Book Image

Elasticsearch 8.x Cookbook - Fifth Edition

By : Alberto Paro
Book Image

Elasticsearch 8.x Cookbook - Fifth Edition

By: Alberto Paro

Overview of this book

Elasticsearch is a Lucene-based distributed search engine at the heart of the Elastic Stack that allows you to index and search unstructured content with petabytes of data. With this updated fifth edition, you'll cover comprehensive recipes relating to what's new in Elasticsearch 8.x and see how to create and run complex queries and analytics. The recipes will guide you through performing index mapping, aggregation, working with queries, and scripting using Elasticsearch. You'll focus on numerous solutions and quick techniques for performing both common and uncommon tasks such as deploying Elasticsearch nodes, using the ingest module, working with X-Pack, and creating different visualizations. As you advance, you'll learn how to manage various clusters, restore data, and install Kibana to monitor a cluster and extend it using a variety of plugins. Furthermore, you'll understand how to integrate your Java, Scala, Python, and big data applications such as Apache Spark and Pig with Elasticsearch and create efficient data applications powered by enhanced functionalities and custom plugins. By the end of this Elasticsearch cookbook, you'll have gained in-depth knowledge of implementing the Elasticsearch architecture and be able to manage, search, and store data efficiently and effectively using Elasticsearch.
Table of Contents (20 chapters)

Using the Histogram field type

Histograms are a common data type for analytics and machine learning analysis. We can store Histograms in the form of values and counts; they are not indexed, but they can be used in aggregations.

The histogram field type is a special mapping that's available in X-Pack that is commonly used to store the results of Histogram aggregations in Elasticsearch for further processing, such as to compare the aggregation results at different times.

Getting ready

You will need an up-and-running Elasticsearch installation, as described in the Downloading and installing Elasticsearch recipe of Chapter 1Getting Started.

To execute the commands in this recipe, you can use any HTTP client, such as curl (, Postman (, or similar. I suggest using the Kibana console, which provides code completion and better character escaping for Elasticsearch.

How to do it…

In this recipe, we will simulate a common use case of Histogram data that is stored in Elasticsearch. Here, we will use a Histogram that specifies the millimeters of rain divided by year for our advanced analytics solution. To achieve this, follow these steps:

  1. First, let's create an index for the Histogram by using the following mapping:
    PUT test-histo
    { "mappings": {
        "properties": {
          "histogram": { "type": "histogram" },
          "model": { "type": "keyword" } } } }
  2. Now, we can store a document to test the mapping:
    POST test-histo/_doc/1
    { "model":"show_level", "histogram" : { "values" : [2016, 2017, 2018, 2019, 2020, 2021],  "counts" : [283, 337, 323, 312, 236, 232] } }

How it works…

The histogram field type specializes in storing Histogram data. I must be provided as a JSON object composed of the values and counts fields with the same cardinality of items. The only supported aggregations are the following ones. We will look at these in more detail in Chapter 7, Aggregations:

  • Metric aggregations such as min, max, sum, value_count, and avg
  • The percentiles and percentile_ranks aggregations
  • The boxplot aggregation
  • The histogram aggregation

The data is not indexed, but you can also check the existence of a document by populating this field with the exist query.

See also

  • Aggregations will be discussed in more detail in Chapter 7, Aggregations
  • The Using the exist query recipe in Chapter 5, Text and Numeric Queries