Elasticsearch je distribuovaný search a analytics engine.
Základní koncepty¶
- Index — kolekce dokumentů (jako tabulka)
- Document — JSON objekt (jako řádek)
- Mapping — schema (typy polí)
- Shard — horizontální dělení indexu
CRUD¶
Index document¶
PUT /products/_doc/1 { “name”: “Laptop”, “price”: 1000 }
Search¶
GET /products/_search { “query”: { “match”: { “name”: “laptop” } } }
Delete¶
DELETE /products/_doc/1
Query DSL¶
GET /products/_search {
“query”: {
“bool”: {
“must”: [{ “match”: { “name”: “laptop” } }],
“filter”: [{ “range”: { “price”: { “lte”: 2000 } } }]
}
}
}
Agregace¶
GET /orders/_search {
“size”: 0,
“aggs”: {
“by_status”: { “terms”: { “field”: “status” } },
“avg_total”: { “avg”: { “field”: “total” } }
}
}
Use cases¶
- Full-text search (e-commerce, dokumenty)
- Log aggregace (ELK stack)
- Metriky a analytics
- Auto-complete a suggestions
- Geospatial search
ELK Stack¶
Elasticsearch (storage + search) + Logstash (ingestion) + Kibana (vizualizace). Alternativa: Elasticsearch + Vector + Grafana.
Tip¶
Elasticsearch je mocný, ale resource-hungry. Pro jednoduché use cases zvažte PostgreSQL full-text search.
elasticsearchsearchdata