| author | Oleksandr Gavenko <gavenkoa@gmail.com> |
| Tue, 03 Nov 2020 19:31:40 +0200 | |
| changeset 2446 | ad63d001b5f4 |
| parent 2429 | 238b04562c8c |
| permissions | -rw-r--r-- |
| 2199 | 1 |
|
2 |
=============== |
|
3 |
elasticsearch |
|
4 |
=============== |
|
| 2203 | 5 |
.. contents:: |
6 |
:local: |
|
| 2199 | 7 |
|
|
2206
e765d2924785
Tune for disk usage.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2203
diff
changeset
|
8 |
Elasticsearch documentation |
|
e765d2924785
Tune for disk usage.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2203
diff
changeset
|
9 |
=========================== |
|
e765d2924785
Tune for disk usage.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2203
diff
changeset
|
10 |
|
|
e765d2924785
Tune for disk usage.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2203
diff
changeset
|
11 |
https://amsterdam.luminis.eu/2016/10/18/elasticsearch-5-is-coming-what-is-new-and-improved/ |
|
e765d2924785
Tune for disk usage.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2203
diff
changeset
|
12 |
New features of ES 5. |
|
e765d2924785
Tune for disk usage.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2203
diff
changeset
|
13 |
|
| 2313 | 14 |
Releases |
15 |
======== |
|
16 |
||
17 |
https://github.com/elastic/elasticsearch/releases |
|
18 |
Git releases & tags. |
|
19 |
https://www.elastic.co/support/eol |
|
20 |
Elastic Product End of Life Dates. |
|
21 |
||
|
2318
2463c53f0d9e
Install Elasticsearch with Debian Package.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2313
diff
changeset
|
22 |
Installing & configuring |
|
2463c53f0d9e
Install Elasticsearch with Debian Package.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2313
diff
changeset
|
23 |
======================== |
|
2463c53f0d9e
Install Elasticsearch with Debian Package.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2313
diff
changeset
|
24 |
|
|
2463c53f0d9e
Install Elasticsearch with Debian Package.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2313
diff
changeset
|
25 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/deb.html |
|
2463c53f0d9e
Install Elasticsearch with Debian Package.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2313
diff
changeset
|
26 |
Install Elasticsearch with Debian Package. |
|
2463c53f0d9e
Install Elasticsearch with Debian Package.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2313
diff
changeset
|
27 |
|
| 2321 | 28 |
Basic config |
29 |
============ |
|
30 |
||
31 |
Common cluster name inside given intranet:: |
|
32 |
||
33 |
cluster.name: mycluster |
|
34 |
||
|
2429
238b04562c8c
Dump applied configs.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2361
diff
changeset
|
35 |
Unique node name within claster:: |
| 2321 | 36 |
|
37 |
node.name: "node1" |
|
38 |
||
39 |
Node types:: |
|
40 |
||
41 |
node.master: true |
|
42 |
node.ingest: true |
|
43 |
node.data: true |
|
44 |
||
45 |
Network interfaces to bind to:: |
|
46 |
||
47 |
network.host: [_local_, node1.example.com] |
|
48 |
||
49 |
Port definitions:: |
|
50 |
||
51 |
http.port : 9200 |
|
52 |
tcp.port : 9300 |
|
53 |
||
54 |
Override default locations:: |
|
55 |
||
56 |
path.data: /path/to/data1,/path/to/data2 |
|
57 |
path.logs: /path/to/logs |
|
58 |
path.plugins: /path/to/plugins |
|
59 |
||
60 |
Explicit list of seed nodes in cluster:: |
|
61 |
||
62 |
discovery.zen.ping.unicast.hosts: ["master1.example.com", "master2.example.com:9300"] |
|
63 |
||
|
2429
238b04562c8c
Dump applied configs.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2361
diff
changeset
|
64 |
Dump applied configs:: |
|
238b04562c8c
Dump applied configs.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2361
diff
changeset
|
65 |
|
|
238b04562c8c
Dump applied configs.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2361
diff
changeset
|
66 |
GET /_cluster/settings?include_defaults=true |
|
238b04562c8c
Dump applied configs.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2361
diff
changeset
|
67 |
|
| 2321 | 68 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html |
69 |
Node types. |
|
70 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-discovery-zen.html |
|
71 |
Discovery settings. |
|
72 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-transport.html |
|
73 |
Transport definitions. |
|
|
2429
238b04562c8c
Dump applied configs.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2361
diff
changeset
|
74 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-http.html |
|
238b04562c8c
Dump applied configs.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2361
diff
changeset
|
75 |
Configuring Elasticsearch » HTTP |
|
238b04562c8c
Dump applied configs.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2361
diff
changeset
|
76 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-network.html |
|
238b04562c8c
Dump applied configs.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2361
diff
changeset
|
77 |
Configuring Elasticsearch » Network settings |
| 2321 | 78 |
|
| 2199 | 79 |
REST syntax conventions |
80 |
======================= |
|
81 |
||
82 |
To get data in table form use ``/_cat`` endpoint:: |
|
83 |
||
84 |
GET /_cat/nodes |
|
85 |
||
86 |
To pretty print output append query:: |
|
87 |
||
|
2279
8c9e8c734f98
Added more examples.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2269
diff
changeset
|
88 |
GET /_cat/nodes?pretty=1 |
| 2199 | 89 |
|
90 |
Get base information |
|
91 |
