ElasticSearch: Cheat-sheet
# Elasticsearch Cheatsheet - an overview of commonly used Elasticsearch API commands
# cat paths
/_cat/allocation
/_cat/shards
/_cat/shards/{index}
/_cat/master
/_cat/nodes
/_cat/indices
/_cat/indices/{index}
/_cat/segments
/_cat/segments/{index}
/_cat/count
/_cat/count/{index}
/_cat/recovery
/_cat/recovery/{index}
/_cat/health
/_cat/pending_tasks
/_cat/aliases
/_cat/aliases/{alias}
/_cat/thread_pool
/_cat/plugins
/_cat/fielddata
/_cat/fielddata/{fields}
# Important Things
bin/elasticsearch # Start Elastic instance
curl -X GET 'http://localhost:9200/?pretty=true' # View instance metadata
curl -X POST 'http://localhost:9200/_shutdown' # Shutdown Elastic instance
curl -X GET 'http://localhost:9200/_cat?pretty=true' # List all admin methods
curl -X GET 'http://localhost:9200/_cat/indices?pretty=true' # List all indices
curl -X GET 'http://localhost:9200/_cluster/health?pretty=true' # View Cluster Health
# Indices monitoring and information
GET /my_index_name/_stats
GET /my_index_name/_stats
GET /my_index_name/_segments
GET /my_index_name/_recovery?pretty&human
# Indices status and management
POST /my_index_name/_cache/clear
POST /my_index_name/_refresh
POST /my_index_name/_flush
POST /my_index_name/_forcemerge
# Index, Type Basics
POST /my_index_name/_close # Open and close indexes to save memory and CPU
POST /my_index_name/_open # Open and close indexes to save memory and CPU
POST /_reindex # _reindex
{
"source": {
"index": "old_index"
},
"dest": {
"index": "new_index"
}
}
curl -X GET 'http://localhost:9200/index name' # View specific index
curl -X POST 'http://localhost:9200/index name' # Create an index
curl -X DELETE 'http://localhost:9200/index name' # Delete an index
curl -X GET 'http://locahost:9200/index name/type/id' # Retrieve a specific document
curl -X POST 'http://locahost:9200/index name/type/' # Create a document
curl -X PUT 'http://locahost:9200/index name/type/id' # Create/Update a specific document
curl -X DELETE 'http://localhost:9200/index name/type/id' # Delete a specific document
curl -X GET 'http://localhost:9200/index name/_mappings' # View mappings for index
curl -X GET 'http://localhost:9200/index name/_settings' # View setting information for an index
curl -X PUT http://localhost:9200/index name # Creates index with settings and mappings
{
"settings": {
"number_of_replicas": 1,
"number_of_shards": 3,
"analysis": {},
"refresh_interval": "1s"
},
"mappings": {
"my_type_name": {
"properties": {
"title": {
"type": "text",
"analyzer": "english"
}
}
}
}
}
curl -X PUT http://localhost:9200/index name/_settings # Update index settings dynamically
{
"index": {
"refresh_interval": "-1",
"number_of_replicas": 0
}
}
curl -X PUT http://localhost:9200/index name/_mapping/my_type_name # Update index mappings dynamically
{
"my_type_name": {
"properties": {
"tag": {
"type": "keyword"
}
}
}
}
curl -X GET 'http://localhost:9200/index name/type/_mappings' # View mappings for an index type
curl -X GET 'http://localhost:9200/index name/type/_settings' # View setting information for an index type
curl -X GET 'http://localhost:9200/index name/_search' # Search an index
curl -X GET 'http://localhost:9200/index name/type/_search' # Search an index type
# Bulk API
curl -X GET 'http://localhost:9200/_bulk'
curl -X GET 'http://localhost:9200/index name/_bulk'
curl -X GET 'http://localhost:9200/index name/type/_bulk'
# Elastic River Basics
curl -X GET 'http://localhost:9200/_river/_meta' # View River settings
curl -X GET 'http://localhost:9200/_river/index name/_meta' # View River meta data for index
