Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Explore your data with Elasticsearch

Elasticsearch Inc
November 07, 2015
Technology
5
1.2k

Explore your data with Elasticsearch

Presentation on PyCon HK by Honza Král

Elasticsearch Inc

November 07, 2015
Tweet

More Decks by Elasticsearch Inc

See All by Elasticsearch Inc
OSCON: Scaling a distributed engineering team from 50-250
elasticsearch
13
1.3k
Stuff a Search Engine Can Do
elasticsearch
17
1.6k
Using Elastic to monitor anything
elasticsearch
3
1.5k
Log all the things!
elasticsearch
4
1.1k
Why Elastic? @ 50th Vinitaly 2016
elasticsearch
5
1.9k
What's New In Elasticland?
elasticsearch
3
780
Kibana, Timelion, Graph Meetup
elasticsearch
3
750
Elastic for Time Series Data and Predictive Analytics
elasticsearch
4
2.9k
Elastic 2.0
elasticsearch
1
710

Other Decks in Technology

See All in Technology
Jetpack Glanceではじめる Material 3のColor
mochico
0
550
TypeScriptプロジェクトにスキーマ駆動開発を持ち込み、より型安全な世界へ
sansantech
PRO
1
400
Building smarter apps with machine learning, from magic to reality
picardparis
4
3.6k
Prisma を活⽤した TypeScript チーム開発
sansantech
PRO
0
280
Material 3 やめました / Good-bye M3 design system
yanzm
3
2.2k
アジャイルな組織を作るために開発チーム作成ガイドを書いた話 / Scrum Fest Mikawa 2023
ama_ch
3
1.5k
MagicPodで実現するE2Eテスト自動化
nozomiito
0
140
ドラッグ&ドロップを支える技術
takatsunobuhiro
0
110
テスト文化の成熟:自動テストが浸透した組織が次に目指すべきステップ
igsr5
4
630
リスキリングの特効薬!「技術コミュニティ」のススメ
mamohacy
1
530
Now we're all Cloud Natives, what's next?
ahrkrak
2
120
【初心者向け】まだ間に合う! Hugging Face入門 -TransformersでAI推論&学習
tkhresk
1
560

Featured

See All Featured
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
24
1.9k
Designing the Hi-DPI Web
ddemaree
274
33k
How STYLIGHT went responsive
nonsquared
89
4.4k
Being A Developer After 40
akosma
52
580k
Build your cross-platform service in a week with App Engine
jlugia
223
17k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
10
1.2k
Three Pipe Problems
jasonvnalue
89
9.2k
Designing on Purpose - Digital PM Summit 2013
jponch
108
6.1k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
184
15k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
33
8.5k
How to Ace a Technical Interview
jacobian
272
22k
Designing with Data
zakiwarfel
93
4.5k

Transcript

  1. Honza Král

    @honzakral
    Explore your data with

    Elasticsearch

    View Slide

  2. Elasticsearch

    View Slide

  3. Distributed Search Engine
    Open Source


    Document-based


    Based on Lucene


    JSON over HTTP

    View Slide

  4. Document based
    JSON

    Dynamic Schema

    Some Relationships

    Nested

    Parent/Child

    View Slide

  5. {
    "id": 7635,
    "accepted_answer_id": 7641,
    "answer_count": 9,
    "title": "Are you able to close your eyes and focus/think just on your code?",
    "body": "How do I ......?",
    "comment_count": 2,
    "comments": [{
    "creation_date": "2010-09-27T19:31:27.200",
    "id": 9372,
    "owner": { "display_name": "sange", "id": 3092 },
    "post_id": 7635,
    "text": "I sometimes close my eyes or stare at something ....."
    }, {......}],
    "favorite_count": 2,
    "last_activity_date": "2010-09-28T00:28:08.393",
    "owner": { "display_name": "flow", "id": 3761 },
    "rating": 6,
    "tags": [ "focus", "concentration" ],
    "view_count": 368,
    "creation_date": "2010-09-27T19:16:57.757",
    "closed_date": "2011-11-13T12:12:05.937"
    }
    StackOverflow Question

    View Slide

  6. Search

    View Slide

  7. Full Text (unstructured)
    in or across fields

    phrase, fuzzy, ...

    scan api for data extraction

    relies on analysis

    View Slide

  8. Filtering (structured)
    exact matches, ranges, geo, ...

    fast

    cacheable as bitsets

    core filters are cached, not compound filters (bool/and/or)

    View Slide

  9. Under the Hood

    View Slide

  10. Bible concordance
    A simple form lists Biblical words alphabetically, with indications
    to enable the inquirer to find the passages of the Bible where
    the words occur.
    The first concordance, completed in 1230, was undertaken
    under the guidance of Hugo de Saint-Cher (Hugo de Sancto
    Charo), assisted by fellow Dominicans.

