Skip to content

3. Let's Play

Jump to bottom
Madhusudhan Konda edited this page Oct 12, 2020 · 3 revisions

Playing with the Server

It's time to see Elasticsearch in action! Let's prime out server with data and see if we can retrieve the data and search it. We have our Server and Kibana ready, so let's put these tools to work.

Indexing a Sample Document

It's time to start playing with the server. Let's start indexing a sample document.

Head over to DevTools tab in Kibana and issue the following command:

PUT covid/_doc/1
{
  "country":"united states of america",
  "date":"2020-05-07",
  "cases":1266434,
  "deaths":74947
}

If this request is successful, you'll see a response on the right side pane of Kibana as shown here:

{
  "_index" : "covid",
  "_type" : "_doc",
  "_id" : "1",
  "_version" : 1,
  "result" : "created",
  "_shards" : {
    "total" : 2,
    "successful" : 2,
    "failed" : 0
  },
  "_seq_no" : 6,
  "_primary_term" : 1
}

Yay! We have indexed our first document into Elasticsearch.

The index covid which collects all the data about our covid cases and deaths is auto-magically created for us!

Retrieving the Document by ID

Let's retrieve the same document by asking the server gently:

// Request
GET covid/_doc/1

//Response
{
  "_index" : "covid",
  "_type" : "_doc",
  "_id" : "1",
  "_version" : 1,
  "_seq_no" : 0,
  "_primary_term" : 1,
  "found" : true,
  "_source" : {
    "country" : "united states of america",
    "date" : "2020-05-07",
    "cases" : 1266434,
    "deaths" : 74947
  }
}

Search for the document

Of course you can ask it using the empty search command too:

GET covid/_search
{
}

// Response
{
  "_index" : "covid",
  "_type" : "_doc",
  "_id" : "1",
  "_version" : 1,
  "_seq_no" : 0,
  "_primary_term" : 1,
  "found" : true,
  "_source" : {
    "country" : "united states of america",
    "date" : "2020-05-07",
    "cases" : 1266434,
    "deaths" : 74947
  }
}

The empty search command is asking the server to fetch ALL the documents

We are using Search API with the endpoint _search

Prepare Data for Simple Search

Of course you can do a simple search, for that let's index few more documents (we can use _bulk API for indexing larger datasets - we will see _bulk API later):

PUT covid/_doc/2
{
  "country":"united kingdom",
  "date":"2020-05-07",
  "cases":201101,
  "deaths":30076
}

PUT covid/_doc/4
{
  "country":"spain",
  "date":"2020-05-07",
  "cases":256855,
  "deaths":26070
}

PUT covid/_doc/3
{
  "country":"italy",
  "date":"2020-05-07",
  "cases":214457,
  "deaths":29684
}

The above commands all have PUT method prefixed and an ID supplied with it!

You can index a document using POST method too, in which case you don't need to provide the ID: POST covid/_doc will index a document as expected. The only difference is that the POST method will generate an ID for us (an UUID) while we need to supply with an ID when using PUT method.

Now let's run some simple queries:

Search Queries

First fetch the number of documents we have in `covid` index (should be 4 documents)
GET covid/_count

// Fetch Italy's covid stats
GET covid/_search
{
  "query": {
    "term": {
      "country": "italy"
    }
  }
}

// Fetch countries whose death tool is between 25k to 50k
GET covid/_search
{
  "query": {
    "range": {
      "deaths": {
        "gte": 25000,
        "lte": 50000
      }
    }
  }
}

// Total number of deaths so far (from our four countries, of course)
GET covid/_search
{
  "size": 0, 
  "aggs": {
    "total_deaths": {
      "sum": {
        "field": "deaths"
      }
    }
  }
}

Beautiful. We got the minimal setup up and running. Well done!

Updating a Document

Should we wish to update an existing document for modifying the existing fields or adding additional fields, we do this way:

POST covid/_update/2
{
  "doc": {
    "country":"United Kingdom",
    "date":"2020-10-13",
    "cases":501101,
    "deaths":45000,
    "r":1.4
  }
}

We use doc object to update the fields or add new ones (the r field was newly added in the above example).

Deleting a Document

We can delete the documents using DELETE http method: DELETE covid/_doc/4

Of course DELETE covid will blow off your entire index :)

Adding New Documents With Additional Fields (No Schema Changes)

Say we want to add new documents to our COVID index but this time with some additional fields, like r, critical and recovered. Similar to a NoSQL data store, Elasticsearch lets you add the additional fields without moaning. All we got to do is add those fields and shove it in :

PUT covid/_doc/5
{
  "country":"france",
  "date":"2020-05-07",
  "cases":174191,
  "deaths":25809,
  "recovered":53972,
  "critical":3147,
  "r":1.3
}

GET covid/_doc/5

// Response
{
  "_index" : "covid",
  "_type" : "_doc",
  "_id" : "5",
  "_version" : 2,
  "_seq_no" : 9,
  "_primary_term" : 1,
  "found" : true,
  "_source" : {
    "country" : "france",
    "date" : "2020-05-07",
    "cases" : 174191,
    "deaths" : 25809,
    "recovered" : 53972,
    "critical" : 3147,
    "r":1.3
  }
}
Clone this wiki locally