curl -X GET 'http://localhost:9200/_river/index name/_meta/_source' # View River source for index
curl -X GET 'http://localhost:9200/_river/index name/_status' # View River status
curl -X GET 'http://localhost:9200/_river/index name/_search' # Seach the River Index
# Search API
QueryString syntax recap
Search in the default _all field:
GET /_search?q=pony
GET /_search?q=title:(joli OR code) AND author:"Damien Alexandre"^2 #Complex search with operator and exact phrase search with boost:
GET /_search?q=_exists_:title OR title:singl? noneOrAnyChar*cter #Search with wildcard and special queries:
GET /_search?q=title:elastichurch~3 AND date:[2016-01-01 TO 2018-12-31] #Search with fuzzyness and range:
# Cluster and node information
GET /_cluster/health?pretty
GET /_cluster/health?wait_for_status=yellow&timeout=50s
GET /_cluster/state
GET /_cluster/stats?human&pretty
GET /_cluster/pending_tasks
GET /_nodes
GET /_nodes/stats
GET /_nodes/nodeId1,nodeId2/stats
# Important _cluster APIs
- Ask the index my_index_name shard 0 of node1 to go to node2:
POST /_cluster/reroute
{
"commands": [
{
"move": {
"index": "my_index_name",
"shard": 0,
"from_node": "node1",
"to_node": "node2"
}
},
{
"allocate": {
"index": "my_index_name",
"shard": 1,
"node": "node3"
}
}
]
}
PUT /_cluster/settings
{
"persistent": {
"discovery.zen.minimum_master_nodes": 3
}
}
PUT /_cluster/settings
{
"transient": {
"discovery.zen.minimum_master_nodes": 2
}
}
Disable shard allocation, useful before a rolling restart:
PUT /_cluster/settings
{
"transient" : {
"cluster.routing.allocation.enable" : "none"
}
}
PUT /_cluster/settings
{
"transient" : {
"cluster.routing.allocation.enable" : "all"
}
}
# _Shrink API : for reducing the no of shards (First mark the index as Readonly & then do shrink on same host)
https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-shrink-index.html
PUT /my_source_index/_settings
{
"settings": {
"index.routing.allocation.require._name": "shrink_node_name",
"index.blocks.write": true
}
}
POST my_source_index/_shrink/my_target_index
# Update Index by Query
POST /index/_update_by_query?conflicts=proceed or POST /my_index1,my_index2/my_type1,my_type2/_update_by_query # Update index for a field and a new value
{
"query": {
"term": {
"my_field": "my_value"
}
}
}
POST /index/_update_by_query # Update using script and Lucene query
{
"script": {
"source": "ctx._source.likes++",
"lang": "painless"
},
"query": {
"term": {value
"user": "kimchy"
}
}
}
POST /index/_update_by_query # Update using script and Lucene query
{
"script": {
"source": "ctx._source.likes++",
"lang": "painless"
},
"query": {
"term": {value
"user": "kimchy"
}
}
}
POST /index/_update_by_query #Update using inline script and variable(find and replace kind of)
{
"script": {
"inline": "ctx._source.system.process.name=\"" + value + "\"", "lang": "painless"},
"query": {"term": {"system.process.pid": key}}
}
}
# Debug and development
Queries - Get a detailed view of what a query do:
GET /blog/post/_validate/query?explain=true
{
"query": {
"match": {
"title": "Smith"
}
}
}
Get an explanation about a document matching or not:
GET /blog/post/1/_explain
{
"query": {
"match": {
"title": "Smith"
}
}
}
Analysis - Test how a content is tokenized in a field:
GET /blog/_analyze
{
"field": "title",
"text": "powerful"
}
Test analyzer token output by analyzer:
GET /blog/_analyze
{
"analyzer": "english",
"text": "powerful"
}
Profile API, which gives timing information about the query execution:
GET /index/_search
{
"profile": true,
"query" : {
"match" : { "message" : "some number" }
}
}
Get Field statistics
GET /_field_stats?fields=my_field
GET /my_index/_field_stats?fields=my_field
