-
Elasticsearch Overview:
- Elasticsearch serves as a distributed document store.
- Stores complex data structures serialized as JSON documents.
- Documents are indexed and fully searchable in near real-time (within 1 second).
- Utilizes an inverted index for fast full-text searches.
- Each unique word in any document is listed in the inverted index, linking to the relevant documents.
-
Index and Document Structure:
- An index is an optimized collection of documents.
- Each document contains fields (key-value pairs) with data.
- Elasticsearch indexes all data in every field by default.
- Indexed fields have dedicated, optimized data structures (e.g., inverted indices, BKD trees).
-
Schema Flexibility:
- Elasticsearch is schema-less; documents can be indexed without explicit field definitions.
- Dynamic mapping automatically detects and adds new fields to the index.
- Easy exploration: Start indexing documents, and Elasticsearch maps data types (booleans, floats, dates, etc.) automatically.
-
Custom Mappings:
- Define your own mappings to take control:
- Distinguish between full-text and exact value string fields.
- Perform language-specific text analysis.
- Optimize fields for partial matching.
- Use custom date formats and non-detected data types (e.g., geo_point, geo_shape).
-
Flexible Indexing:
- Index the same field differently for various purposes (e.g., full-text search vs. sorting).
- Apply multiple language analyzers to process user input in string fields.
-
Analysis Chain:
- Full-text field analysis during indexing is also used at search time.
- Query text undergoes the same analysis before term lookup in the index.