Elasticsearch 7 Quick Start Guide

Elasticsearch 7 Quick Start Guide

by Anurag Srivastava, Douglas Miller
Released October 2019
Publisher(s): Packt Publishing
ISBN: 9781789803327

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Get the most out of Elasticsearch 7's new features to build, deploy, and manage efficient applications

Key Features

  • Discover the new features introduced in Elasticsearch 7
  • Explore techniques for distributed search, indexing, and clustering
  • Gain hands-on knowledge of implementing Elasticsearch for your enterprise

Book Description

Elasticsearch is one of the most popular tools for distributed search and analytics. This Elasticsearch book highlights the latest features of Elasticsearch 7 and helps you understand how you can use them to build your own search applications with ease.

Starting with an introduction to the Elastic Stack, this book will help you quickly get up to speed with using Elasticsearch. You'll learn how to install, configure, manage, secure, and deploy Elasticsearch clusters, as well as how to use your deployment to develop powerful search and analytics solutions. As you progress, you'll also understand how to troubleshoot any issues that you may encounter along the way. Finally, the book will help you explore the inner workings of Elasticsearch and gain insights into queries, analyzers, mappings, and aggregations as you learn to work with search results.

By the end of this book, you'll have a basic understanding of how to build and deploy effective search and analytics solutions using Elasticsearch.

What you will learn

  • Install Elasticsearch and use it to safely store data and retrieve it when needed
  • Work with a variety of analyzers and filters
  • Discover techniques to improve search results in Elasticsearch
  • Understand how to perform metric and bucket aggregations
  • Implement best practices for moving clusters and applications to production
  • Explore various techniques to secure your Elasticsearch clusters

Who this book is for

This book is for software developers, engineers, data architects, system administrators, and anyone who wants to get up and running with Elasticsearch 7. No prior experience with Elasticsearch is required.

