Elasticsearch a real-time distributed search and analytics engine
Download as PPTX, PDF0 likes69 views
Elasticsearch is a distributed, real-time search and analytics engine. It allows users to search, analyze, and combine full-text and structured data in a single system. Elasticsearch can index and search all fields and is accessed via a RESTful API. Popular users include Wikipedia, GitHub, and Stack Overflow. The document then discusses Elasticsearch terminology, installation, indexing and retrieving data, mappings and analysis, exact values versus full text search, advanced search capabilities, and index management.
![ADVANCE SEARCH.......
term Filter:is used to filter by
exact values
{"term":{"age":26}}
range Filter:
{"range": {"age": {
"gte":20,
"lt":30
}}}
terms Filter: allows to specify
multiple values
• { "terms": { "tag": [ "search", "full_text",
"nosql" ] }}
• Match all query
{ "match_all": {}}](https://image.slidesharecdn.com/elasticsearch-areal-timedistributedsearchandanalyticsengine-180402145057/85/Elasticsearch-a-real-time-distributed-search-and-analytics-engine-14-320.jpg)
![ADVANCE SEARCH.......
match Query:to query for a full-text or
exact value in almost any field.
{ "match": { "tweet": "About Search" }}
For exact values
{"match":{"age":26}}
multi_match query: same match
query on multiple fields
{
"multi_match": {
"query":
"full text search",
"fields":
[ "title", "body" ]
}
}](https://image.slidesharecdn.com/elasticsearch-areal-timedistributedsearchandanalyticsengine-180402145057/85/Elasticsearch-a-real-time-distributed-search-and-analytics-engine-15-320.jpg)
Elasticsearch a real-time distributed search and analytics engine
- 1. ELASTICSEARCH A real-time distributed search and analytics engine By Gautam Kumar
- 2. AGENDA • Introduction • Term ology • Installation & Talking to Elasticsearch • Inside cluster • Data In & Data out • Mapping & analysis • EXACT VALUES vs Full Text search • Advance Search • Index Managment
- 3. INTRODUCTION Why Elasticsearch? • A real-time distributed search and analytics engine. • Full-text search, structured search, analytics, and all three in combination. • Every field is indexed and searchable. • Access via a simple RESTful API, using a web client from your favorite programming language Who is using Elasticsearch: Wikipedia, GitHub, Stack Overflow
- 4. TERMOLOGY Database Index PUT /megacorp/employee /1 { "first_name" : "John", "last_name" : "Smith" } Tables Type employee Row Column Document Field { "first_name" : "John", "last_name" : "Smith" }
- 5. INSTALLATION & TALKING TO ELASTICSEARCH • Java API Node client- it doesn’t hold any data itself, but it knows what data lives on which node in the cluster, and can forward requests directly to the correct node. Transport client- used to send requests to a remote cluster • RESTful API with JSON over HTTP curl -XGET 'http://localhost:9200/_count?pretty' -d ' { "query": { "match_all": {} } } '
- 6. DATA IN & DATA OUT Indexing a Document- • By own id. PUT /{index}/{type}/{id} { "field": "value", } Index API • By autogenerated Id POST /website/blog/ { "title": "My second blog entry", "text": "Still trying this out...", "date": "2014/01/01" }
- 7. DATA IN & DATA …... Retrieving a Document GET /website/blog/123?pretty GET /website/blog/123?_source=title, text GET /website/blog/123/_source output { "_index" : "_type" : "_id" : "_version" : "found" : "_source" : "title": "text": "date": } "website", "blog", "123", 1, true, { "My first blog entry",
- 8. DATA IN & DATA …... Updating a Whole Document PUT /website/blog/123 { "title": "My first blog entry", "text": "I am starting to get the hang of this...", "date": "2014/01/02" } output { "_index" : "website", "_type" : "blog", "_id" : "123", "_version" : 2, "created": false }
- 9. DATA IN & DATA …... Creating a New Document PUT /website/blog/123/_create { "title": "My first blog entry", "text": "I am starting to get the hang of this...", "date": "2014/01/02" } output { "_index" : "website", "_type" : "blog", "_id" : "123", "_version" : 2, "created": false }
- 10. DATA IN & DATA …... Deleting a Document DELETE /website/blog/123 output { "found" : "_index" : "_type" : "_id" : "_version" : true, "website", "blog", "123", 3 }
- 11. MAPPING & ANALYSIS Mapping-How the data in each field is interpreted GET /gb/_mapping/tweet { "gb": { "mappings": { "tweet": { "properties": { "name": {"type":"text" }, Analysis-How full text is processed to make it searchable GET /_analyze?analyzer=standard Text to analyze { "tokens": [ { "token": "start_offset": "end_offset": "type": "position": }, { "token": "start_offset": "end_offset": "type": "position":2
- 12. EXACT VALUES VS FULL TEXT SEARCH Exact values: are exactly what they sound like. Examples are a date or a user ID GET /_search?q=date:2014-09-15 GET /_search?q=date:2014 Full text, on the other hand, refers to textual data like the text of a tweet or the body of an email. GET /_search?q=2014 GET /_search?q=2014-09-15 /gb/_search /gb,us/_search /gb/user/_search /gb,us/user,tweet/_search /_all/user,tweet/_search
- 13. ADVANCE SEARCH Structure of Query GET /_search { "query": { "match": { "tweet": "elasticsearch" } } } Combining Multiple Clauses { "bool": { "must": { "match": { "tweet": "elasticsearch" }}, "must_not": { "match": { "name": "mary" }}, "should": { "match": { "tweet": "full text" }} } }
- 14. ADVANCE SEARCH....... term Filter:is used to filter by exact values {"term":{"age":26}} range Filter: {"range": {"age": { "gte":20, "lt":30 }}} terms Filter: allows to specify multiple values • { "terms": { "tag": [ "search", "full_text", "nosql" ] }} • Match all query { "match_all": {}}
- 15. ADVANCE SEARCH....... match Query:to query for a full-text or exact value in almost any field. { "match": { "tweet": "About Search" }} For exact values {"match":{"age":26}} multi_match query: same match query on multiple fields { "multi_match": { "query": "full text search", "fields": [ "title", "body" ] } }
- 16. INDEX MANAGMENT • Creating an Index: PUT /my_index { "settings": { ... any settings ... }, "mappings": { "type_one": { ... any mappings ... }, "type_two": { ... any mappings ... }, ... } }
- 17. ? Thank you
Editor's Notes
- #9: Documents in Elasticsearch are immutable; we cannot change them. Instead, if we need to update an existing document, we reindex or replace it,
- #17: prevent the automatic creation of indices by adding the following setting to the config/elasticsearch.yml file on each node: action.auto_create_index: false