Master Elasticsearch: Core Features, Basic Operations, and Advanced Search Techniques
Elasticsearch, built on Lucene, is a distributed search and analytics engine offering full-text search, log and metric analysis, real-time data processing, and recommendation capabilities; the guide explains its core functions, basic index and document management, and advanced query and aggregation features with practical API examples.
Elasticsearch (ES) is a distributed search and analytics engine built on Lucene, primarily used for full-text search (including fuzzy search and highlighting), log and metric analysis, real-time data analysis (aggregation, visualization), and autocomplete/recommendation systems.
Core Features
1. Full-text Search
Inverted Index : Quickly locate documents containing keywords.
Analyzer : Supports Chinese (IK analyzer), English and other languages.
Relevance Scoring (TF-IDF/BM25) : Rank results by match quality.
2. Distributed Architecture
Shard : Horizontal data partitioning to improve concurrency.
Replica : Ensures high availability and prevents data loss.
Cluster Discovery : Automatic node discovery and load balancing.
3. Data Analysis
Aggregation : Statistics, grouping, percentile calculations.
Pipeline Processing : Data transformation and re-aggregation.
4. Real-time Capabilities
Refresh Interval : Default 1-second index refresh, configurable.
Translog : Guarantees that written data is not lost.
Basic Operations
1. Index Management
Create Index
PUT /products
{
"settings": {
"number_of_shards": 3,
"number_of_replicas": 1
},
"mappings": {
"properties": {
"name": { "type": "text" },
"price": { "type": "double" },
"stock": { "type": "integer" }
}
}
}View Index
GET /products/_settings # view settings
GET /products/_mapping # view field mappingsDelete Index
DELETE /products2. Document Operations
Insert/Update Document
POST /products/_doc/1
{
"name": "Laptop",
"price": 999.99,
"stock": 100
}Query Document
GET /products/_doc/1 # by ID
GET /products/_search # all documents
GET /products/_search?q=name:Laptop # simple searchBulk Operations
POST /_bulk
{ "index": { "_index": "products", "_id": "2" } }
{ "name": "Phone", "price": 599.99, "stock": 200 }
{ "delete": { "_index": "products", "_id": "1" } }Advanced Search Features
1. Query Syntax
Term Query (Exact Match)
GET /products/_search
{
"query": {
"term": { "name.keyword": "Laptop" }
}
}Match Query (Full-text)
GET /products/_search
{
"query": {
"match": { "name": "lap top" } # tokenized match
}
}Range Query
GET /products/_search
{
"query": {
"range": { "price": { "gte": 500, "lte": 1000 } }
}
}2. Aggregation Analysis
Sum Stock
GET /products/_search
{
"aggs": {
"total_stock": { "sum": { "field": "stock" } }
}
}Price Ranges
GET /products/_search
{
"aggs": {
"price_ranges": {
"range": {
"field": "price",
"ranges": [
{ "to": 500 },
{ "from": 500, "to": 1000 },
{ "from": 1000 }
]
}
}
}
}Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
DevOps Operations Practice
We share professional insights on cloud-native, DevOps & operations, Kubernetes, observability & monitoring, and Linux systems.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.