first": "Katherine",
    "last": "Jones"
  },
  "tags": ["trick manager", "restaurant manager"]
}
EOF

# get mapping
http http://elasticsearch:9200/INDEX/TYPE/_mapping?pretty
{
  "name" : {
    "properties" : {
      "name" : {
        "properties" : {
          "first" : {
            "type" : "string"
          },
          "last" : {
            "type" : "string"
          }
        }
      },
      "tags" : {
        "type" : "string"
      },
      "userId" : {
        "type" : "long"
      }
    }
  }
}

taskrabbit/elasticsearch-dump: Import and export tools for elasticsearch
ElasticSearchCLITools/esTail: ElasticSearch CLI Tail - This application simulate the tail command against a index which has a @timestamp

API Conventions | Elasticsearch Reference | Elastic
Document APIs | Elasticsearch Reference | Elastic
Search APIs | Elasticsearch Reference | Elastic
Indices APIs | Elasticsearch Reference | Elastic vs Document's index API?
cat APIs | Elasticsearch Reference | Elastic return data in tabulated forms

GUI

Elasticvue - Elasticsearch gui for the browser

Internals

Elasticsearch from the Bottom Up, Part 1 | Elastic !important, Lucent links
Elasticsearch from the Top Down | Elastic
Elasticsearch in Production | Elastic !important, network partition, profiling endpoints
Elasticsearch Internals - Tracking in-sync shard copies | Elastic
Elasticsearch Hot Warm Architecture | Elastic

An index is stored in a set of shards, which are themselves Lucene indices consisting of segments. Search happens on segments. Documents marked deleted will be removed when segments are merges.
Elasticsearch creates 5 shards per index by default.

Where are my documents?Refreshing news... | Elastic
Disk-Based Field Data a.k.a. Doc Values | Elastic inverted index
Sparse versus dense document values with Apache Lucene | Elastic

Index Creation/Mapping

index template to control how the daily index is generated
Mapping will be generated dynamically but it:

Mapping | Elasticsearch Reference | Elastic
An Introduction to Elasticsearch Mapping | Elastic !important
The schema in Elasticsearch is a mapping that describes the the fields in the JSON documents along with their data type, as well as how they should be indexed in the Lucene indexes that lie under the hood. Because of this, in Elasticsearch terms, we usually call this schema a “mapping”.
"Mapping type" (keys at root level of mapping) is the name of type in index, see below.
An field can be of "multi-field" type to support multiple way of indexing (or not at all).
Index vs. Type | Elastic
In the past we tried to make elasticsearch easier to understand by building an analogy with relational databases: indices would be like a database, and types like a table in a database. This was a mistake. Types are being phased out since 5.x.
A Data Exploration Workflow for Mappings | Elastic insert a document and reference the dynamically generated mapping
Managing Relations Inside Elasticsearch | Elastic
Elasticsearch has a concept of "query time" joining with parent/child-relations and "index time" joining with nested types.
Indices, types, and parent / child: current status and upcoming changes in Elasticsearch | Elastic
And the big one said "Rollover" — Managing Elasticsearch time-based indices efficiently | Elastic introduces Rollover template
Removal of mapping types in Elasticsearch 6.0 | Elastic

Data types

Elasticsearch replaces string type with two new types text and keyword. | Elastic text vs keyword (full text vs exact match)
Numeric and Date Ranges...Just Another Brick in the Wall | Elastic
Searching numb3rs in 5.0 | Elastic

Ingest

Elastic search gained the power to ingest logs in 5.0. Consider it a little cousin of Logstash.

Writing Your Own Ingest Processor for Elasticsearch | Elastic
A New Way To Ingest - Part 1 | Elastic
A New Way To Ingest - Part 2 | Elastic
Elastic Ingest Node: A Client's Perspective | Elastic

Text Analyzer

All About Analyzers, Part One | Elastic
All About Analyzers, Part Two | Elastic

Match query also went through standard analyzer and term query looks for exact match.

Query

Elasticsearch is powered by Apache Lucene query language.

Query DSL | Elasticsearch Reference | Elastic

Troubleshooting Elasticsearch searches, for Beginners | Elastic !important
Painless Scripting Language | Elasticsearch Reference | Elastic
Lucene Expressions Language | Elasticsearch Reference | Elastic

Painless: A New Scripting Language | Elastic
Using Painless in Kibana scripted fields | Elastic
A Profile a Day Keeps the Doctor Away: The Elasticsearch Search Profiler | Elastic
In which order are my Elasticsearch queries/filters executed? | Elastic
The Great Query Refactoring: Thou shalt only parse once | Elastic
Instant Aggregations: Rewriting Queries for fun and profit | Elastic
Monitoring the Search Queries | Elastic monitoring production Elasticsearch with Packetbeats

Elasticsearch.pm - Part 4: Querying and Search Options

set explain to true on search object

SQL

An Introduction to Elasticsearch SQL with Practical Examples - Part 1 | Elastic
SQL Access | Elasticsearch Reference [6.3] | Elastic

Lucene

Apache Lucene - Apache Lucene Core
org.apache.lucene.queryparser.classic (Lucene 6.4.1 API)
Welcome to Lucene Tutorial.com - Lucene Tutorial.com

Aggregation

Elasticsearch's New Aggregations | Elastic

Aggregation groups documents into buckets of documents; replaces facets since 1.0

Scaling

Sizing Elasticsearch | Elastic scaling Elasticsearch, shard and index, inverted index
Every Shard deserves a home. | Elastic
Scaling Elasticsearch, Kibana, Beats, and Logstash | Elastic Architecture, 5.x
Elasticsearch Hot Warm Architecture | Elastic

Securing Elasticsearch

Securing Elasticsearch and Kibana | X-Pack for the Elastic Stack | Elastic
Getting Started with Elasticsearch and SSL & Native Authentication | Elastic
Getting Started with Shield’s Document Level Security in Elasticsearch | Elastic

Discovery

github/elasticsearch-srv-discovery: Elasticsearch discovery with SRV records
lithiumtech/elasticsearch-consul-discovery: Consul based node discovery plugin for elasticsearch

Curator

elastic/curator: Curator: Tending your Elasticsearch indices
Curator Reference | Elastic