Elasticsearch

Install and run Elasticsearch on your own infrastructure.

• Docker
• Debian / Ubuntu
• RPM
• Windows
• Linux / macOS archive
• Configure Elasticsearch
• Secure a self-managed cluster

Run Elasticsearch on Elastic Cloud, Kubernetes, or ECE.

• Elastic Cloud Hosted
• Elastic Cloud on Kubernetes (ECK)
• Elastic Cloud Enterprise (ECE)

Production guidance, upgrades, cluster health, and diagnostics.

• Start and stop Elasticsearch
• Stack monitoring
• Capture diagnostics
• Troubleshoot
• Snapshot and restore

Pre-process documents before indexing with processors that parse, transform, and enrich your data.

• Overview and setup
• Simulate ingestion (API)
• All ingest methods

Manage time-series data with a single resource that spans multiple backing indices.

• Data streams overview
• Manage data streams
• Logs data stream (logsdb)

Index, update, delete, and retrieve documents with the core document APIs.

• Index a document
• Bulk API
• Reindex API
• Reindex examples
• Migrate data between clusters

Write expressive queries using the JSON-based Domain Specific Language — from simple term filters to compound boolean queries.

• Full-text search
• Full-text queries
• Search API
• Cross-cluster search

A pipe-based query language purpose-built for filtering, transforming, and analyzing data — usable from the API, Kibana Discover, or directly in search.

• Get started with ES|QL
• Syntax reference
• Commands
• ES|QL for search
• Cross-cluster ES|QL

Use EQL for event sequences, SQL for familiar syntax, or Painless for custom scoring and scripted queries.

• EQL (Event Query Language)
• SQL
• Translate SQL to Query DSL
• Painless scripting

Summarize and compute statistics over your data — counts, averages, histograms, date ranges, and more.

• Introduction
• Tutorial: eCommerce data analysis

Compute single numeric values from field data — min, max, avg, sum, percentiles, stats, and more.

• Top hits
• Top metrics
• Cardinality, percentiles, stats

Group documents into buckets, then chain pipeline aggregations to compute on those buckets.

• Filters aggregation
• Multi-terms aggregation
• Avg bucket (pipeline)
• Bucket script (pipeline)

Define how documents and their fields are stored, indexed, and analyzed.

• Field data types
• Dynamic field mapping
• Runtime fields
• Update mappings (examples)
• Put mapping API

Control how text is tokenized and indexed to optimize relevance and search recall.

• Configure text analysis
• Create a custom analyzer
• Specify an analyzer
• Analyze API
• Analyzers, tokenizers, and filters reference

All Elasticsearch node settings — network, thread pools, index defaults, security, and more.

• Node settings
• Security settings
• All settings reference

Automate index policies to move data through hot, warm, cold, and frozen tiers — and eventually delete it.

• Create an ILM policy
• Tutorials
• Check ILM status
• Start and stop ILM
• Explain lifecycle (API)

Set built-in retention and rollover directly on data streams, without a separate ILM policy.

• Data stream lifecycle overview
• Update an existing data stream
• Manage data tiers

Back up indices and data streams to a remote repository and restore them when needed.

• Overview
• Restore a snapshot
• Create a snapshot repository (API)
• Create a snapshot (API)
• Troubleshoot snapshots

Search by meaning rather than exact keywords using dense or sparse vector embeddings.

• Semantic search with semantic_text
• Semantic search with ELSER
• Get started with semantic search
• Dense vs. sparse ingest pipelines

Find the nearest neighbors to a query vector for similarity-based retrieval and hybrid search.

• kNN search
• Sparse vector search
• Bring your own vectors
• kNN retriever
• kNN in ES|QL

Connect Elasticsearch to external AI model providers for embeddings, reranking, and completions.

• Create an inference endpoint
• ELSER inference endpoint

Encrypt communications between nodes and between clients and the cluster.

• Set up basic security (TLS)
• Secure cluster communications
• Secure HTTP clients
• Security settings reference

Verify user identity with native realms, LDAP, Active Directory, SAML, OIDC, PKI, and more.

• LDAP authentication
• SAML authentication (API)
• All authentication methods

Control what users and applications can access using roles, privileges, and field- and document-level security.

• Users and roles overview
• Create or update a role (API)
• Create or update a user (API)

Official Elasticsearch clients for your preferred programming language.

• Python
• Java
• Go
• Rust
• PHP
• Ruby
• Community clients

High-level Python libraries that simplify building queries, mappings, and bulk operations.

• Elasticsearch DSL (Python)
• Java bulk indexing
• Troubleshoot clients

Get data into Elasticsearch using Fleet, Logstash, Beats, or search connectors.

• Fleet and Elastic Agent
• Content connectors
• All ingest options

Conventions, common options, compatibility guarantees, and the full interactive API specification.

• API conventions
• Common options
• API compatibility
• Examples and quick start
• Full API reference

Write custom scripts in Painless for queries, aggregations, ingest processors, and runtime fields.

• Introduction to Painless
• Language specification
• Use Painless in runtime fields
• Scripts reference

What's new, deprecated, and fixed in each Elasticsearch release.

• Elasticsearch
• Breaking changes
• Deprecations

Diagnose and fix common Elasticsearch cluster, performance, and operational issues.

• Cluster issues
• Snapshot and restore
• Clients
• Capture diagnostics