Elasticsearch Bulk

By Opster Team

Updated: May 24, 2023

| 1 min read

Overview

In Elasticsearch, when using the Bulk API it is possible to perform many write operations in a single API call, which increases the indexing speed. Using the Bulk API is more efficient than sending multiple separate requests. This can be done for the following four actions:

Examples

The bulk request below will index a document, delete another document, and update an existing document.

POST _bulk
{ "index" : { "_index" : "myindex", "_id" : "1" } }
{ "field1" : "value" }
{ "delete" : { "_index" : "myindex", "_id" : "2" } }
{ "update" : {"_id" : "1", "_index" : "myindex"} }
{ "doc" : {"field2" : "value5"} }

Notes

  • Bulk API is useful when you need to index data streams that can be queued up and indexed in batches of hundreds or thousands, such as logs.
  • There is no correct number of actions or limits to perform on a single bulk call, but you will need to figure out the optimum number by experimentation, given the cluster size, number of nodes, hardware specs etc.

How helpful was this guide?

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Related log errors to this ES concept


Failed to create ILM history store index prior to issuing bulk request
Bulk request executionId has been cancelled
Failed to execute bulk request executionId
%s mapping update rejected by primary
Unexpected exception while completing write task after delay
Failures bulk indexing the message back log
Bulk write of deprecation logs encountered some failures
Bulk write of request numberOfActions deprecation logs failed
Bulk write of behavioral analytics events encountered some failures
Bulk processor has been flushed Accepting new events again
Bulk processor is full Start dropping events
Bulk deletion failures for items

< Page: 2 of 4 >

Related Articles

Back to all articles