GET /my_index1,my_index2/_field_stats?fields=my_field
References :
# cat paths
/_cat/allocation
/_cat/shards
/_cat/shards/{index}
/_cat/master
/_cat/nodes
/_cat/indices
/_cat/indices/{index}
/_cat/segments
/_cat/segments/{index}
/_cat/count
/_cat/count/{index}
/_cat/recovery
/_cat/recovery/{index}
/_cat/health
/_cat/pending_tasks
/_cat/aliases
/_cat/aliases/{alias}
/_cat/thread_pool
/_cat/plugins
/_cat/fielddata
/_cat/fielddata/{fields}
# Important Things
bin/elasticsearch # Start Elastic instance
curl -X GET 'http://localhost:9200/?pretty=true' # View instance metadata
curl -X POST 'http://localhost:9200/_shutdown' # Shutdown Elastic instance
curl -X GET 'http://localhost:9200/_cat?pretty=true' # List all admin methods
curl -X GET 'http://localhost:9200/_cat/indices?pretty=true' # List all indices
curl -X GET 'http://localhost:9200/_cluster/health?pretty=true' # View Cluster Health
# Indices monitoring and information
GET /my_index_name/_stats
GET /my_index_name/_stats
GET /my_index_name/_segments
GET /my_index_name/_recovery?pretty&human
# Indices status and management
POST /my_index_name/_cache/clear
POST /my_index_name/_refresh
POST /my_index_name/_flush
POST /my_index_name/_forcemerge
# Index, Type Basics
POST /my_index_name/_close # Open and close indexes to save memory and CPU
POST /my_index_name/_open # Open and close indexes to save memory and CPU
POST /_reindex # _reindex
{
"source": {
"index": "old_index"
},
"dest": {
"index": "new_index"
}
}
curl -X GET 'http://localhost:9200/index name' # View specific index
curl -X POST 'http://localhost:9200/index name' # Create an index
curl -X DELETE 'http://localhost:9200/index name' # Delete an index
curl -X GET 'http://locahost:9200/index name/type/id' # Retrieve a specific document
curl -X POST 'http://locahost:9200/index name/type/' # Create a document
curl -X PUT 'http://locahost:9200/index name/type/id' # Create/Update a specific document
curl -X DELETE 'http://localhost:9200/index name/type/id' # Delete a specific document
curl -X GET 'http://localhost:9200/index name/_mappings' # View mappings for index
curl -X GET 'http://localhost:9200/index name/_settings' # View setting information for an index
curl -X PUT http://localhost:9200/index name # Creates index with settings and mappings
{
"settings": {
"number_of_replicas": 1,
"number_of_shards": 3,
"analysis": {},
"refresh_interval": "1s"
},
"mappings": {
"my_type_name": {
"properties": {
"title": {
"type": "text",
"analyzer": "english"
}
}
}
}
}
curl -X PUT http://localhost:9200/index name/_settings # Update index settings dynamically
{
"index": {
"refresh_interval": "-1",
"number_of_replicas": 0
}
}
curl -X PUT http://localhost:9200/index name/_mapping/my_type_name # Update index mappings dynamically
{
"my_type_name": {
"properties": {
"tag": {
"type": "keyword"
}
}
}
}
curl -X GET 'http://localhost:9200/index name/type/_mappings' # View mappings for an index type
curl -X GET 'http://localhost:9200/index name/type/_settings' # View setting information for an index type
curl -X GET 'http://localhost:9200/index name/_search' # Search an index
curl -X GET 'http://localhost:9200/index name/type/_search' # Search an index type
# Bulk API
curl -X GET 'http://localhost:9200/_bulk'
curl -X GET 'http://localhost:9200/index name/_bulk'
curl -X GET 'http://localhost:9200/index name/type/_bulk'
# Elastic River Basics
curl -X GET 'http://localhost:9200/_river/_meta' # View River settings
curl -X GET 'http://localhost:9200/_river/index name/_meta' # View River meta data for index
curl -X GET 'http://localhost:9200/_river/index name/_meta/_source' # View River source for index
