Elasticsearch

The Heart of the Elastic Stack

Elasticsearch is a distributed, RESTful search and analytics engine capable of solving a growing number of use cases. As the heart of the Elastic Stack, it centrally stores your data so you can discover the expected and uncover the unexpected.

Getting started with Elasticsearch. Watch Video

New Elasticsearch 6.1 includes large performance and scalability improvements, faster recoveries, and makes upgrading a whole lot easier. Read More

QUERY

Be Curious. Ask Your Data Questions of All Kinds.

Elasticsearch lets you perform and combine many types of searches — structured, unstructured, geo, metric — any way you want. Start simple with one question and see where it takes you.

ANALYZE

Step Back and Understand the Bigger Picture.

It’s one thing to find the 10 best documents to match your query. But how do you make sense of, say, a billion log lines? Elasticsearch aggregations let you zoom out to explore trends and patterns in your data.

SPEED

Elasticsearch Is Fast.
Really, Really Fast.

When you get answers instantly, your relationship with your data changes. You can afford to iterate and cover more ground.

Being this fast isn't easy. We've implemented inverted indices with finite state transducers for full-text querying, BKD trees for storing numeric and geo data, and a column store for analytics.

And since everything is indexed, you're never left with index envy. You can leverage and access all of your data at ludicrously awesome speeds.

SCALABILITY

Run It on Your Laptop.
Or Hundreds of Servers with Petabytes of Data.

Go from prototype to production seamlessly; you talk to Elasticsearch running on a single node the same way you would in a 300-node cluster.

It scales horizontally to handle kajillions of events per second, while automatically managing how indices and queries are distributed across the cluster for oh-so smooth operations.

RESILIENCY

We Cover the Bases While You Swing for the Fences.

Hardware rebels. Networks partition. Elasticsearch detects failures to keep your cluster (and your data) safe and available.

Elasticsearch operates in a distributed environment designed from the ground up for perpetual peace of mind.

FLEXIBILITY

Multiple Use Cases? Bring One, Bring All.

Numbers, text, geo, structured, unstructured. All data types are welcome.

Application search, security analytics, and logging only scratch the surface of how companies around the world are relying on Elasticsearch to solve a variety of challenges.

OPERATIONAL HAPPINESS

Enjoy More Both-Hands-In-Air Celebration

Simple things should be simple. We’ve made Elasticsearch easy to operate at any scale without compromising on power and performance.

CLIENT LIBRARIES

Interact with Elasticsearch in the Programming Language You Choose

Elasticsearch uses standard RESTful APIs and JSON. We also build and maintain clients in many languages such as Java, Python, .NET, and Groovy. Plus, our community has contributed many more. They’re easy to work with, feel natural to use, and, just like Elasticsearch, don't limit what you might want to do with them.

                                    curl -H "Content-Type: application/json" -XGET
'http://localhost:9200/social-*/_search' -d '{
  "query": {
    "match": {
      "message": "myProduct"
    }
  },
  "aggregations": {
    "top_10_states": {
      "terms": {
        "field": "state",
        "size": 10
      }
    }
  }
}'
                                
                                    RestHighLevelClient client = new RestHighLevelClient(RestClient.builder(
                    new HttpHost("localhost", 9200, "http")));

SearchSourceBuilder searchSourceBuilder = new SearchSourceBuilder();
searchSourceBuilder.query(QueryBuilders.matchAllQuery());            
searchSourceBuilder.aggregation(AggregationBuilders.terms("top_10_states").field("state").size(10));

SearchRequest searchRequest = new SearchRequest();
searchRequest.indices("social-*");
searchRequest.source(searchSourceBuilder);
SearchResponse searchResponse = client.search(searchRequest);
                                
                                    var client = new ElasticClient();

var searchResponse = client.Search<Tweet>(s => s
    .Index("social-*")
    .Query(q => q
        .Match(m => m
            .Field(f => f.Message)
            .Query("myProduct")
        )
    )
    .Aggregations(a => a
        .Terms("top_10_states", t => t
            .Field(f => f.State)
            .Size(10)
        )
    )
);
                                
                                    from elasticsearch import Elasticsearch

esclient = Elasticsearch(['localhost:9200'])
response = esclient.search(
index='social-*',
body={
    "query": {
        "match": {
            "message": "myProduct"
        }
    },
    "aggs": {
        "top_10_states": {
            "terms": {
                "field": "state",
                "size": 10
            }
        }
    }
}
)
                                
                                    var elasticsearch = require('elasticsearch');
var esclient = new elasticsearch.Client({
  host: 'localhost:9200'
});
esclient.search({
  index: 'social-*',
  body: {
    query: {
      match: { message: 'myProduct' }
    },
    aggs: {
      top_10_states: {
        terms: {
            field: 'state',
            size: 10
        }
      }
    }
  }
}
).then(function (response) {
    var hits = response.hits.hits;
}
);
                                
                                    $esclient = Elasticsearch\ClientBuilder::create()
              ->setHosts(["localhost:9200"])
              ->build();
$params = [
'index' => 'social-*',
'body' => [
    'query' => [
        'match' => [ 'message' => 'myProduct' ]
    ],
    'aggs' => [
        'top_10_states' => [
            'terms' => [
                'field' => 'state',
                'size' => 10,
            ]
        ]
    ]
]
];
$response = $esclient->search($params);
                                
                                    use Search::Elasticsearch;

my $esclient = Search::Elasticsearch->new( nodes => 'localhost:9200' );
my $response = $esclient->search(
index => 'social-*',
body => {
        query => {
            match => { message => 'myProduct' }
        },
        aggs => {
            top_10_states => {
                terms => {
                    field => 'state',
                    size => 10
                }
            }
        }
    }
);
                                
                                    require 'elasticsearch'

esclient = Elasticsearch::Client.new

response = esclient.search index: 'social-*', body: {
  query: {
    match: {
      message: 'myProduct'
    }
  },
  aggregations: {
    top_10_states: {
      terms: {
        field: 'state',
        size: 10
      }
    }
  }
}
                                
X-PACK

Extend Elasticsearch with Powerful Features

Add a username and password to your cluster, monitor how Elasticsearch is performing, run machine learning jobs to detect anomalies, and more with the features in X-Pack.

X-Pack easily installs into Elasticsearch to give you an enhanced experience with security, monitoring, alerting, reporting, graph exploration, and machine learning features.

HADOOP & SPARK

Elasticsearch Plus Hadoop

Have massive data sitting in Hadoop? Put the real-time search and analytics features of Elasticsearch to work on your big data by using the Elasticsearch-Hadoop (ES-Hadoop) connector. It's the best of two worlds colliding.