Elasticsearch - A hands-on introduction

A presentation at DevClash St. Pölten by Alexander Reelsen

Elasticsearch - A hands-on introduction Alexander Reelsen Community Advocate alex@elastic.co | @spinscale

Agenda What is the Elastic Stack Elasticsearch introduction Elasticsearch practical demo Integrating Elasticsearch into your application

Product Overview

Solutions on top of the Elastic Stack

Elastic Stack building & lego blocks

Deployment options

Licensing

Elastic Stack building & lego blocks

Elasticsearch in 10 seconds Search Engine (FTS, Analytics, Geo), near real-time Distributed, scalable, highly available, resilient Interface: HTTP & JSON Heart of the Elastic Stack (Kibana, Logstash, Beats)

Installation & Start # https://www.elastic.co/downloads/elasticsearch wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.7.0-darwin-x86_64.tar.gz # wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.7.0-linux-x86_64.tar.gz # wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.7.0-windows-x86_64.zip tar zxf elasticsearch-7.7.0-darwin-x86_64.tar.gz cd elasticsearch-7.7.0 ./bin/elasticsearch wget https://artifacts.elastic.co/downloads/kibana/kibana-7.7.0-darwin-x86_64.tar.gz # wget https://artifacts.elastic.co/downloads/kibana/kibana-7.7.0-linux-x86_64.tar.gz # wget https://artifacts.elastic.co/downloads/kibana/kibana-7.7.0-windows-x86_64.zip tar zxf kibana-7.7.0-darwin-x86_64.tar.gz cd kibana-7.7.0 ./bin/kibana Point your browser to http://localhost:5601/

Click Dev-Tools Samples in Kibana Samples in Github

Demo

Indexing, Mapping & Enrichment Index API Bulk API Put Mapping API Datatypes Enrichment

Document search & Aggregations Query DSL Search API Aggregations

Administration tasks Snapshot and restore Reindexing ILM Monitoring Frozen Indices Securing a cluster

Elasticsearch Clients Not just glorified HTTP clients Retry after failure Sniﬃng Bulk helpers Java, JavaScript, Ruby, Go, .NET, PHP, Perl, Python, Rust

Elasticsearch is distributed! Scaling reads, scaling writes, ensuring high availibility Run as single node or hundreds of nodes together Users should never care if they query/index against a small or big cluster Add a new node, Elasticsearch will balance data & queries automatically Specialized roles (master, data, ingest, ml, voting only) Orchestration becomes more important as use-case clusters might be easier to maintain & upgrade than the one big cluster

More, more, more… More Queries, aggregations & data types Text analysis (phonetic search, search as you type) ILM, rollup, transform, frozen indices Security Alerting SQL Machine Learning Stack Monitoring Major version upgrades & deprecations Solutions (Observability, Enterprise Search, Security)

Summary Understanding search is hard Use the reference documentation Ask your users about expectations, do not guess!

Next steps Check out https://demo.elastic.co

Check out Observability Uptime Metrics Logs APM

Uptime

Metrics

Logs

APM

APM

Check out Security SIEM Endpoint Security

SIEM

Check out Enterprise Search Workplace Search App Search

App Search

Workplace Search

Connectors

Getting more help

Discuss Forum https://discuss.elastic.co

Community & Meetups https://community.elastic.co

Oﬃcial Elastic Training https://training.elastic.co

Thanks for listening Q&A Alexander Reelsen Community Advocate alex@elastic.co | @spinscale

Alexander Reelsen
@spinscale

1 / 38

This presentation gives a quick introduction into the Elastic Stack, its solutions built on top of it and dives immediately into Kibana and its Dev Tools to show of its basic functionality and how full text search works.

The kibana snippets are available at https://gist.github.com/spinscale/22aba88231aeea3e22cdbf204646d3ac