Comprehensive ElasticSearch Command Guide (2026 Edition)
This article provides a step‑by‑step reference of essential ElasticSearch REST commands—including cluster health checks, node information, index management, document CRUD operations, and various search queries with examples and expected responses—helping practitioners efficiently manage and troubleshoot large ElasticSearch deployments.
1. Cluster health
Retrieve the health status of the cluster: GET /_cluster/health Typical JSON response includes:
{
"cluster_name": "es-cluster",
"status": "green",
"number_of_nodes": 3
}Status meanings :
green – all primary and replica shards are allocated.
yellow – some replica shards are unassigned.
red – one or more primary shards are missing.
2. Node information
List nodes with basic metrics: GET /_cat/nodes?v Sample columns: ip, heap.percent, cpu, load_1m, node.role, master, name.
3. Cluster statistics
Retrieve overall statistics: GET /_cluster/stats Key items returned include node count, index count, document count, and total storage size.
4. Index management
4.1 Create an index
PUT /user4.2 Specify shards and replicas
PUT /user
{
"settings": {
"number_of_shards": 3,
"number_of_replicas": 1
}
}4.3 List all indices
GET /_cat/indices?vTypical columns: health, status, index, docs.count, store.size.
4.4 View index details
GET /userResponse sections include Mapping , Settings , and Aliases .
4.5 Delete an index
DELETE /userResponse contains "result": "deleted". Deleting an index permanently removes its data.
5. Document operations
5.1 Add a document
POST /user/_doc/1
{
"name": "Tom",
"age": 18
}Response confirms creation:
{
"_id": "1",
"result": "created"
}5.2 Get a document by ID
GET /user/_doc/1Response includes the stored fields:
{
"_source": {
"name": "Tom",
"age": 18
}
}5.3 Update a document
POST /user/_update/1
{
"doc": {
"age": 20
}
}Response indicates successful update:
{
"result": "updated"
}5.4 Delete a document
DELETE /user/_doc/1Response confirms deletion:
{
"result": "deleted"
}6. Search queries
6.1 Match‑all (retrieve all documents)
GET /user/_search
{
"query": { "match_all": {} }
}Result shows total hits, e.g. "value": 10000.
6.2 Conditional query (match name "Tom")
GET /user/_search
{
"query": {
"match": { "name": "Tom" }
}
}Equivalent SQL:
SELECT * FROM user WHERE name = 'Tom';6.3 Pagination
GET /user/_search
{
"from": 0,
"size": 10,
"query": { "match_all": {} }
}Equivalent SQL:
LIMIT 0, 106.4 Sorting (age descending)
GET /user/_search
{
"sort": [ { "age": "desc" } ],
"query": { "match_all": {} }
}Result list shows ages in descending order (e.g., 30, 28, 25, 20).
6.5 Aggregation (average age)
GET /user/_search
{
"aggs": {
"avg_age": { "avg": { "field": "age" } }
}
}Response contains the average age value, e.g. "value": 26.8.
Equivalent SQL:
SELECT AVG(age) FROM user;Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Architect Chen
Sharing over a decade of architecture experience from Baidu, Alibaba, and Tencent.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.
