Instructions for installing Elasticsearch on Windows 10
(See also: Elasticsearch Tutorial)
Elasticsearch requires Java 8 or higher, so before installing Elasticsearch, make sure you have Java version >= 8 installed on your machine.
(Review: install Java, JDK on windows)
Here I install on windows, so I will use the .msi installation at https://artifacts.elastic.co/…elasticsearch-6.3.2.msi.
To download other versions, please visit: https://www.elastic.co/downloads/elasticsearch
Elasticsearch installation steps
Double click on the downloaded .msi file
The directory configuration section (directories containing data, config or log files) is left to default, you can edit it to your liking.
The elasticsearch configuration part, I start it manually, so I will choose “Do not install as a service” which means it will turn on when needed. and the “Install as a service” section, it will install elasticsearch like a windows service, and will automatically start when the computer is turned on.
My elasticsearch configuration is the default (You can edit it as you like.)
- For example, port 9200 overlaps with any application, please fix it
- Machines with excess ram but want elasticsearch to run fast, provide a lot of memory for it)
The plugin part, I do not install anything. (I will guide elasticsearch plugins later)
I use the communiy version, so the license is basic.
Result: after successful installation, you access the bin of the installation folder and double click on the elasticsearch.exe file to run elasticsearch
To check if elasticsearch is running, and configuration information, open a web browser and access the address 127.0.0.1:9200
In the next sections, I will guide you to put data into elasticsearch, index and query, java example code with elasticsearch
This entry was posted in Elasticsearch and tagged elasticsearch. Bookmark the permalink.
2/ Demo of main functions
This guide helps beginners learn how to:
- Install and run Elasticsearch in a test environment
- Add data to Elasticsearch
- Search and sort data
- Extract fields from unstructured content during a search
The simplest way to set up Elasticsearch is to create a managed deployment with Elasticsearch Service on Elastic Cloud. If you prefer to manage your own test environment, you can install and run Elasticsearch using Docker.
Elasticsearch Service Self-managed
- Get a free trial.
- Log into Elastic Cloud.
- Click Create deployment.
- Select a solution and give your deployment a name.
- Click Create deploymentand download the password for the elastic user.
Send requests to Elasticsearch link
You add data to Elasticsearch as JSON objects called documents. Elasticsearch stores these documents in searchable indices.
For time series data, such as logs and metrics, you typically add documents to a data stream made up of multiple auto-generated backing indices.
A data stream requires an index template that matches its name. Elasticsearch uses this template to configure the stream’s backing indices. Documents sent to a data stream must have a @timestamp field.
Add a single document
Submit the following indexing request to add a single log entry to the logs-my_app-default data stream. Since logs-my_app-default doesn’t exist, the request automatically creates it using the built-in logs-*-* index template.
The response includes metadata that Elasticsearch generates for the document:
- The backing _indexthat contains the document. Elasticsearch automatically generates the names of backing indices.
- A unique _idfor the document within the index.
Add multiple documents
Use the _bulk endpoint to add multiple documents in one request. Bulk data must be newline-delimited JSON (NDJSON). Each line must end in a newline character (\n), including the last line.
Indexed documents are available for search in near real-time. The following search matches all log entries in logs-my_app-default and sorts them by @timestamp in descending order.
By default, the hits section of the response includes up to the first 10 documents that match the search. The _source of each hit contains the original JSON object submitted during indexing.
Get specific fields
Parsing the entire _source is unwieldy for large documents. To exclude it from the response, set the _source parameter to false. Instead, use the fields parameter to retrieve the fields you want.
The response contains each hit’s fields values as a flat array.
Search a date range
To search across a specific time or IP range, use a range query.
You can use date math to define relative time ranges. The following query searches for data from the past day, which won’t match any log entries in logs-my_app-default.
Extract fields from unstructured content
You can extract runtime fields from unstructured content, such as log messages, during a search.
Use the following search to extract the source.ip runtime field from event.original. To include it in the response, add source.ip to the fields parameter.
You can use the bool query to combine multiple queries. The following search combines two range queries: one on @timestamp and one on the source.ip runtime field.
Use aggregations to summarize data as metrics, statistics, or other analytics.
The following search uses an aggregation to calculate the average_response_size using the http.response.body.bytes runtime field. The aggregation only runs on documents that match the query.
The response’s aggregations object contains aggregation results.
Explore more search options
To keep exploring, index more data to your data stream and check out Common search options.
When you’re done, delete your test data stream and its backing indices.
You can also delete your test deployment.Buy us some coffee
Thank You for your support as we work to give you the best of guides and articles.