Book Image

Elasticsearch 8.x Cookbook - Fifth Edition

By : Alberto Paro
Book Image

Elasticsearch 8.x Cookbook - Fifth Edition

By: Alberto Paro

Overview of this book

Elasticsearch is a Lucene-based distributed search engine at the heart of the Elastic Stack that allows you to index and search unstructured content with petabytes of data. With this updated fifth edition, you'll cover comprehensive recipes relating to what's new in Elasticsearch 8.x and see how to create and run complex queries and analytics. The recipes will guide you through performing index mapping, aggregation, working with queries, and scripting using Elasticsearch. You'll focus on numerous solutions and quick techniques for performing both common and uncommon tasks such as deploying Elasticsearch nodes, using the ingest module, working with X-Pack, and creating different visualizations. As you advance, you'll learn how to manage various clusters, restore data, and install Kibana to monitor a cluster and extend it using a variety of plugins. Furthermore, you'll understand how to integrate your Java, Scala, Python, and big data applications such as Apache Spark and Pig with Elasticsearch and create efficient data applications powered by enhanced functionalities and custom plugins. By the end of this Elasticsearch cookbook, you'll have gained in-depth knowledge of implementing the Elasticsearch architecture and be able to manage, search, and store data efficiently and effectively using Elasticsearch.
Table of Contents (20 chapters)

Using X-Pack Security

X-Pack Security allows users to secure their production cluster using the security best practices for Elasticsearch.

It covers the following:

  • The use of credentials to access an Elasticsearch cluster. Credentials can be a standard user/password stored internally in Elasticsearch or a more complex solution can be used, such as Active Directory and Lightweight Directory Access Protocol (LDAP).
  • The use of a Transport Layer Security (TLS)-encrypted connection between the Elasticsearch nodes to prevent traffic sniffing and decoding using custom generated keys.
  • The use of SSL endpoints for HTTP calls to secure communication with the cluster.

Getting ready

You need the Docker desktop ( installed on your computer. To be able to execute the Docker commands, you should set up Docker for a production environment; see the Elasticsearch reference: