Data structuring

Dedicated Client Nodes

Many clusters use coordinating or ingest nodes, while others leave the ingest and coordination functions to the data nodes. In order to...

Dedicated Master Node

Once an Elasticsearch cluster reaches a certain size, it's recommended to create 3 dedicated master nodes. Here is how you can create...

Elasticsearch Global Ordinals and High Cardinality Fields

Terms aggregations rely on an internal data structure known as global ordinals. These structures maintain statistics for each unique...

Elasticsearch match_only_text Field Type (For Storage Optimization)

The new match_only_text feature in Elasticsearch can save up to 10% of disk space on logging datasets. This field type will set a flat...

Elasticsearch Token Filters

A tokenizer decides how Elasticsearch will take a set of words and divide it into separated terms called “tokens”. To work with synonyms...

How to Choose the Correct Number of Shards per Index in Elasticsearch

Finding the right number of shards for your ES indices, and the right size for each shard, depends on many factors. These factors include...

How to Define Efficient Mapping in Elasticsearch

Mappings are the core element of index creation in Elasticsearch. Defining them correctly can vastly improve performance. Here's how to...

How to leverage ingest pipelines to transform data transparently in Elasticsearch

Ingest pipelines sit within the Elasticsearch node and will perform a set of alterations on your data that you...

How to Reduce the Number of Shards in an Elasticsearch Cluster

When you have too many shards in your Elasticsearch cluster, there are a few steps you can take in order to reduce the number of shards...

Lack of Quorum

This error occurs when the Elasticsearch cluster doesn't have a quorum of nodes with voting rights to elect a new master node. To resolve...

Node Concurrent Recoveries Setting is Too High / Low

The node concurrent recoveries setting determines the max number of shards that can be recovered at once from each node. It's important to...

Number of Master Nodes

Master nodes are responsible for actions such as creating or deleting indices. If you don't have enough master nodes, it could lead to...

Object Fields VS. Nested Field Types in Elasticsearch

Nested is a special type of object that is indexed as a separate document, and is required for certain types of queries. However, only...

Setting Up Zone Awareness for Shard Allocation in Elasticsearch

Setting up zone awareness for shard allocation ensures high availability in the case of several servers going down. Here's how to...

Slow Query Troubleshooting Guide

There are several potential reasons for slow queries You can use slow logs to detect and troubleshoot issues related to slow queries by...

Terms Enum API in Elasticsearch (For Low Latency Lookups)

The Terms enum API looks for similarities in the index based on partial matches. This approach can help us run...

When You Should Transform Your Data Instead of Using Aggregations

There are at least three use cases where you should consider using transforms instead of aggregations in Elasticsearch. First, when the...