Elasticsearch and Kibana

Lisa Jung
Developer Advocate @ Elastic

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Have you ever used the
Elastic Stack before?
Type yes in the chat if you have used it

Type no in the chat if you have never used

it
Searching for
Rides
Searching for
Restaurants
Searching for
The Elastic Stack
Reliably and securely take data from
any source, in any format, then search,
analyze, and visualize it in real time.
Use Cases

● Logging
● Metrics
● Security Analytics
● Business Analytics
 Use Case: Logging

https://www.reddit.com/r/gaming/comments/4lhm69/overwatch_blocked_pharahs_rocket_with_hanzos_arrow/
Use Case: Metrics
Use Case: Security Analytics
Use Case: Business Analytics
The Elastic Stack
Reliably and securely take data from
any source, in any format, then search,
analyze, and visualize it in real time.
Elasticsearch and Kibana

Lisa Jung
Developer Advocate @ Elastic

@LisaHJung|Beginner’s Crash Course to Elastic Stack

By the end of this workshop, you will be able to:

● understand a use case of Elasticsearch and Kibana

● understand the basic architecture of Elasticsearch
● Perform CRUD(Create, Read, Update, Delete) operations with
Elasticsearch and Kibana

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Elasticsearch
Store | Search | Analyze
Great Search Experience = Get fast and relevant results, no matter the scale.

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Find me a list of peanut butter brands. I Find me a hot sauce named
want the highest rated brands at the top. uh… I think it is spelled
Sriracha? Maybe it’s spelled
Srirracah? Srirracha?

@LisaHJung|Beginner’s Crash Course to Elastic Stack

@LisaHJung|Beginner’s Crash Course to Elastic Stack
Kibana
Visualize| Manage

Elasticsearch
Store | Search | Analyze
 Search | View | Interact

@LisaHJung|Beginner’s Crash Course to Elastic Stack

@LisaHJung|Beginner’s Crash Course to Elastic Stack
By the end of this workshop, you will be able to:

● understand a use case of Elasticsearch and Kibana

● understand the basic architecture of Elasticsearch
● Perform CRUD(Create, Read, Update, Delete) operations with
Elasticsearch and Kibana

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Elasticsearch
Store | Search | Analyze
Cluster

I belong to a Hi! I am a node. I

single cluster! am an instance of
Elasticsearch.

Node-1

I have a unique id
and a name!

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Cluster

Node-1 Node-2 Node-3 Node-4

@LisaHJung|Beginner’s Crash Course to Elastic Stack

@LisaHJung|Beginner’s Crash Course to Elastic Stack
Cluster

Node-1 Node-2 Node-3 Node-4

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Data is stored as documents in Elasticsearch!

I am a document, a JSON object

that is stored in Elasticsearch
under a unique ID!

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Documents are grouped into an index!

Produce Index Wine & Beer Index

@LisaHJung|Beginner’s Crash Course to Elastic Stack

What is a shard?
Cluster

Node-1 Node-2 Node-3

Hi! I am a shard. I Produce Index

hold documents
related to
produce! P0

Wine and beer Index

Hi! I am a shard
too. I hold P0
documents
related to wine
and beer!
@LisaHJung|Beginner’s Crash Course to Elastic Stack
What is sharding?
Cluster

Node-1 Node-2 Node-3

Produce Index

P0 P1 P2

Wine and beer Index

P0 P1 P2

@LisaHJung|Beginner’s Crash Course to Elastic Stack

What is sharding? Dang it! I can
only hold 200K
I can hold
200K
I can hold
200K
documents! documents! documents!
Cluster
Client
Node-1 Node-2 Node-3

Produce Index

P0 P1 P2
I want to
index 600K
documents
about
produce in
my cluster

@LisaHJung|Beginner’s Crash Course to Elastic Stack

What is sharding?
Cluster

Node-1 Node-2 Node-3 Node-4 Node-5 Node-6 Node-7

Produce Index

P0 P1 P2 P3 P4 P5 P6

@LisaHJung|Beginner’s Crash Course to Elastic Stack

What is sharding?
Cluster
Client
Node-1 I can hold the
entire produce
Produce Index index of 500K
documents.

P0
I want to
find pink
lady It took me 10
apples! seconds to
search
through 500K
documents!

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Sharding speeds up your search! We can search through 500K
documents in 1 second! ⚡
Cluster
Node-1 Node-2 Node-3 Node-4 Node-5 Node-6 Node-7 Node-8 Node-9 Node-10

Produce Index keeps track of 500K produce documents

P0 P1 P2 P3 P4 P5 P6 P7 P8 P9

50K 50K 50K 50K 50K 50K 50K 50K 50K 50K

Running a search on 50K

documents takes 1 sec!

@LisaHJung|Beginner’s Crash Course to Elastic Stack

What is sharding?
Cluster
Client
Node-1

I can search
Produce Index
through of 500K
documents in 10
P0
I want to seconds..
find pink
lady
apples!

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Sharding speeds up your search! We can search through 500K
documents in 1 second! ⚡
Cluster
Node-1 Node-2 Node-3 Node-4 Node-5 Node-6 Node-7 Node-8 Node-9 Node-10

Produce Index

P0 P1 P2 P3 P4 P5 P6 P7 P8 P9

50K 50K 50K 50K 50K 50K 50K 50K 50K 50K

@LisaHJung|Beginner’s Crash Course to Elastic Stack

@LisaHJung|Beginner’s Crash Course to Elastic Stack
What are replica shards?
Cluster
Node-1 Node-2 Node-3 Node-4

Produce Index

P0 P1 R0 R1

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Replica shards can improve the performance of your
search

Client 2000
8000search
searchqueries
queriesper
persecond
second Cluster

Node-1 Node-2 Node-3 Node-4

Produce Index

P0 P1 R0 R1

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Tutorial:
Performing CRUD Operations with
Elasticsearch and Kibana

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Deploy your way
Select a distribution model for your unique needs

Self-Managed Elastic Cloud Elastic Cloud Elastic Cloud on

Enterprise Kubernetes

Install a single package Deploy instantly on AWS, Centrally manage multiple

Azure or Google Cloud deployments on your infra
https://ela.st/beginners-table-of-contents

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Scroll down to the Resources section & open Free
Elastic Cloud Trial link in a new tab.

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Click on Try it free option

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Name your deployment and click on Edit settings
option

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Configure your deployment settings

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Choose the cloud provider of your choice

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Select the region closest to you

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Select your hardware profile

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Select the latest version of the Elastic Stack

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Save your deployment credentials

Your username

Your password

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Click on Explore on my own option

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Click on Dev Tools option

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Click on dismiss and delete the default query

@LisaHJung|Beginner’s Crash Course to Elastic Stack

 Search | View | Interact

@LisaHJung|Beginner’s Crash Course to Elastic Stack

 Cluster

HTTP HTTP

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Questions?
Want to continue learning about Elasticsearch &
Kibana?
● Beginner’s Crash Course to Elastic Stack
○ https://ela.st/beginners-crash-course

● Mini Beginner’s Crash Course to Elasticsearch & Kibana

○ https://ela.st/mini-beginners-crash-course

@LisaHJung|Beginner’s Crash Course to Elastic Stack

Lisa Jung
Developer Advocate @ Elastic

Discussion forum: https://discuss.elastic.co/

Blog: https://dev.to/lisahjung
Twitter: @LisaHJung