Configuring Elasticsearch
After installing Elasticsearch, you need to configure it to suit your needs. The main configuration file for Elasticsearch is the elasticsearch.yml file, located in the config directory of your Elasticsearch installation.
The elasticsearch.yml file is written in YAML format, and it contains settings that control most aspects of Elasticsearch’s behavior. On Ubuntu the default path is /etc/elasticsearch/. Here are some of the key settings you might want to configure:
cluster.name: The name of your Elasticsearch cluster. This is important if you’re running multiple Elasticsearch clusters in the same network, as it allows them to discover each other and prevent data leakage.
node.name: The name of the current node. This is displayed in the logs and the API responses.
network.host: The network interface that Elasticsearch binds to. This is usually set to localhost for development and to the specific IP of your server for production.
http.port: The HTTP port that Elasticsearch listens on. The default is 9200.
After making changes to the elasticsearch.yml file, you need to restart Elasticsearch for the changes to take effect.
Note: If you get the message error: curl: (52) Empty from the server, turn off security in elasticsearch.yml by setting xpack.security.enabled: false. This is not recommended for production environments.
Creating an Elasticsearch Index
An index in Elasticsearch is similar to a database in a traditional relational database system. It’s a place where you can store and retrieve documents. To create an index in Elasticsearch, you can use the PUT method of the RESTful API.
For example, to create an index named “my_index,” you would send a PUT request to http://localhost:9200/my_index. The request might look something like this:
The response from Elasticsearch should confirm that the index has been created.
Once you’ve created an index, you can add documents to it. A document in Elasticsearch is a basic unit of information that can be indexed. It’s expressed in JSON format and consists of fields, which are the keys and values that make up the data.
Documents can be indexed using a POST or PUT request. Here’s an example of how to add a document to the my_index index:
Elasticsearch Querying
Querying allows you to search for documents in your indices using a flexible and expressive query language. There are two types of queries in Elasticsearch:
The Query DSL is a rich, flexible, and expressive query language that allows you to define complex queries using JSON. It supports a wide range of search options, including full-text search, phrase matching, range matching, and boolean logic.
The Simple Query String is a simpler query language that’s easier to use but less powerful. It’s designed for ad-hoc queries and user input, and it supports a limited set of search options.
To perform a search, you can use the GET method of the RESTful API and specify the index you want to search in the URL. For example, to search for all documents in the my_index index, you would send a GET request to http://localhost:9200/my_index/_search.Here is how to use the Query DSL to execute a simple search query:
This query searches for documents in my_index where the description field contains the word “Elasticsearch.” For a more complex query, such as a boolean query combining multiple search criteria, you could use:
This query looks for documents where the title field contains the word “Elasticsearch” and the description field contains the word “Introduction,” and the date field is on or after “2024-01-01.”
Last updated