Elasticsearch Bulk


Elasticsearch Bulk

Opster Team

Nov 2020


In addition to reading this guide, run the Elasticsearch Health Check-Up. Detect problems and improve performance by analyzing your shard sizes, threadpools, memory, snapshots, disk watermarks and many more.
Free tool that requires no installation with +1000 users.

Bulk in Elasticsearch

What it is:

In Elasticsearch, when using the Bulk API it is possible to perform many write operations in a single API call, which increases the indexing speed. Using the Bulk API is more efficient than sending multiple, separate requests. This can be done for the following four actions:

  • Index
  • Update
  • Create 
  • Delete

Examples:

The bellow bulk request will index a document, delete another document, and update an existing document.

POST _bulk
{ "index" : { "_index" : "myindex", "_id" : "1" } }
{ "field1" : "value" }
{ "delete" : { "_index" : “myindex", "_id" : "2" } }
{ "update" : {"_id" : "1", "_index" : "myindex"} }
{ "doc" : {"field2" : "value5"} }

Notes:

  • Bulk API is useful when you need to index data streams that can be queued up and indexed in batches of hundreds or thousands, such as logs.
  • There is no correct number of actions or limits to perform on a single bulk call, but you will need to figure out the optimum number by experimentation, given the cluster size, number of nodes, hardware specs etc.

Related log errors to this ES concept


Failed to execute pipeline for a bulk request
Unexpected error while indexing monitoring document:
Bulk request has been cancelled.
Failed to execute bulk request .
Failed to render document ; skipping it
Failed to bulk index audit events:
Unexpected error while indexing monitoring document
Error executing bulk
Logger.warnmsg; cause;
Exporter failed to open exporting bulk
Failed to properly close watcher bulk processor
Error occurred while reindexing; bulk failures ; search failures

< Page: 1 of 3 >




Improve Elasticsearch Performance

Run The Analysis