curl -X GET 'http://localhost:9200/_river/index name/_status' # View River status
curl -X GET 'http://localhost:9200/_river/index name/_search' # Seach the River Index
# Search API
QueryString syntax recap
Search in the default _all field:
GET /_search?q=pony
GET /_search?q=title:(joli OR code) AND author:"Damien Alexandre"^2 #Complex search with operator and exact phrase search with boost:
GET /_search?q=_exists_:title OR title:singl? noneOrAnyChar*cter #Search with wildcard and special queries:
GET /_search?q=title:elastichurch~3 AND date:[2016-01-01 TO 2018-12-31] #Search with fuzzyness and range:
# Cluster and node information
GET /_cluster/health?pretty
GET /_cluster/health?wait_for_status=yellow&timeout=50s
GET /_cluster/state
GET /_cluster/stats?human&pretty
GET /_cluster/pending_tasks
GET /_nodes
GET /_nodes/stats
GET /_nodes/nodeId1,nodeId2/stats
# Important _cluster APIs
- Ask the index my_index_name shard 0 of node1 to go to node2:
POST /_cluster/reroute
{
"commands": [
{
"move": {
"index": "my_index_name",
"shard": 0,
"from_node": "node1",
"to_node": "node2"
}
},
{
"allocate": {
"index": "my_index_name",
"shard": 1,
"node": "node3"
}
}
]
}
PUT /_cluster/settings
{
"persistent": {
"discovery.zen.minimum_master_nodes": 3
}
}
PUT /_cluster/settings
{
"transient": {
"discovery.zen.minimum_master_nodes": 2
}
}
Disable shard allocation, useful before a rolling restart:
PUT /_cluster/settings
{
"transient" : {
"cluster.routing.allocation.enable" : "none"
}
}
PUT /_cluster/settings
{
"transient" : {
"cluster.routing.allocation.enable" : "all"
}
}
# _Shrink API : for reducing the no of shards (First mark the index as Readonly & then do shrink on same host)
https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-shrink-index.html
PUT /my_source_index/_settings
{
"settings": {
"index.routing.allocation.require._name": "shrink_node_name",
"index.blocks.write": true
}
}
POST my_source_index/_shrink/my_target_index
# Update Index by Query
POST /index/_update_by_query?conflicts=proceed or POST /my_index1,my_index2/my_type1,my_type2/_update_by_query # Update index for a field and a new value
{
"query": {
"term": {
"my_field": "my_value"
}
}
}
POST /index/_update_by_query # Update using script and Lucene query
{
"script": {
"source": "ctx._source.likes++",
"lang": "painless"
},
"query": {
"term": {value
"user": "kimchy"
}
}
}
POST /index/_update_by_query # Update using script and Lucene query
{
"script": {
"source": "ctx._source.likes++",
"lang": "painless"
},
"query": {
"term": {value
"user": "kimchy"
}
}
}
POST /index/_update_by_query #Update using inline script and variable(find and replace kind of)
{
"script": {
"inline": "ctx._source.system.process.name=\"" + value + "\"", "lang": "painless"},
"query": {"term": {"system.process.pid": key}}
}
}
# Debug and development
Queries - Get a detailed view of what a query do:
GET /blog/post/_validate/query?explain=true
{
"query": {
"match": {
"title": "Smith"
}
}
}
Get an explanation about a document matching or not:
GET /blog/post/1/_explain
{
"query": {
"match": {
"title": "Smith"
}
}
}
Analysis - Test how a content is tokenized in a field:
GET /blog/_analyze
{
"field": "title",
"text": "powerful"
}
Test analyzer token output by analyzer:
GET /blog/_analyze
{
"analyzer": "english",
"text": "powerful"
}
Profile API, which gives timing information about the query execution:
GET /index/_search
{
"profile": true,
"query" : {
"match" : { "message" : "some number" }
}
}
Get Field statistics
GET /_field_stats?fields=my_field
GET /my_index/_field_stats?fields=my_field
GET /my_index1,my_index2/_field_stats?fields=my_field
References :
Comments