cheatsheets/cheatsheets/datascience/elasticsearch.md

---

title: Elasticsearch Summary categories: [cheatsheets]

tags: [data]

Elasticsearch Summary

A good resource on getting started with elasticsearch is the official Documentation

Terminology

Cluster

Collection of one or mode nodes (servers). Default Name: elasticsearch. Data can be distributed to multiple clusters.

Node

Single server in the cluster. Identified by its name (aka UUID). Default: the default node is joined the elasticsearch cluster

Index

Collection of documents with similar characteristics. (Comparable to a table in a DB) Indizes are identified by a uniqe name.

Document

Basic unit of information that can be indexed. Documents are expressed in JSON.

Shards & Replicas

Indizes can be subdivided into multiple peaces called "shards". This is for example needed of the documents in the index are taking up too much space. A shard is a fully-functional & independent "index"

Configuration and Settings

• Default Port: 9200 (REST API)
• Default Clustername: elasticsearch
• Settings in config/elasticsearch.yml
• Basic URL: http://localhost:9200/index/Endpoint/?function

API: Getting Information

• Information about the Master

  GET http://localhost:9200/_cat/master
  

• Information about the Nodes

  GET http://localhost:9200/_cat/nodes
  

• Information about the Indices

  GET http://localhost:9200/_cat/indices
  

• Document Count

  GET http://localhost:9200/_cat/count/<index>/
  

• Cluster Health

  Green - everything is good (cluster is fully functional)

  Yellow - all data is available but some replicas are not yet allocated (cluster is fully functional)

  Red - some data is not available for whatever reason (cluster is partially functional)

  GET http://localhost:9200/_cat/health
  

Working with Data

• Creating a new index 'myindex'

  PUT http://localhost:9200/myindex?pretty
  

• Adding a document to the index

• '1' is the ID of the document (optional)

  • if no ID is supplied, elasticsearch will autogenerate an ID

  • if no ID is supplied, the HTTP Method POST instead of PUT must be used!

    PUT http://localhost:9200/myindex/_doc/1?pretty
    {
    "Name":"Peter"
    }
    

• Retrieve that document:

  GET http://localhost:9200/myindex/_doc/1?pretty
  

• Delte that document:

  DELTE http://localhost:9200/myindex/_doc/1?pretty
  

• Bulk Actions

  • Again, no ID must be supplied when using the _bulk API: ({"index":{}})

    POST http://localhost:9200/myindex/_bulk?pretty
    {"index":{"_id":"1"}}
    {"name": "John Doe" }
    {"index":{"_id":"2"}}
    {"name": "Jane Doe" }
    

Searching

The search functionality is available through the _search endpoint.

Simple Search

Simple sarchers can be done by using the query variable via the request URL. An easy search would be:

GET /myindex/_search?q=searchterm

the results can also be sorted by using the sort parameter:

GET /myindex/_search?q=searchterm?sort=name:asc?pretty

Advanced Search

A more detailed and in-depth search can be done by submitting the query via the request body. The format of the query is as follows:

GET /myindex/_search
{
    "query": {"match":{"name":"searchforthisname"}},
    "sort": [
        {"name":"asc"}
    ]
}

More Details can be found here