Elasticsearch Database Cheatsheet

Last Updated: by

Elasticsearch is a powerful and scalable open-source search and analytics engine that is widely used for storing, searching, and analyzing large volumes of data. Whether you are a developer, system administrator, or data analyst, having a cheatsheet can be immensely helpful for quickly referencing essential Elasticsearch commands and configurations. In this blog, we will provide a comprehensive Elasticsearch cheatsheet with code snippets for easy reference.

Index Operations

Create an Index

PUT /index_name

Check if an Index Exists

HEAD /index_name

Delete an Index

DELETE /index_name

Document Operations

Index a Document

POST /index_name/_doc/document_id
{
  "field1": "value1",
  "field2": "value2"
}

Get a Document

GET /index_name/_doc/document_id

Update a Document

POST /index_name/_update/document_id
{
  "doc": {
    "field1": "new_value"
  }
}

Delete a Document

DELETE /index_name/_doc/document_id

Querying

Simple Query

GET /index_name/_search?q=query_string

Match Query

GET /index_name/_search
{
  "query": {
    "match": {
      "field": "query_string"
    }
  }
}

Term Query

GET /index_name/_search
{
  "query": {
    "term": {
      "field": "value"
    }
  }
}

Aggregations

Terms Aggregation

GET /index_name/_search
{
  "aggs": {
    "agg_name": {
      "terms": {
        "field": "field_name"
      }
    }
  }
}

Date Histogram Aggregation

GET /index_name/_search
{
  "aggs": {
    "agg_name": {
      "date_histogram": {
        "field": "date_field",
        "calendar_interval": "day"
      }
    }
  }
}

Mapping

Define Mapping

PUT /index_name
{
  "mappings": {
    "properties": {
      "field_name": {
        "type": "text"
      }
    }
  }
}

Get Mapping

GET /index_name/_mapping

Cluster Health

Check Cluster Health

GET /_cat/health?v

Cluster Nodes

GET /_cat/nodes?v

This Elasticsearch cheatsheet covers essential operations for managing indices, documents, querying, aggregations, mapping, and monitoring cluster health. Bookmark this cheatsheet for quick reference and boost your productivity when working with Elasticsearch. Keep in mind that Elasticsearch is a versatile tool, and this cheatsheet provides only a glimpse of its capabilities. For more in-depth information, refer to the official Elasticsearch documentation.

FAQ

1. What is Elasticsearch?

Elasticsearch is an open-source search and analytics engine built on top of Apache Lucene. It is designed for distributed storage and retrieval of structured and unstructured data, making it a powerful tool for search and analysis.

2. How do I create an index in Elasticsearch?

To create an index in Elasticsearch, you can use the following HTTP request:
PUT /index_name
This command creates an index with the specified name.

3. What is the difference between a “match” and a “term” query?

A “match” query is used for full-text search, analyzing the input and matching relevant documents, while a “term” query is used for exact matching of terms without analysis. “Match” is suitable for textual content, while “term” is often used for keyword fields.

4. How can I monitor the health of my Elasticsearch cluster?

You can check the health of your Elasticsearch cluster using the following HTTP request:
GET /_cat/health?v
This command provides information about the overall health, including the status, number of nodes, and more.

5. What is the purpose of Elasticsearch aggregations?

Aggregations in Elasticsearch help analyze and summarize data, providing insights into the distribution and relationships within your dataset. They can be used to perform calculations, grouping, and statistical operations on your indexed data.