==================== |
|
92 |
||
93 |
Cluster health:: |
|
94 |
||
95 |
GET /_cat/health?v |
|
|
2202
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
96 |
GET /_cluster/health?pretty |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
97 |
GET /_cluster/health?pretty&level=cluster |
| 2199 | 98 |
|
|
2202
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
99 |
List of nodes in cluster (ip, RAM, CPU):: |
| 2199 | 100 |
|
101 |
GET /_cat/nodes?v |
|
102 |
GET /_cat/master?v |
|
103 |
||
|
2279
8c9e8c734f98
Added more examples.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2269
diff
changeset
|
104 |
watch -d curl -s 'localhost:9200/_cat/nodes?v' |
|
8c9e8c734f98
Added more examples.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2269
diff
changeset
|
105 |
|
|
2202
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
106 |
List cluster state:: |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
107 |
|
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
108 |
GET /_cluster/state?pretty |
| 2321 | 109 |
GET /_cluster/allocation/explain |
|
2202
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
110 |
|
|
2207
5085ac83075b
List of tasks executed in cluster.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2206
diff
changeset
|
111 |
List of tasks executed in cluster:: |
|
5085ac83075b
List of tasks executed in cluster.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2206
diff
changeset
|
112 |
|
|
5085ac83075b
List of tasks executed in cluster.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2206
diff
changeset
|
113 |
GET /_cat/tasks?v |
|
5085ac83075b
List of tasks executed in cluster.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2206
diff
changeset
|
114 |
GET /_cat/tasks?detailed |
|
5085ac83075b
List of tasks executed in cluster.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2206
diff
changeset
|
115 |
GET _tasks |
|
5085ac83075b
List of tasks executed in cluster.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2206
diff
changeset
|
116 |
|
|
2202
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
117 |
List of indexes (status, health, size):: |
| 2199 | 118 |
|
119 |
GET /_cat/indices |
|
120 |
GET /_cat/indices?v |
|
121 |
GET /_cat/indices?v&s=index |
|
|
2202
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
122 |
GET /_cluster/health?pretty&level=indices |
| 2199 | 123 |
|
| 2355 | 124 |
List of shards:: |
125 |
||
126 |
GET /_cat/shards?v |
|
127 |
||
| 2199 | 128 |
List of mappings across all indexes:: |
129 |
||
130 |
GET /_mapping |
|
131 |
GET /_all/_mapping |
|
| 2361 | 132 |
GET /twitter,kimchy/_mapping |
133 |
||
134 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-get-mapping.html |
|
135 |
Get Mapping. |
|
| 2199 | 136 |
|
|
2202
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
137 |
List of shards:: |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
138 |
|
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
139 |
GET /_cluster/health?pretty&level=shards |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
140 |
|
| 2199 | 141 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/_cluster_health.html |
142 |
Cluster Health. |
|
| 2321 | 143 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-allocation-explain.html |
144 |
Cluster Allocation Explain API |
|
| 2199 | 145 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/_list_all_indices.html |
146 |
List All Indices. |
|
147 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/cat.html |
|
148 |
cat APIs. |
|
|
2207
5085ac83075b
List of tasks executed in cluster.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2206
diff
changeset
|
149 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/tasks.html |
|
5085ac83075b
List of tasks executed in cluster.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2206
diff
changeset
|
150 |
Task Management API. |
| 2199 | 151 |
|
152 |
Managing indexes |
|
153 |
================ |
|
154 |
||
|
2202
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
155 |
Assign number of shards and replicas:: |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
156 |
|
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
157 |
curl -XPUT -d '{settings: {index: "number_of_shards": 3, "number_of_replicas": 1}}'
|
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
158 |
|
| 2199 | 159 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/_delete_an_index.html |
160 |
Delete an Index. |
|
|
2202
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
161 |
https://github.com/elastic/curator |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
162 |
Manage/archive indices. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
163 |
https://www.elastic.co/guide/en/elasticsearch/client/curator/current/about.html |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
164 |
Elasticsearch Curator helps you curate, or manage, your Elasticsearch indices and snapshots. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
165 |
https://www.elastic.co/guide/en/elasticsearch/client/curator/current/about-features.html |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
166 |
Curator allows for many different operations to be performed to both indices and snapshots. |
| 2199 | 167 |
|
|
2202
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
168 |
https://www.elastic.co/guide/en/elasticsearch/guide/current/retiring-data.html |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
