Elasticsearch Bulk

Elasticsearch Bulk

Opster Team

March 2021


In addition to reading this guide, we recommend you run the Elasticsearch Health Check-Up. It will detect issues and improve your Elasticsearch performance by analyzing your shard sizes, threadpools, memory, snapshots, disk watermarks and more.

The Elasticsearch Check-Up is free and requires no installation.

Run the Elasticsearch check-up to receive recommendations like this:

checklist Run Check-Up
error

The following configuration error was detected on node 123...

error-img

Description

This error can have a severe impact on your system. It's important to understand that it was caused by...

error-img

Recommendation

In order to resolve this issue and prevent it from occurring again, we recommend that you begin by changing the configuration to...

1

X-PUT curl -H "Content-Type: application/json" [customized recommendation]

Overview

In Elasticsearch, when using the Bulk API it is possible to perform many write operations in a single API call, which increases the indexing speed. Using the Bulk API is more efficient than sending multiple separate requests. This can be done for the following four actions:

Examples

The bulk request below will index a document, delete another document, and update an existing document.

POST _bulk
{ "index" : { "_index" : "myindex", "_id" : "1" } }
{ "field1" : "value" }
{ "delete" : { "_index" : “myindex", "_id" : "2" } }
{ "update" : {"_id" : "1", "_index" : "myindex"} }
{ "doc" : {"field2" : "value5"} }

Notes

  • Bulk API is useful when you need to index data streams that can be queued up and indexed in batches of hundreds or thousands, such as logs.
  • There is no correct number of actions or limits to perform on a single bulk call, but you will need to figure out the optimum number by experimentation, given the cluster size, number of nodes, hardware specs etc.

Related log errors to this ES concept


Failed to execute pipeline for a bulk request
Unexpected error while indexing monitoring document:
Bulk request has been cancelled.
Failed to execute bulk request .
Failed to render document ; skipping it
Failed to bulk index audit events:
Unexpected error while indexing monitoring document
Error executing bulk
Logger.warnmsg; cause;
Exporter failed to open exporting bulk
Failed to properly close watcher bulk processor
Error occurred while reindexing; bulk failures ; search failures

< Page: 1 of 3 >


Run the Check-Up to get a customized report like this:

Analyze your cluster