Elasticsearch is the most popular enterprise search engine used by thousands of organisations around the world in search, analytics, alerting and reporting applications. This 2-day hands-on course will give participants the knowledge and inspiration for using the power of Elasticsearch to discover the expected and uncover the unexpected.
Learn step-by-step how you can use this RESTful search and analytics engine capable of solving a growing number of use cases. In 2-days, you will acquire a strong understanding on the most powerful features of Elasticsearch and find out in practice how to store, map, search and aggregate your data for analytics. The course will flatten the learning curve Engineers and Architects have to go through for mastering Elasticsearch.
Who should attend
Software Developers and Engineers, Data Architects, System Administrators, DevOps
Basic knowledge of unix
What will you learn
- Introduction to basic ES concepts
- Document APIs
- Single document APIs
- Index API
- Get API
- Delete API
- Update API
- Multi-document APIs
- Multi Get API
- Bulk API
- Delete By Query API
- Reindex API
- Single document APIs
Mapping is the process of defining how a document, and the fields it contains, are stored and indexed. For instance, use mappings to define:
- which string fields should be treated as full text fields.
- which fields contain numbers, dates.
- whether the values of all fields in the document should be indexed into the catch-all _allfield.
- the format of date values.
- custom rules to control the mapping for dynamically added fields.
- Term level queries
- terms query. Find documents which contain any of the exact terms specified in the field specified.
- range query. Find documents where the field specified contains values (dates, numbers, or strings) in the range specified.
- exists query. Find documents where the field specified contains any non-null value.
- wildcard query. Find documents where the field specified contains terms which match the pattern specified, where the pattern supports single character wildcards (?) and multi-character wildcards (*)
- regexp query. Find documents where the field specified contains terms which match the regular expression specified.
- ids query. Find documents with the specified type and IDs.
- Specialized queries
- script query. This query allows a script to act as a filter. Also see the function_score query.
- percolate query. This query finds queries that are stored as documents that match with the specified document.
- Bucketing. A family of aggregations that build buckets, where each bucket is associated with a key and a document criterion. When the aggregation is executed, all the buckets criteria are evaluated on every document in the context and when a criterion matches, the document is considered to “fall in” the relevant bucket. By the end of the aggregation process, we’ll end up with a list of buckets – each one with a set of documents that “belong” to it.
- Metric. Aggregations that keep track and compute metrics over a set of documents.
- Pipeline. Aggregations that aggregate the output of other aggregations and their associated metrics