169 |
Retiring Data. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
170 |
|
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
171 |
Lucene search syntax |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
172 |
==================== |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
173 |
|
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
174 |
``TERM1 TERM2`` is same as ``TERM1 OR TERM2``. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
175 |
|
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
176 |
``"TERM1 TERM2"`` is for phrase. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
177 |
|
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
178 |
``"TERM1 TERM2"~5`` is for proximity. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
179 |
|
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
180 |
``TERM~0.8`` is for fuzzy. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
181 |
|
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
182 |
``*`` is for wildcard. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
183 |
|
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
184 |
Boosting is done with ``^N`` syntax, like ``TERM1^10 TERM2``. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
185 |
|
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
186 |
Range with ``[2017-01-01 TO 2017-02-29]``. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
187 |
|
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
188 |
Logical ``AND``, ``OR``, ``NOT`` and parentheses for grouping. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
189 |
|
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
190 |
Fields are set before colon, like ``FIELD:TERM``. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
191 |
|
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
192 |
https://www.elastic.co/guide/en/elasticsearch/reference/master/query-dsl-query-string-query.html |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
193 |
Query String Query |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
194 |
https://www.elastic.co/guide/en/elasticsearch/reference/master/query-dsl-simple-query-string-query.html |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
195 |
Simple Query String Query |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
196 |
|
| 2212 | 197 |
ES Query DSL |
198 |
============ |
|
199 |
||
|
2239
a7449247c914
_missing_:<field> was removed from Kibana 5.x.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2223
diff
changeset
|
200 |
``_exists_:<field>`` for testing field existence. |
|
a7449247c914
_missing_:<field> was removed from Kibana 5.x.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2223
diff
changeset
|
201 |
|
|
a7449247c914
_missing_:<field> was removed from Kibana 5.x.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2223
diff
changeset
|
202 |
.. note:: ``_missing_:<field>`` was removed from Kibana 5.x, use ``NOT _exists_:<field>``. |
| 2223 | 203 |
|
| 2240 | 204 |
``-<field>:<val>`` or ``-<field>:"<val>"`` for excluding field value. |
| 2212 | 205 |
|
|
2279
8c9e8c734f98
Added more examples.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2269
diff
changeset
|
206 |
``+<field>:<val>`` or ``+<field>:"<val>"`` for including field value. |
|
8c9e8c734f98
Added more examples.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2269
diff
changeset
|
207 |
|
| 2212 | 208 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-exists-query.html |
209 |
Exists Query |
|
210 |
||
211 |
||
|
2202
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
212 |
Performance |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
213 |
=========== |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
214 |
|
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
215 |
https://www.elastic.co/guide/en/elasticsearch/reference/5.5/search-profile.html |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
216 |
Profile API. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
217 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/_explain_analyze.html |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
218 |
Explain Analyze. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
219 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/search-explain.html |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
220 |
Explain API. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
221 |
|
|
2206
e765d2924785
Tune for disk usage.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2203
diff
changeset
|
222 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/tune-for-disk-usage.html |
|
e765d2924785
Tune for disk usage.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2203
diff
changeset
|
223 |
Tune for disk usage. |
|
2202
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
224 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/tune-for-indexing-speed.html |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
225 |
Tune for indexing speed. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
226 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/tune-for-search-speed.html |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
227 |
Tune for search speed. |
| 2269 | 228 |
https://www.elastic.co/blog/how-many-shards-should-i-have-in-my-elasticsearch-cluster |
229 |
How many shards should I have in my Elasticsearch cluster? |
|
|
2342
fb128fcaf50a
