search search {everything} · elasticsearch beats logstash saas on-prem elastic cloud elastic...

1

Search <everywhere/>Search {everything}

2

Hello

33

Aravind Putrevu

<Developer/>

SIG-Contribex -

@aravindputrevu

4

Why I’m here?

5

66

77

88

9

1010

But..

Search doesn’t stop there...

11

1212

13

you know, for search

Store, Search, & Analyze

Visualize & Manage

Ingest

Elastic Stack

SOLUTIONS

Kibana

Elasticsearch

Beats Logstash

SaaS On-Prem

Elastic cloud Elastic cloudEnterprise

Standalone

Elastic cloudOn Kubernetes

1717

18 18

ElasticsearchHeart of the Elastic Stack

Distributed, Scalable High-availability Multi-tenancy

Developer Friendly Real-time, Full-text Search Aggregations

19

github.com/elastic/elasticsearch

20

Terms

Cluster

https://www.elastic.co/guide/en/elasticsearch/reference/current/glossary.html

A cluster is a collection of one or more nodes (servers)

21

Terms

Node

https://www.elastic.co/guide/en/elasticsearch/reference/current/glossary.html

A node is a single server that is part of your cluster, stores your data, and participates in the cluster’s

indexing and search capabilities

22

Terms

Index

https://www.elastic.co/guide/en/elasticsearch/reference/current/glossary.html

An index is a collection of documents that have somewhat similar characteristics

23

Terms

Document

https://www.elastic.co/guide/en/elasticsearch/reference/current/glossary.html

JSON Document, which gets stored in Index

24

Terms

Shard

https://www.elastic.co/guide/en/elasticsearch/reference/current/glossary.html

Elasticsearch provides the ability to subdivide your index into multiple pieces called shards

2525

apps

meta content

Index

2626

apps

meta content

Shards

27 27

Types of Shards

Primary Shard

➢ Responsible for ○ Create○ Update○ Delete

➢ Pushes data to replica’s➢ Important for write-heavy

architecture

Replica Shard

➢ Helps with reads➢ Fault tolerance➢ Scalability➢ Important for read-heavy or

search architecture

2828 28

2929

3030

31

Solutions

TracingMetricsLogs

App Search Enterprise SearchSite Search

SIEM ENDPOINT

32

Deploying Search. . .

33

Ways to create Elasticsearch Cluster?

Self-managed Cloud Infra Managed Service

34

35

$> docker pull elasticsearch

Images: docker.elastic.co

3636

37

Running Elasticsearch on GCP

1 2 3 4 5

Login to GCP Console

Go to GCP Marketplace

Search “Elasticsearch Service

on Elastic Cloud”

Purchase &

Enable

Manage via Elastic

38

Running Elasticsearch on GCP

1 2 3 4 5

Login to GCP Console

Go to GCP Marketplace

Search “Elasticsearch Service

on Elastic Cloud”

Purchase &

Enable

Manage via Elastic

39

Running Elasticsearch on GCP

1 2 3 4 5

Login to GCP Console

Go to GCP Marketplace

Search “Elasticsearch Service

on Elastic Cloud”

Purchase &

Enable

Manage via Elastic

40

Running Elasticsearch on GCP

1 2 3 4 5

Login to GCP Console

Go to GCP Marketplace

Search “Elasticsearch Service

on Elastic Cloud”

Purchase &

Enable

Manage via Elastic

41

Running Elasticsearch on GCP

1 2 3 4 5

Login to GCP Console

Go to GCP Marketplace

Search “Elasticsearch Service

on Elastic Cloud”

Purchase &

Enable

Manage via Elastic

42

43

44

Searching with Elastic Enterprise Search

45

Managing and Connection Sources with Elastic Enterprise Search

4646

Resources

ela.st/search

46

4747

Resources

ela.st/community-trial

47

48

Fin!

discuss.elastic.co | aravind@elastic.co | @aravindputrevu