What is Elasticsearch?
Elasticsearch is fast, horizontally scalable open source search engine. It provides HTTP API for storing and indexing JSON documents and with default configuration it behaves a little bit like searchable NoSQL database.
Installation – RHEL/Centos
Check node’s health status:
$ curl 127.0.0.1:9200/_cat/health?v
Get list of current indices
$ curl 127.00.1:9200/_cat/indices?v
Understanding Elasticsearch Keywords and Terminology
CRUD Operations using RESTful API of Elasticsearch using Create, Read, Update, Delete
[code]
Create – Adding new document to elasticsearch is as easy as HTTP POST request:
$ curl -X POST 127.0.0.1:9200/monitor/logs?pretty -d ‘{
“kind”: “info”,
“message”: “The server is up and running”
}’
#{
# “_index” : “monitor”,
# “_type” : “logs”,
# “_id” : “AVoWblBE6fU5oFCNC7jY”,
# “_version” : 1,
# “result” : “created”,
# “_shards” : {
# “total” : 2,
# “successful” : 1,
# “failed” : 0
# },
# “created” : true
#}
As not many people would actually enjoy inserting documents one by one, there’s also bulk insert option.
$ curl -X POST 127.0.0.1:9200/monitor/logs/_bulk -d ‘
{ “index”: {}}
{ “kind” : “warn”, “message”: “Using 90% of memory” }
{ “index”: {}}
{ “kind”: “err”, “message”: “OutOfMemoryException: Epic fail has just happened” }
‘
Read – when we have something in the index, we can perform simple search to read the documents back.
curl 127.0.0.1:9200/monitor/_search?pretty
#{
# ………
# “hits” : {
# “total” : 3,
# “max_score” : 1.0,
# “hits” : [
# {
# “_index” : “monitor”,
# “_type” : “logs”,
# “_id” : “AVoWe_7d6fU5oFCNC7jb”,
# “_score” : 1.0,
# “_source” : {
# “kind” : “err”,
# “message” : “OutOfMemoryException: Epic fail has just happened”
# }
# },
# {
# “_index” : “monitor”,
# “_type” : “logs”,
# “_id” : “AVoWe_7d6fU5oFCNC7ja”,
# “_score” : 1.0,
# “_source” : {
# “kind” : “warn”,
# “message” : “Using 90% of memory”
# }
# },
# {
# “_index” : “monitor”,
# “_type” : “logs”,
# “_id” : “AVoWblBE6fU5oFCNC7jY”,
# “_score” : 1.0,
# “_source” : {
# “kind” : “info”,
# “message” : “The server is up and running”
# }
# }
# ]
# }
#}
It’s also possible to get single document by its ID:
curl 127.0.0.1:9200/monitor/logs/AVoWblBE6fU5oFCNC7jY?pretty
#{
# …
# “_source” : {
# “kind” : “info”,
# “message” : “The server is up and running”
# }
#}
Update – Similarly, knowing document ID we can update it.
$ curl -X POST 127.0.0.1:9200/monitor/logs/AVoWe_7d6fU5oFCNC7jb -d ‘
{ “kind”: “err”,
“message”: “OutOfMemoryException: The server process used all available memory”
}’
Delete – When you need to get rid of something, HTTP DELETE will do the trick. E.g.
$ curl -X DELETE 127.0.0.1:9200/monitor/logs/AVoWe_7d6fU5oFCNC7jb
Search – The real power of elasticsearch is in search (duh). There’re two approaches for searching for data: the REST Request API for simple queries and more sophisticated Query DSL.
$ curl -s 127.0.0.1:9200/monitor/_search?q=memory | json_pp
$ curl -s 127.0.0.1:9200/monitor/_search -d ‘
[/code]
I’m a DevOps/SRE/DevSecOps/Cloud Expert passionate about sharing knowledge and experiences. I am working at Cotocus. I blog tech insights at DevOps School, travel stories at Holiday Landmark, stock market tips at Stocks Mantra, health and fitness guidance at My Medic Plus, product reviews at I reviewed , and SEO strategies at Wizbrand.
Please find my social handles as below;
Rajesh Kumar Personal Website
Rajesh Kumar at YOUTUBE
Rajesh Kumar at INSTAGRAM
Rajesh Kumar at X
Rajesh Kumar at FACEBOOK
Rajesh Kumar at LINKEDIN
Rajesh Kumar at PINTEREST
Rajesh Kumar at QUORA
Rajesh Kumar at WIZBRAND
