Giters

LisaHJung / Part-1-Intro-to-Elasticsearch-and-Kibana

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Beginner's Crash Course to Elastic Stack Series

Part 1: Intro to Elasticsearch & Kibana

Welcome to the Beginner's Crash Course to Elastic Stack!

This repo contains all resources shared during workshop Part 1: Intro to Elasticsearch and Kibana.

By the end of this workshop, you will be able to:

  • understand a use case of Elasticsearch and Kibana
  • understand the basic architecture of Elasticsearch
  • perform CRUD(Create, Read, Update, and Delete) operations with Elasticsearch and Kibana

Resources

Beginner's Crash Course to Elastic Stack Table of Contents

This workshop is a part of the Beginner's Crash Course to Elastic Stack series. Check out this table contents to access all the workshops in the series thus far. This table will continue to get updated as more workshops in the series are released!

Free Elastic Cloud Trial

Instructions on how to access Elasticsearch and Kibana on Elastic Cloud

Instructions for downloading Elasticsearch and Kibana

Alternative installation using Docker

One of our AMAZING community member @h3ct0rjs has shared how you can run Elasticsearch and Kibana using Docker! Refer to this link for his awesome step by step directions. Thank you so much @h3ct0rjs!!

Presentation

Video recording of the workshop

Mini Beginner's Crash Course to Elasticsearch & Kibana playlist

Do you prefer learning by watching shorter videos? Check out this playlist to watch short clips of beginner's crash course full length workshops. Part 1 workshop is broken down into episodes 1-6. Season 2 clips will be uploaded here in the future!

Blog Beginner's guide to Elasticsearch

Blog Beginner's guide to performing CRUD operations with Elasticsearch and Kibana

Elastic America Virtual Chapter Want to attend live workshops? Join the Elastic America Virtual Chapter to get the deets!

What's next? Eager to continue your learning after mastering the concept from this workshop? Move on to Part 2: Understanding the relevance of your search with Elasticsearch and Kibana here!

Getting information about cluster and nodes

Syntax:

GET _API/parameter

Get info about cluster health

GET _cluster/health

Expected response from Elasticsearch:

image

Get info about nodes in a cluster

GET _nodes/stats

Expected response from Elasticsearch:

image

Performing CRUD operations

C - Create

Create an index

Syntax:

PUT Name-of-the-Index

Example:

PUT favorite_candy

Expected response from Elasticsearch:

image

Index a document

When indexing a document, both HTTP verbs POST or PUT can be used.

  1. Use POST when you want Elasticsearch to autogenerate an id for your document.

Syntax:

POST Name-of-the-Index/_doc
{
  "field": "value"
}

Example:

POST favorite_candy/_doc
{
  "first_name": "Lisa",
  "candy": "Sour Skittles"
}

Expected response from Elasticsearch: image

  1. Use PUT when you want to assign a specific id to your document(i.e. if your document has a natural identifier - purchase order number, patient id, & etc). For more detailed explanation, check out this documentation from Elastic!

Syntax:

PUT Name-of-the-Index/_doc/id-you-want-to-assign-to-this-document
{
  "field": "value"
}

Example:

PUT favorite_candy/_doc/1
{
  "first_name": "John",
  "candy": "Starburst"
}

_create Endpoint

When you index a document using an id that already exists, the existing document is overwritten by the new document. If you do not want a existing document to be overwritten, you can use the _create endpoint!

With the _create Endpoint, no indexing will occur and you will get a 409 error message.

Syntax:

PUT Name-of-the-Index/_create/id-you-want-to-assign-to-this-document
{
  "field": "value"
}

Example:

PUT favorite_candy/_create/1
{
  "first_name": "Finn",
  "candy": "Jolly Ranchers"
}

Expected response from Elasticsearch:

image

R - READ

Read a document

Syntax:

GET Name-of-the-Index/_doc/id-of-the-document-you-want-to-retrieve

Example:

GET favorite_candy/_doc/1

Expected response from Elasticsearch:

image

U - UPDATE

Update a document

If you want to update fields in a document, use the following syntax:

POST Name-of-the-Index/_update/id-of-the-document-you-want-to-update
{
  "doc": {
    "field1": "value",
    "field2": "value",
  }
}

Example:

POST favorite_candy/_update/1
{
  "doc": {
    "candy": "M&M's"
  }
}

Expected response from Elasticsearch:

image

D- DELETE

Delete a document

Syntax:

DELETE Name-of-the-Index/_doc/id-of-the-document-you-want-to-delete

Example:

DELETE favorite_candy/_doc/1

Expected response from Elasticsearch: image

Take Home Assignment

  1. Create an index called destinations.
  2. Pick five dream travel destinations. For each destination, index a document containing the name and the country.
  3. Read(GET) each document to check the content of the document.
  4. Update a field of a document.
  5. Read(GET) the updated document to ensure that the field has been updated.
  6. Delete a document of one place.
  7. Copy and paste the following request to return all documents from the destinations index. This is a great way to check whether all the CRUD operations you have performed thus far have worked!
GET destinations/_search
{
  "query": {
    "match_all": {}
  }
}

About