Storage requirements.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2321
diff
changeset
|
230 |
https://www.elastic.co/guide/en/elasticsearch/reference/master/heap-size.html |
|
fb128fcaf50a
Storage requirements.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2321
diff
changeset
|
231 |
Setting the heap size. |
|
fb128fcaf50a
Storage requirements.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2321
diff
changeset
|
232 |
|
|
fb128fcaf50a
Storage requirements.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2321
diff
changeset
|
233 |
Storage requirements |
|
fb128fcaf50a
Storage requirements.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2321
diff
changeset
|
234 |
==================== |
|
fb128fcaf50a
Storage requirements.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2321
diff
changeset
|
235 |
|
|
fb128fcaf50a
Storage requirements.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2321
diff
changeset
|
236 |
https://www.elastic.co/blog/elasticsearch-storage-the-true-story |
|
fb128fcaf50a
Storage requirements.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2321
diff
changeset
|
237 |
The true story behind Elasticsearch storage requirements (2015). |
|
fb128fcaf50a
Storage requirements.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2321
diff
changeset
|
238 |
https://www.elastic.co/blog/elasticsearch-storage-the-true-story-2.0 |
|
fb128fcaf50a
Storage requirements.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2321
diff
changeset
|
239 |
Part 2.0: The true story behind Elasticsearch storage requirements (2015). |
|
fb128fcaf50a
Storage requirements.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2321
diff
changeset
|
240 |
https://www.elastic.co/blog/minimize-index-storage-size-elasticsearch-6-0 |
|
fb128fcaf50a
Storage requirements.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2321
diff
changeset
|
241 |
Space Saving Improvements in Elasticsearch 6.0 (2017). |
|
2206
e765d2924785
Tune for disk usage.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2203
diff
changeset
|
242 |
https://www.elastic.co/blog/filebeat-modiles-access-logs-and-elasticsearch-storage-requirements |
|
e765d2924785
Tune for disk usage.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2203
diff
changeset
|
243 |
Filebeat modules, access logs and Elasticsearch storage requirements. |
|
2202
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
244 |
|
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
245 |
JSON search syntax |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
246 |
================== |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
247 |
|
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
248 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/search-request-from-size.html |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
249 |
Search results pagination. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
250 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-query-string-query.html |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
251 |
Query String Query. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
252 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/search-aggregations.html |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
253 |
Aggregation. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
254 |
https://www.elastic.co/guide/en/elasticsearch/reference/current/search-request-sort.html |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
255 |
Sort. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
256 |
|
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
257 |
Alerting |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
258 |
======== |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
259 |
|
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
260 |
https://github.com/Yelp/elastalert |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
261 |
Easy & Flexible Alerting With Elasticsearch. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
262 |
http://elastalert.readthedocs.io/en/latest/elastalert.html |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
263 |
Easy & Flexible Alerting With Elasticsearch. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
264 |
https://github.com/sirensolutions/sentinl/wiki/SENTINL-Alerts-in-Dashboard |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
265 |
SENTINL Alerts in Dashboard. |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
266 |
https://github.com/sirensolutions/sentinl/wiki/SENTINL-Config-Example |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
267 |
SENTINL Config Example |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
268 |
https://github.com/sirensolutions/sentinl/wiki/SENTINL-Tutorial |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
269 |
SENTINL Tutorial |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
270 |
https://github.com/sirensolutions/sentinl/wiki/SENTINL-Watcher-Anatomy |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
271 |
SENTINL Watcher Anatomy |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
272 |
https://github.com/sirensolutions/sentinl/wiki/SENTINL-Watcher-Examples |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
273 |
SENTINL Watcher Examples |
|
37bf9f7b8560
Managing indexes. Lucene search syntax. Performance. JSON search syntax. Alerting.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
2199
diff
changeset
|
274 |