    View Slide

  11. Inverted Index

    View Slide

  12. Building an inverted index
    "Django is a high-level Python Web framework that encourages rapid
    development and clean, pragmatic design."
    django high level python
    web framework encourag
    rapid
    develop clean pragmat design
    fast

    View Slide

  13. Inverted index
    python file_1.txt file_2.txt file_3.txt
    web file_2.txt file_3.txt
    file_2.txt file_4.txt
    django
    file_3.txt
    flask
    jazz file_4.txt

    View Slide

  14. search(python AND django)
    python file_1.txt file_2.txt file_3.txt
    file_2.txt file_4.txt
    django
    file_3.txt
    flask
    jazz file_4.txt
    web file_2.txt file_3.txt

    View Slide

  15. Phrase search
    python file_1.txt
    (4)
    file_2.txt
    (1, 3)
    file_3.txt
    (11, 42)
    web file_2.txt
    (2)
    file_3.txt
    (10)

    View Slide

  16. search("python web")
    python file_1.txt
    (4)
    file_2.txt
    (1, 13)
    file_3.txt
    (11, 42)
    web file_2.txt
    (2)
    file_3.txt
    (10)

    View Slide

  17. Merging sorted lists.

    View Slide

  18. Flexible
    Easily distributable

    View Slide

  19. Aggregations

    View Slide

  20. Metrics in Buckets
    Buckets

    split documents into groups

    can be nested

    Metrics

    calculated over documents in given bucket

    View Slide

  21. Buckets
    terms

    bucket per field value - "category"

    significant terms

    terms specific for this bucket - "uncommonly common"

    range

    per range - "age"

    geo_range/geohash_grid

    distance ranges

    (date_)histogram

    buckets per time interval - "daily"

    ...

    View Slide

  22. Metrics
    count/sum/avg/min/max/...

    (extended) stats

    including std deviation, sum of squares etc

    top_hits

    cardinality

    percentiles

    ...

    View Slide

  23. Mix and Match

    View Slide

  24. Example
    "aggs" : {
    "states" : {
    "terms" : {
    "field" : "state"
    },
    "aggs" : {
    "age_groups" : {
    "histogram" : { "field" : "age", "interval" : 5 },
    "aggs" : {
    "grades" : {
    "stats" : { "field" : "grade" }
    },
    "gender" : {
    "terms" : {
    "field" : "male",
    "script" : "_value == 'T' ? 'M' : 'F'"
    },
    "aggs" : {
    "grades" : {
    "stats" : { "field" : "grade" }
    }
    }...
    Analyze the grades per
    state
    Analyze per age_group
    Stats per state &
    age_group
    Stats per state, age_group &
    gender

    View Slide

  25. Example - Python DSL
    from elasticsearch_dsl import Search
    s = Search()
    s.aggs.bucket('states', 'terms', field='state') \
    .bucket('age_groups', 'histogram',
    field='age', interval=5) \
    .metric('grades', 'stats', field='grade')
    s.aggs['states']['age_groups'] \
    .bucket('gender', 'terms', field='gender') \
    .metric('grades', 'stats', field='grade')
    Analyze the grades per
    state
    Analyze per age_group
    Stats per state &
    age_group
    Stats per state, age_group &
    gender

    View Slide

  26. in near real-time
    Calculated in one pass

    View Slide

  27. Putting it all together
    Examples

    View Slide

  28. Faceted Navigation

    View Slide

  29. View Slide

  30. Faceted Search - Python
    from elasticsearch_dsl import *
    class LibrarySearch(FacetedSearch):
    doc_types = [Book, Magazine]
    index = 'library'
    fields = ['tags', 'title', 'description', 'author.*']
    facets = {
    'tags': TermsFacet(field='tags'),
    'years': DateHistogramFacet(
    field='published_date',
    interval='year'
    )
    }

    View Slide

  31. (more @ 16:45)
    Log Analysis

    View Slide

  32. Kibana (+logstash data)

    View Slide

  33. Recommendations

    View Slide

  34. Example: recommendations
    Artist A user A
    artist likes
    Artist B
    Artist C user B
    artist likes
    Artist D
    Users represented as documents
    Artists represented as terms

    View Slide

  35. Simple recommendation
    s = Search()
    # get users that like the same artists
    s = s.query('terms', artists=user_likes)
    # get the most popular I don't know yet
    s.aggs.bucket('popular', 'terms',
    field='artists', exclude=user_likes)
    Popular != Relevant

    View Slide

  36. Better recommendation
    s = Search()
    # get users that like the same artists
    s = s.query('terms', artists=user_likes)
    # get the artists that are specific
    s.aggs.bucket('significant', 'significant_terms',
    field='artists', exclude=user_likes)
    Use the relevancy!

    View Slide

  37. Significant terms
    Use the term stats

    Compare to background

    Also as nested aggregation

    View Slide

  38. Super-connected nodes in graphs
    We just figured out the way to surf only the
    meaningful connections in a graph!
    Concept A Concept B
    Concept C
    useful
    useless

    View Slide

  39. Extras

    View Slide

  40. Percolator
    Reversed search

    "Which queries match this document?"

    Classification

    Language detection

    Location

    Alerts

    Stored search

    Live search

    View Slide

  41. Suggesters
    terms, phrase

    "Did you mean?"

    context aware

    completion

    as-you-type FAST!

    custom score

    View Slide

  42. Distributed model
    Cluster

    Collection of Nodes

    Index

    Collection of Shards

    Shard

    Unit of scale

    Distributed across cluster

    Primary and replica
    node 1
    orders
    products
    2
    1
    4
    1
    node 2
    orders
    products
    2
    2
    node 3
    orders
    3 4
    1
    3
    products

    View Slide

  43. Honza Král

    @honzakral
    Thanks!

    View Slide