How to Index and Search Documents in Elasticsearch: A Step-by-Step Guide
Elasticsearch, a powerful distributed search engine, enables users to efficiently store, search, and analyze large volumes of data in near real-time. Whether you're a developer building a search application or a data analyst working on business insights, understanding how to index and search documents in Elasticsearch is essential. This guide walks you through the basics of indexing and searching documents, complete with practical examples to help you get started.
β Prerequisites
Before diving in, ensure you have:
Elasticsearch installed and running: You can install Elasticsearch locally or use a managed service like Elastic Cloud.(There is a 14 day trail available..check it out)
A basic understanding of JSON: Elasticsearch stores and processes data in JSON format.
Tools to interact with Elasticsearch: Use cURL, Kibana, or any HTTP client like Postman to send requests.
π Understand the Basics
What is an Index?
An index in Elasticsearch is a collection of documents that share similar characteristics. For example, an π e-commerce application might have separate indices for products, customers, and orders.
What is a Document?
A document is a single record stored in an index. It is represented in JSON format and contains fields (key-value pairs) that describe the data. For example:
{
"name": "Wireless Mouse",
"price": 25.99,
"in_stock": true
}
Index a Document
Create an Index
To create an index, use the PUT request:
PUT /products
This creates an index named products. By default, Elasticsearch handles the mapping (schema) automatically. You can also define your own mappings for more control.
Index a Single Document
To add a document to the products index, use the POST or PUT request:
POST /products/_doc/1
{
"name": "Wireless Mouse",
"price": 25.99,
"in_stock": true
}
Here:
/productsspecifies the index./_doc/1indicates the document ID (1 in this case). Elasticsearch assigns an ID automatically if you omit it.
Index Multiple Documents
You can bulk index multiple documents using the _bulk endpoint:
POST /_bulk
{ "index": { "_index": "products", "_id": "1" } }
{ "name": "Wireless Mouse", "price": 25.99, "in_stock": true }
{ "index": { "_index": "products", "_id": "2" } }
{ "name": "Mechanical Keyboard", "price": 89.99, "in_stock": false }
Each pair of lines specifies an action (index) and the document data.
π Search for Documents
Basic Search
To search for all documents in the products index, use the GET request:
GET /products/_search
This returns all documents along with metadata. By default, Elasticsearch retrieves the top 10 results.
Match Query
To search for documents containing specific text, use the match query:
GET /products/_search
{
"query": {
"match": {
"name": "Mouse"
}
}
}
This searches for documents where the name field contains the term "Mouse."
Term Query
The term query is used for exact matches:
GET /products/_search
{
"query": {
"term": {
"in_stock": true
}
}
}
Filtered Search
To combine queries and filters, use the bool query:
GET /products/_search
{
"query": {
"bool": {
"must": {
"match": {
"name": "Keyboard"
}
},
"filter": {
"term": {
"in_stock": true
}
}
}
}
}
This finds documents with name containing "Keyboard" and in_stock set to true.
βοΈ Update a Document
To update an existing document, use the _update endpoint:
POST /products/_doc/1/_update
{
"doc": {
"price": 24.99
}
}
This updates the price field of the document with ID 1.
ποΈ Delete a Document or Index
Delete a Document
To delete a document by ID, use the DELETE request:
DELETE /products/_doc/1
Delete an Index
To delete the entire products index, use:
DELETE /products
By following these steps, youβll be well on your way to mastering Elasticsearch document indexing and search capabilities. Whether youβre building a search engine, analyzing logs, or managing e-commerce data, Elasticsearch provides the tools you need to handle data efficiently. Happy searching! π
