Working as an Elastic support engineer, we see a few tools that are very useful to have already in place when we need to help our customers troubleshoot their Elasticsearch clusters, or monitor to keep them healthy. Let’s review the top 3 with a few examples. 1. Know your REST
We’ve recently introduced two additional keyword types, wildcard and constant_keyword. In this post, we’ll try to briefly introduce them. The wildcard field is optimized for matching any part of string values using wildcards or regular expressions. The usual use case is for security when we might be searching for a pattern in a process, or
When ingesting data through a regular Elasticsearch ingest pipeline 1 (e.g. with dissect, rename, or remove processors 2) we can now add an Enrich Processor 4. This allows us to do lookups on other Elasticsearch indices and enrich the incoming document before sending it to its own index. Enrich Policies 4 are what powers this new functionality in Elasticsearch version
First published on https://www.elastic.co/blog/creating-frozen-indices-with-the-elasticsearch-freeze-index-api First, some context Hot-Warm architectures are often used when we want to get the most out of our hardware. It is particularly useful when we have time-based data, like logs, metrics, and APM data. Most of these setups rely on the fact that this data is read-only (after
Working as an Elastic support engineer, we see a few tools that are very useful to have already in place when we need to help our customers troubleshoot their Elasticsearch clusters, or monitor to keep them healthy. Let’s review the top 3 with a few examples. 1. Know your REST
We’ve recently introduced two additional keyword types, wildcard and constant_keyword. In this post, we’ll try to briefly introduce them. The wildcard field is optimized for matching any part of string values using wildcards or regular expressions. The usual use case is for security when we might be searching for a pattern in a process, or
When ingesting data through a regular Elasticsearch ingest pipeline 1 (e.g. with dissect, rename, or remove processors 2) we can now add an Enrich Processor 4. This allows us to do lookups on other Elasticsearch indices and enrich the incoming document before sending it to its own index. Enrich Policies 4 are what powers this new functionality in Elasticsearch version
First published on https://www.elastic.co/blog/creating-frozen-indices-with-the-elasticsearch-freeze-index-api First, some context Hot-Warm architectures are often used when we want to get the most out of our hardware. It is particularly useful when we have time-based data, like logs, metrics, and APM data. Most of these setups rely on the fact that this data is read-only (after
