Part 1: Intro to Elasticsearch & Kibana¶
Workshop objectives: - understand a use case of Elasticsearch and Kibana - understand the basic architecture of Elasticsearch - perform CRUD(Create, Read, Update, and Delete) operations with Elasticsearch and Kibana
Getting information about cluster and nodes¶
Syntax:
GET _API/parameter
Get info about cluster health¶
GET _cluster/health
Expected response from Elasticsearch:
Get info about nodes in a cluster¶
GET _nodes/stats
Expected response from Elasticsearch:
Performing CRUD operations¶
Create¶
Create an index¶
Syntax:
PUT Name-of-the-Index
Example:
PUT favorite_candy
Expected response from Elasticsearch:
Index a document¶
When indexing a document, both HTTP verbs POST or PUT can be used.
1) Use POST when you want Elasticsearch to autogenerate an id for your document.
Syntax:
POST Name-of-the-Index/_doc
{
"field": "value"
}
````
Example:
```http
POST favorite_candy/_doc
{
"first_name": "Lisa",
"candy": "Sour Skittles"
}
Expected response from Elasticsearch:
2) Use PUT when you want to assign a specific id to your document(i.e. if your document has a natural identifier - purchase order number, patient id, & etc). For more detailed explanation, check out this documentation from Elastic!
Syntax:
PUT Name-of-the-Index/_doc/id-you-want-to-assign-to-this-document
{
"field": "value"
}
Example:
PUT favorite_candy/_doc/1
{
"first_name": "John",
"candy": "Starburst"
}
_create Endpoint¶
When you index a document using an id that already exists, the existing document is overwritten by the new document. If you do not want a existing document to be overwritten, you can use the _create endpoint!
With the _create Endpoint, no indexing will occur and you will get a 409 error message.
Syntax:
PUT Name-of-the-Index/_create/id-you-want-to-assign-to-this-document
{
"field": "value"
}
Example:
PUT favorite_candy/_create/1
{
"first_name": "Finn",
"candy": "Jolly Ranchers"
}
Expected response from Elasticsearch:
READ¶
Read a document¶
Syntax:
GET Name-of-the-Index/_doc/id-of-the-document-you-want-to-retrieve
Example:
GET favorite_candy/_doc/1
Expected response from Elasticsearch:
UPDATE¶
Update a document¶
If you want to update fields in a document, use the following syntax:
POST Name-of-the-Index/_update/id-of-the-document-you-want-to-update
{
"doc": {
"field1": "value",
"field2": "value",
}
}
Example:
POST favorite_candy/_update/1
{
"doc": {
"candy": "M&M's"
}
}
Expected response from Elasticsearch:
DELETE¶
Delete a document¶
Syntax:
DELETE Name-of-the-Index/_doc/id-of-the-document-you-want-to-delete
Example:
DELETE favorite_candy/_doc/1
Expected response from Elasticsearch:
Take Home Assignment¶
- Create an index called places.
- Pick five of the places you want to visit after the pandemic is over. For each place, index a document containing the name and the country.
- Read(GET) each document to check the content of the document.
- Update a field of a document.
- Read(GET) the updated document to ensure that the field has been updated.
- Delete a document of one place.
- Copy and paste the following request to return all documents from the places index. This is a great way to check whether all the CRUD operations you have performed thus far have worked!
GET places/_search
{
"query": {
"match_all": {}
}
}