Welcome to this elasticsearch tutorial. Elastic search is a distributor, open search and analytics engine that can be used for various kinds of data. They can be structured, unstructured, textual and numerical data. Released in 2010, Elasticsearch is the main component of Elastic Stack. 

In this article about Elasticsearch tutorial, let us look at:

  1. Elasticsearch API’s
  2. Query DSL
  3. Mapping
  4. Analysis
  5. Module

1. Elasticsearch API’s

To kick off this elasticsearch tutorial, let’s take a closer look at its API. The elasticsearch API’s are used by the UI components. They can also be used to configure and access Elasticsearch features.

1) Document API – These API’s are used in Elasticsearch for managing documents. They perform various functions such as creating documents in an index, moving and editing them and also removing them. They can be used for handling both single and multi-document API’s. 

  • Index API – It is used to add or update a document.

Query: PUT /<<indexname>>   

cURL: curl -XPUT ‘localhost:9200/twitter/my_index/my_type/1?pretty’ -H ‘Content-Type: application/json’ -d'{   “field : “value”,   …}’

  • Get API – This is used to retrieve an existing document.

Query: GET /<<indexname>>

cURL : curl -XGET’localhost:9200/my_index/my_type/0?pretty’

  • Delete API – This is used to delete a document.

Query: DELETE /<<indexname>>

cURL : curl -XDELETE’localhost:9200/my_index/my_type/0?pretty’

  • Rindex API – This is used to copy a document from one index to another.

Query : POST /_reindex

cURL : curl -XPOST’localhost:9200/_reindex?pretty’-H ‘Content-Type: application/json’ -d'{ “source”: {   “index”: “some_old_index” }, “dest”: {   “index”: “some_new_index” }}’

  • Multi get API – This is used to extract multiple documents from the different indices.

Query : GET /<<targetindex>>/_mget

cURL : curl -X GET “localhost:9200/_mget?pretty” -H ‘Content-Type: application/json’ -d'{  “docs”: [    {      “_index”: “index1”,      “_id”: “1”    },    {      “_index”: “index1”,      “_id”: “2”    }  ]}

  • Bulk API – This is used to perform multiple tasks at the same time. 

Query : POST /<<targetindex>>/_bulk

cURL : curl -X POST “localhost:9200/_bulk?pretty” -H ‘Content-Type: application/json’ -d'{ “index” : { “_index” : “test”, “_id” : “1” } }{ “delete” : { “_index” : “test”, “_id” : “2” } }{ “create” : { “_index” : “test”, “_id” : “3” } }{ “field1” : “value1” }}

  • Delete by Query 

Query : POST /<<targetindex>>/_delete_by_query

cURL : curl -X POST “localhost:9200/index1/_delete_by_query?pretty” -H ‘Content-Type: application/json’ -d'{  “query”: {    “match”: {      “”: “gedalyahreback”    }  }}

  • Update by query – It informs the query to proceed when there is differences between versions of a document.

Query : POST /<<targetindex>>/_update_by_query

cURL : curl -X POST “localhost:9200/myindex1/ _update_by_query?conflicts=proceed”

2) Search API – This API is used to query indexed data for specific information. They are responsible for managing individual indices. Mapping, index template and aliases. It depends on the usage of the Mustache language. 

  • Search API – It searches for matching the query.

Query : GET /<<targetindex>>/_search

POST /<<targetindex>>/_search

cURL : curl -XGET’localhost:9200/my_index/my_type/_count?q=field:value&pretty’

  • Validate API – It validates a heavy query without executing it.

Query : GET /<<targetindex>>/_validate/<<query>>

cURL : curl -XGET’localhost:9200/my_index/my_type/_validate?q=field:value’

  • Explain API – It calculates a score to identify whether the document matches the query.

Query : GET /<<targetindex>>/_explain/<<id>>

POST /<<targetindex>>/_explain/<<id>>

cURL : curl -XGET’localhost:9200/my_index/my_type/0/_explain?q=message:search’

  • Scroll API 

Query : GET /_search/scroll

POST /_search/scroll

DELETE /_search/scroll

cURL : curl -X GET “localhost:9200/_search/scroll?pretty” -H ‘Content-Type: application/json’ -d'{}’

3) Indices API – This API allows the developer to manage the indices, templates and mappings. 

  • For creating a new Index search : curl -XPUT ‘localhost:9200/indexname?pretty’ -H ‘Content-Type: application/json’ -d'{   “settings” : {   “index” : {      …     }   }}’
  • For deleting an Index : curl -XDELETE ‘localhost:9200/<<indexname>>?pretty’
  • For opening or closing an Index : curl -XPOST ‘localhost:9200/<<indexname>>/_open?pretty’
  • For Shrinking : curl -XPOST “localhost:9200/<<indexname>>/_shrink/shrunken-indexname”
  • For splitting : curl -XPOST “localhost:9200/indexname/_split/split-indexname” -H ‘Content-Type: application/json’ -d'{  “settings”: {  “index.number_of_shards”: 4  }}’
  • For cloning : curl -X POST “localhost:9200/indexname/_clone/clonedindex”
  • For adding a new type to an existing map : curl -XPUT’localhost:9200/indexname/_mapping/user?pretty’ -H ‘Content-Type: application/json’ -d'{  “properties”: {    “name”: {       “type”: “text”     }   }}’

4) Cluster API – These API helps in maintaining and managing the Elasticsearch cluster. They also identify which Elasticsearch node to call. It can be its internal node ID or the name or the address. 

2. Query DSL

The next part of this elasticsearch tutorial is understanding queries. Elasticsearch renders a complete Query DSL that is based on JSON to represent queries. It has two types of clauses:

  • Leaf query clause: It looks for an appropriate value in a particular field. The queries such as term, match or range can be managed by themselves. 
  • Compound query clause: They are used to wrap other compound queries. They combine multiple queries in a logical manner. It is also used to modify their behavior. 
    • Match All query: It matches the documents and returns a particular score. 
    • Full-text query: They are required for running full-text queries on the full-text field.
    • Term level query: These queries are used for structured data. Structuring of low-level queries can be developed. 

3. Mapping

Mapping is the process of determining how the document, as well as the field it contains, is saved and filed. The two types of mapping namely, Dynamic mapping and Explicit mapping are used to represent the data. Each method has its own benefits. 

4. Analysis

The analysis process in Elasticsearch converts text into terms. These derived texts are included in the inverted index for searching. This process is undertaken by the Analyzer. The two types of the analyzer are,

  • Built-in Analyzer
  • Custom Analyzer

Examples for analyzers include Standard, Simple, Whitespace, Stop, Keyword, Pattern, Language and Snowball. 

5. Module

The Elasticsearch module is used to control Elasticsearch across various versions. This is done through the use of certain metrics. They are equipped with the monitoring feature.

The module is tested with Elasticsearch 6.3 and works with versions6.x and higher.

The metric sets used are as follows:

  • ccr 
  • cluster_stats
  • index 
  • index_recovery 
  • ml_job 
  • node 
  • shard 


This brings us to the end of this elasticsearch tutorial. 

Want to know all relevant information about your future? Head to our website to check out the best and the latest information about various fields to build your knowledge and scope.