Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Elasticsearch for SQL Users
Search
Elastic Co
October 26, 2016
Technology
0
160
Elasticsearch for SQL Users
As given at the All Things Open 2016 conference.
Elastic Co
October 26, 2016
Tweet
Share
More Decks by Elastic Co
See All by Elastic Co
Les Vendredis noirs : même pas peur ! - Breizhcamp
elastic
15
1k
Confoo Montreal: Ingest node: enriching documents within Elasticsearch
elastic
16
1k
Elastic{ON} 2018 - Sipping from the Firehose: Scalable Endpoint Data for Incident Response
elastic
6
4.3k
Elastic{ON} 2018 - A Security Analytics Platform for Today
elastic
3
11k
Elastic{ON} 2018 - The State of Geo in Elasticsearch
elastic
7
12k
Elastic{ON} 2018 - Reliable by design - Applying formal methods to distributed systems
elastic
5
4.8k
Elastic{ON} 2018 - Bigger, Faster, Stronger - Leveling Up Enterprise Logging
elastic
1
5k
Elastic{ON} 2018: Latest in Logstash
elastic
1
4.6k
Elastic{ON} 2018 - Lessons Learned from Workday's Search Application Journey from POC to Production
elastic
2
2.5k
Other Decks in Technology
See All in Technology
AIBuildersDay_track_A_iidaxs
iidaxs
4
1.7k
Oracle Database@Azure:サービス概要のご紹介
oracle4engineer
PRO
3
240
技術選定、下から見るか?横から見るか?
masakiokuda
0
170
Everything As Code
yosuke_ai
0
460
20251222_サンフランシスコサバイバル術
ponponmikankan
2
160
TED_modeki_共創ラボ_20251203.pdf
iotcomjpadmin
0
190
Oracle Cloud Infrastructure:2025年12月度サービス・アップデート
oracle4engineer
PRO
0
140
2025年のデザインシステムとAI 活用を振り返る
leveragestech
0
610
AWSインフルエンサーへの道 / load of AWS Influencer
whisaiyo
0
240
Authlete で実装する MCP OAuth 認可サーバー #CIMD の実装を添えて
watahani
0
310
Claude Skillsの テスト業務での活用事例
moritamasami
1
130
小さく、早く、可能性を多産する。生成AIプロジェクト / prAIrie-dog
visional_engineering_and_design
0
270
Featured
See All Featured
Building Adaptive Systems
keathley
44
2.9k
Designing Powerful Visuals for Engaging Learning
tmiket
0
190
The Invisible Side of Design
smashingmag
302
51k
How to optimise 3,500 product descriptions for ecommerce in one day using ChatGPT
katarinadahlin
PRO
0
3.4k
A Soul's Torment
seathinner
1
2.1k
What Being in a Rock Band Can Teach Us About Real World SEO
427marketing
0
150
The Hidden Cost of Media on the Web [PixelPalooza 2025]
tammyeverts
2
130
Six Lessons from altMBA
skipperchong
29
4.1k
Art, The Web, and Tiny UX
lynnandtonic
304
21k
Embracing the Ebb and Flow
colly
88
4.9k
Noah Learner - AI + Me: how we built a GSC Bulk Export data pipeline
techseoconnect
PRO
0
76
We Analyzed 250 Million AI Search Results: Here's What I Found
joshbly
0
370
Transcript
1 Shaunak Kashyap Developer at Elastic @shaunak Elasticsearch for SQL
users
The Elastic Stack 2 Store, Index & Analyze Ingest User
Interface Plugins Hosted Service
3 Agenda Search queries Data modeling Architecture 1 2 3
2 4 Agenda Search queries Data modeling Architecture 1 3
5 Agenda Search queries Data modeling 1 2 3 Architecture
6 Search Queries https://www.flickr.com/photos/samhames/4422128094
7 CREATE TABLE IF NOT EXISTS emails ( sender VARCHAR(255)
NOT NULL, recipients TEXT, cc TEXT, bcc TEXT, subject VARCHAR(1024), body MEDIUMTEXT, datetime DATETIME ); CREATE INDEX emails_sender ON emails(sender); CREATE FULLTEXT INDEX emails_subject ON emails(subject); CREATE FULLTEXT INDEX emails_body ON emails(body); curl -XPUT 'http://localhost:9200/enron' -d' { "mappings": { "email": { "properties": { "sender": { "type": "keyword" }, "recipients": { "type": "keyword" }, "cc": { "type": "keyword" }, "bcc": { "type": "keyword" }, "subject": { "type": "text", "analyzer": "english" }, "datetime": { "type": "date" } } } } Schemas
8 Loading the data
9 [LIVE DEMO] • Search for text in a single
field • Search for text in multiple fields • Search for a phrase https://github.com/ycombinator/es-enron
10 Other Search Features Stemming Synonyms Did you mean? •
Jump, jumped, jumping • Queen, monarch • Monetery => Monetary
11 Data Modeling https://www.flickr.com/photos/samhames/4422128094 https://www.flickr.com/photos/ericparker/7854157310
12 To analyze (text) or not to analyze (keyword)? PUT
cities/city/1 { "city": "Raleigh", "population": 431746 } PUT cities/city/2 { "city": "New Albany", "population": 8829 } PUT cities/city/3 { "city": "New York", "population": 8406000 } POST cities/_search { "query": { "match": { "city": "New Albany" } } } QUERY + = ?