Table of contents

  1. Title Page
  2. Copyright and Credits
    1. Elasticsearch 7 Quick Start Guide
  3. About Packt
    1. Why subscribe?
  4. Contributors
    1. About the authors
    2. About the reviewer
    3. Packt is searching for authors like you
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
      1. Download the example code files
      2. Download the color images
      3. Conventions used
    4. Get in touch
      1. Reviews
  6. Introduction to Elastic Stack
    1. Brief history and background
    2. Why use Elasticsearch?
    3. What is log analysis?
    4. Elastic Stack architecture
      1. Elasticsearch
      2. Kibana
      3. Logstash
      4. Beats
        1. Filebeat
        2. Metricbeat
        3. Packetbeat
        4. Auditbeat
        5. Winlogbeat
        6. Heartbeat
    5. Use cases of the Elastic Stack
      1. System monitoring
      2. Log management
      3. Application performance monitoring
      4. Data visualization
    6. Summary
  7. Installing Elasticsearch
    1. Installation of Elasticsearch
      1. Installing Elasticsearch on Linux
      2. Installing Elasticsearch using the Debian package
      3. Installing Elasticsearch using the rpm package
        1. Installing rpm manually
        2. SysV
        3. systemd
      4. Installing Elasticsearch using MSI Windows Installer
        1. Elasticsearch upgrade on Windows
        2. Uninstall Elasticsearch on Windows
      5. Installing Elasticsearch on macOS
      6. Checking whether Elasticsearch is running
    2. Summary
  8. Many as One – the Distributed Model
    1. API conventions
      1. Handling multiple indices
      2. Common options for the API response
      3. Cluster state and statistics
        1. Cluster health status
        2. Cluster state
        3. Cluster stats
        4. Cluster administration
      4. Node state and statistics
        1. Operating system information
        2. Process information
        3. Plugin information
      5. Index APIs
      6. Document APIs
        1. Single-document APIs
          1. Creating a document
          2. Viewing a document
          3. Deleting a document
          4. Delete by query
          5. Updating a document
        2. Multi-document APIs
    2. Summary
  9. Prepping Your Data – Text Analysis and Mapping
    1. What is an analyzer?
    2. Anatomy of an analyzer
      1. How to use an analyzer
        1. The custom analyzer
        2. The standard analyzer
        3. The simple analyzer
        4. The whitespace analyzer
        5. The stop analyzer
        6. The keyword analyzer
        7. The pattern analyzer
        8. The language analyzer
        9. The fingerprint analyzer
      2. Normalizers
      3. Tokenizers
        1. The standard tokenizer
        2. The letter tokenizer
        3. The lowercase tokenizer
        4. The whitespace tokenizer
        5. The keyword tokenizer
        6. The pattern tokenizer
        7. The simple pattern tokenizer
      4. Token filters
      5. Character filters
        1. The HTML strip character filter
        2. The mapping character filter
        3. The pattern replace character filter
    3. Mapping
      1. Datatypes
        1. The simple datatype
        2. The complex datatype
        3. The specialized datatype
      2. Multi-field mapping
      3. Dynamic mapping
      4. Explicit mapping
    4. Summary
  10. Let's Do a Search!
    1. Introduction to data search
    2. Search API
      1. URI search
      2. Request body search
        1. Query
        2. From/size
        3. Sort
        4. Source filtering
        5. Fields
        6. Script fields
        7. Doc value fields
        8. Post filter
        9. Highlighting
        10. Rescoring
        11. Search type
        12. Scroll
        13. Preference
        14. Explanation
        15. Version
        16. min_score
        17. Named queries
        18. Inner hits
        19. Field collapsing
      3. Search template
      4. Multi search template
      5. Search shards API
      6. Suggesters
      7. Multi search API
      8. Count API
      9. Validate API
      10. Explain API
      11. Profile API
        1. Profiling queries
        2. Profiling aggregations
        3. Profiling considerations
      12. Field capabilities API
    3. Summary
  11. Performance Tuning
    1. Data sparsity
      1. Solutions to common problems
        1. Mixing exact search with stemming
        2. Inconsistent scoring
      2. How to tune for indexing speed
        1. Bulk requests
        2. Smart use of the Elasticsearch cluster
        3. Increasing the refresh interval
        4. Disabling refresh and replicas
        5. Allocating memory to the filesystem cache
        6. Using auto generated IDs
        7. Using faster hardware
        8. Indexing buffer size
      3. How to tune for search speed
        1. Allocating memory to the filesystem cache
        2. Using faster hardware
        3. Document modeling
        4. Searching as few fields as possible
        5. Pre-index data
        6. Mapping identifiers as keywords
        7. Avoiding scripts
        8. Searching with rounded dates
        9. Force-merging read-only indices
        10. Prepping global ordinals
        11. Prepping the filesystem cache
        12. Using index sorting for conjunctions
        13. Using preferences to optimize cache utilization
        14. Balancing replicas
      4. How to tune search queries with the Profile API
        1. Faster phrase queries
        2. Faster prefix queries
      5. How to tune for disk usage
        1. Disabling unused features
        2. Do not use default dynamic string mappings
        3. Monitoring shard size
        4. Disabling source
        5. Using compression
        6. Force merge
        7. Shrink indices
        8. Using the smallest numeric type needed
        9. Putting fields in order
    2. Summary
  12. Aggregating Datasets
    1. What is an aggregation framework?
      1. Advantages of aggregations
      2. Structure of aggregations
    2. Metrics aggregations
      1. Avg aggregation
      2. Weighted avg aggregation
      3. Cardinality aggregation
      4. Extended stats aggregation
      5. Max aggregation
      6. Min aggregation
      7. Percentiles aggregation
      8. Scripted metric aggregation
      9. Stats aggregation
      10. Sum aggregation
    3. Bucket aggregations
      1. Adjacency matrix aggregation
      2. Auto-interval date histogram aggregation
        1. Intervals
      3. Composite aggregation
      4. Date histogram aggregation
      5. Date range aggregation
      6. Filter/filters aggregation
      7. Geo distance aggregation
      8. Geohash grid aggregation
      9. Geotile grid aggregation
      10. Histogram aggregation
      11. Significant terms aggregation
      12. Significant text aggregation
      13. Terms aggregation
    4. Pipeline aggregations
      1. Avg bucket aggregation
      2. Derivative aggregation
      3. Max bucket aggregation
      4. Min bucket aggregation
      5. Sum bucket aggregation
      6. Stats bucket aggregation
      7. Extended stats bucket aggregation
      8. Percentiles bucket aggregation
      9. Moving function aggregation
      10. Cumulative sum aggregation
      11. Bucket script aggregation
      12. Bucket selector aggregation
      13. Bucket sort aggregation
    5. Matrix aggregations
      1. Matrix stats
    6. Summary
  13. Best Practices
    1. Failure to obtain the required data
      1. Incorrectly processed text
      2. Gazillion shards problem
      3. Elasticsearch as a generic key-value store
      4. Scripting and halting problem
    2. The best cluster configuration approaches
      1. Cloud configuration
      2. On-site configuration
      3. Data-ingestion patterns
      4. Index aliases to simplify workflow
        1. Why use aliases?
      5. Using index templates to save time
      6. Using _msearch for e-commerce applications
      7. Using the Scroll API to read large datasets
    3. Data backup and snapshots
      1. Monitoring snapshot status
      2. Managing snapshots
      3. Deleting a snapshot
      4. Restoring a snapshot
      5. Renaming indices
      6. Restoring to another cluster
    4. Data Analytics using Elasticsearch
    5. Summary
  14. Other Books You May Enjoy
    1. Leave a review - let other readers know what you think

Product information

  • Title: Elasticsearch 7 Quick Start Guide
  • Author(s): Anurag Srivastava, Douglas Miller
  • Release date: October 2019
  • Publisher(s): Packt Publishing
  • ISBN: 9781789803327