Book Image

ElasticSearch Cookbook

By : Alberto Paro
Book Image

ElasticSearch Cookbook

By: Alberto Paro

Overview of this book

ElasticSearch is one of the most promising NoSQL technologies available and is built to provide a scalable search solution with built-in support for near real-time search and multi-tenancy. This practical guide is a complete reference for using ElasticSearch and covers 360 degrees of the ElasticSearch ecosystem. We will get started by showing you how to choose the correct transport layer, communicate with the server, and create custom internal actions for boosting tailored needs. Starting with the basics of the ElasticSearch architecture and how to efficiently index, search, and execute analytics on it, you will learn how to extend ElasticSearch by scripting and monitoring its behaviour. Step-by-step, this book will help you to improve your ability to manage data in indexing with more tailored mappings, along with searching and executing analytics with facets. The topics explored in the book also cover how to integrate ElasticSearch with Python and Java applications. This comprehensive guide will allow you to master storing, searching, and analyzing data with ElasticSearch.

Related Content you might be interested in

Current Title:

Small book image
ElasticSearch Cookbook
Alberto Paro
Dec, 2013 | 422 pages
No titles found
Table of Contents (19 chapters)
ElasticSearch Cookbook
ElasticSearch Cookbook
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Getting Started
Getting Started
Introduction
Understanding node and cluster
Understanding node services
Managing your data
Understanding cluster, replication, and sharding
Communicating with ElasticSearch
Using the HTTP protocol
Using the Native protocol
Using the Thrift protocol
2
Downloading and Setting Up ElasticSearch
Downloading and Setting Up ElasticSearch
Introduction
Downloading and installing ElasticSearch
Networking setup
Setting up a node
Setting up ElasticSearch for Linux systems (advanced)
Setting up different node types (advanced)
Installing a plugin
Installing a plugin manually
Removing a plugin
Changing logging settings (advanced)
3
Managing Mapping
Managing Mapping
Introduction
Using explicit mapping creation
Mapping base types
Mapping arrays
Mapping an object
Mapping a document
Using dynamic templates in document mapping
Managing nested objects
Managing a child document
Mapping a multifield
Mapping a GeoPoint field
Mapping a GeoShape field
Mapping an IP field
Mapping an attachment field
Adding generic data to mapping
Mapping different analyzers
4
Standard Operations
Standard Operations
Introduction
Creating an index
Deleting an index
Opening/closing an index
Putting a mapping in an index
Getting a mapping
Deleting a mapping
Refreshing an index
Flushing an index
Optimizing an index
Checking if an index or type exists
Managing index settings
Using index aliases
Indexing a document
Getting a document
Deleting a document
Updating a document
Speeding up atomic operations (bulk)
Speeding up GET
5
Search, Queries, and Filters
Search, Queries, and Filters
Introduction
Executing a search
Sorting a search
Highlighting results
Executing a scan query
Suggesting a correct query
Counting
Deleting by query
Matching all the documents
Querying/filtering for term
Querying/filtering for terms
Using a prefix query/filter
Using a Boolean query/filter
Using a range query/filter
Using span queries
Using the match query
Using the IDS query/filter
Using the has_child query/filter
Using the top_children query
Using the has_parent query/filter
Using a regexp query/filter
Using exists and missing filters
Using and/or/not filters
Using the geo_bounding_box filter
Using the geo_polygon filter
Using the geo_distance filter
6
Facets
Facets
Introduction
Executing facets
Executing terms facets
Executing range facets
Executing histogram facets
Executing date histogram facets
Executing filter/query facets
Executing statistical facets
Executing term statistical facets
Executing geo distance facets
7
Scripting
Scripting
Introduction
Installing additional script plugins
Sorting using script
Computing return fields with scripting
Filtering a search via scripting
Updating with scripting
8
Rivers
Rivers
Introduction
Managing a river
Using the CouchDB river
Using the MongoDB river
Using the RabbitMQ river
Using the JDBC river
Using the Twitter river
9
Cluster and Nodes Monitoring
Cluster and Nodes Monitoring
Introduction
Controlling cluster health via API
Controlling cluster state via API
Getting nodes information via API
Getting node statistic via API
Installing and using BigDesk
Installing and using ElasticSerach-head
Installing and using SemaText SPM
10
Java Integration
Java Integration
Introduction
Creating an HTTP client
Creating a native client
Managing indices with the native client
Managing mappings
Managing documents
Managing bulk action
Creating a query
Executing a standard search
Executing a facet search
Executing a scroll/scan search
11
Python Integration
Python Integration
Introduction
Creating a client
Managing indices
Managing mappings
Managing documents
Executing a standard search
Executing a facet search
12
Plugin Development
Plugin Development
Introduction
Creating a site plugin
Creating a simple plugin
Creating a REST plugin
Creating a cluster action
Creating an analyzer plugin
Creating a river plugin
Index
Index

Mapping an IP field

ElasticSearch is used in a lot of networking systems to collect and search logs, such as Kibana (http://kibana.org/) and LogStash (http://logstash.net/). To improve search in these scenarios, it provides the IPv4 type that can be used to store an IP address in an optimized way.

Getting ready

You need a working ElasticSearch cluster.

How to do it...

You need to define the type of the field that contains IP address as "ip".

Using the above order example we can extend it by adding the customer IP address with the following code snippet:

  "customer_ip": {
    "type": "ip",
    "store": "yes",
    "index": "yes"
  }

The IP must be in the standard point notation form, as follows:

"customer_ip":"19.18.200.201"

How it works...

When ElasticSearch is processing a document, if a field is an IP one, it tries to convert its value to a numerical form and generates tokens for fast-value searching.

The IP has the following special properties:

  • index (defaults to yes): This defines if the field...

Previous Section
End of Section 14
Next Section