PUT cities/city/1 { "city": "Raleigh", "population": 431746 } 13 To
analyze (text) or not to analyze (keyword)? PUT cities/city/2 { "city": "New Albany", "population": 8829 } PUT cities/city/3 { "city": "New York", "population": 8406000 } Term Document IDs albany 2 new 2,3 raleigh 1 york 3
14 To analyze (text) or not to analyze (keyword)? PUT
cities { "mappings": { "city": { "properties": { "city": { "type": "keyword" } } } } } MAPPING Term Document IDs New Albany 2 New York 3 Raleigh 1
PUT blog/post/1 { "author_id": 1, "title": "...", "body": "..." }
PUT blog/post/2 { "author_id": 1, "title": "...", "body": "..." } PUT blog/post/3 { "author_id": 1, "title": "...", "body": "..." } 15 Relationships: Application-side joins PUT blog/author/1 { "name": "John Doe", "bio": "..." } POST blog/author/_search { "query": { "match": { "name": "John" } } } QUERY 1 POST blog/post/_search { "query": { "match": { "author_id": <each id from query 1 result> } } } QUERY 2
PUT blog/post/1 { "author_name": "John Doe", "title": "...", "body": "..."
} PUT blog/post/2 { "author_name": "John Doe", "title": "...", "body": "..." } 16 Relationships: Data denormalization POST blog/post/_search { "query": { "match": { "author_name": "John" } } } QUERY PUT blog/post/3 { "author_name": "John Doe", "title": "...", "body": "..." }
17 Relationships: Nested objects PUT blog/author/1 { "name": "John Doe",
"bio": "...", "blog_posts": [ { "title": "...", "body": "..." }, { "title": "...", "body": "..." }, { "title": "...", "body": "..." } ] } POST blog/author/_search { "query": { "match": { "name": "John" } } } QUERY
18 Relationships: Parent-child documents PUT blog/author/1 { "name": "John Doe",
"bio": "..." } POST blog/post/_search { "query": { "has_parent": { "type": "author", "query": { "match": { "name": "John" } } } QUERY PUT blog { "mappings": { "author": {}, "post": { "_parent": { "type": "author" } } } } PUT blog/post/1?parent=1 { "title": "...", "body": "..." } PUT blog/post/2?parent=1 { "title": "...", "body": "..." } PUT blog/post/3?parent=1 { "title": "...", "body": "..." }
19 Architecture https://www.flickr.com/photos/samhames/4422128094 https://www.flickr.com/photos/haribote/4871284379/
20 RDBMS Triggers database by Creative Stall from the Noun
Project 1 2
21 Async replication to Elasticsearch 1 2 3 ESSynchronizer flow
by Yamini Ahluwalia from the Noun Project
22 Async replication to Elasticsearch with Logstash 1 2 3
23 Forked writes from application 1 2
24 Forked writes from application (more robust) 1 2 queue
by Huu Nguyen from the Noun Project ESSynchronizer 3 4
25 Forked writes from application (more robust with Logstash) 1
2 3 4
26 Questions? @shaunak https://www.flickr.com/photos/nicknormal/2245559230/
elastic
iidaxs
oracle4engineer
masakiokuda
yosuke_ai
ponponmikankan
iotcomjpadmin
leveragestech
whisaiyo
watahani
moritamasami
visional_engineering_and_design
keathley
tmiket
smashingmag
katarinadahlin
seathinner
427marketing
tammyeverts
skipperchong
lynnandtonic
colly
techseoconnect
joshbly
![9 [LIVE DEMO] • Search for text in a single](https://files.speakerdeck.com/presentations/c1279e0e31b84440be9b3e300ad35fbc/slide_8.jpg){kind=link}
