OpenSearch Basics

Cross-cluster search enables users to execute a query across multiple Elasticsearch or OpenSearch clusters. To perform cross cluster search...

To install OpenSearch on EC2, you will need a route-53 resource that connects to your VPC. The Terraform module will deploy 3 EBS, 5 EC2...

Helm is the best way to find, share, and use software built for Kubernetes. To install OpenSearch using Helm charts, you need to first...

OpenSearch supports migration to Elasticsearch using rolling upgrades. There're 4 methods to migrate data from Elasticsearch to OpenSearch...

If you’re using Elasticsearch version 7.11 or later, you cannot use rolling upgrades to migrate to OpenSearch. Instead, you can use these...

Installation instructions, advantages of using the Operator for OpenSearch management, tips and benefits of...

There are 3 types of OpenSearch alerts: system, logs, & business specific. Before creating an alert you need to set a channel. An example...

OpenSearch keeps the original JSON document in a field called _source. The source field serves special purposes such as...

The aggregations framework is a tool built in every OpenSearch deployment. The different aggregation types: Bucket, Metric & Pipeline...

An OpenSearch alias is a secondary name to refer to one or more indices. Aliases can be created and deleted dynamically using...

OpenSearch bulk makes it possible to perform many write operations in a single API call, which increases indexing speed. Using bulk API...

OpenSearch uses 3 types of caches to improve the efficiency of operation: node requests, shards and field data cache. To clear...

Circuit breaker exceptions are thrown to alert us that something needs to be fixed in OpenSearch in order to reduce memory usage. To fix...

OpenSearch has circuit breakers to deal with OutOfMemory errors that cause nodes to crash. To size a circuit breaker...

Official OpenSearch clients are available for java, Perl, PHP, python, ruby and .NET. The official clients follow a similar structure and...

An OpenSearch cluster is a group of servers (nodes) working together to store data & respond to requests. The key elements of clustering...

This article will compare OpenSearch Dashboards and Kibana, highlighting their similarities, differences, and...

DELETE is an OpenSearch API that removes a document from a specific index. It requires an index name & _id document to delete the document. 

OpenSearch delete by query is an API, which provides functionality to delete all documents based on the matching query. If you don't...

To find out which functions have been deprecated in OpenSearch, you can use deprecation logs, deprecation API, read breaking pages...

OpenSearch discovery occurs when a node starts, restarts or loses contact with the master node. The discovery.seed_hosts...

OpenSearch uses several parameters to enable it to manage hard disk storage across the cluster, such as...

The easiest way to start testing OpenSearch is running the available docker image. To spin up an OpenSearch cluster using docker, you need...

Each OpenSearch document is a JSON structure, which is ultimately considered to be a series of key:value pairs. An example for creating...

In OpenSearch the term Fielddata is relevant when performing sorting and aggregations on text field. To set fielddata=true, you...

An OpenSearch filter applies conditions inside the query to narrow down the matching results. A filter clause can be used used in...

In OpenSearch, flush is the process of permanently storing data onto the disk for all of the operations that have been stored in memory.

The OpenSearch heap size is the amount of RAM allocated to the JVM of a node. When JVM performance is not optimal...

High CPU in OpenSearch is often a symptom of other underlying issues. It should be fixed since a distressed node will slow query response...

An OpenSearch index contains a schema and can have one or more shards and replicas. Here's how to create, delete, list, and query an index.

An OpenSearch index contains a schema and can have one or more shards and replicas. Here's how to create, delete, list & query Indices.

Indexing is the process of adding or updating new documents to an OpenSearch index. To index a document...

OpenSearch Lucene or Apache Lucene is an open-source Java library used as a search engine. OpenSearch is built on top of Lucene...

An OpenSearch mapping contains the properties of each field in the index. A common issue is an incorrectly defined mapping. To update...

If the max of shards per node is exceeded in OpenSearch, shards can't be allocated. To fix this, check to see whether the limit is at...

OpenSearch metadata refers to additional information stored for each document using metadata fields. Metadata fields can be customized...

There are different types of OpenSearch nodes. Each has its own role and purpose. Cluster-Manager, coordinating and data node roles differ...

Dashboards are the most useful tool to visualize data without having to code an entire framework that consumes data from the engine...

In OpenSearch, Persistent refers to cluster settings that persist across cluster restarts. Examples of persistent settings include...

Plugins in OpenSearch are used to extend the functionality of OpenSearch. To install and uninstall an OpenSearch plugin...

Queues in OpenSearch exist in the context of Thread Pools. Queues are used to hold the pending requests for thread pools. For example...

Cluster rebalancing is the process by which an OpenSearch cluster distributes data across the nodes. To force rebalance manually...

In OpenSearch, recovery refers to the process of recovering an index or shard when something goes wrong. The recovery API can be used by...

OpenSearch red status indicates not only that the primary shard has been lost, but also that a replica has not been promoted...

OpenSearch requires a refresh operation to make indexed information available for search. You can set an OpenSearch refresh_interval by...

OpenSearch reindex is the concept of copying existing data from a source index to a destination index. The reindex API is...

OpenSearch replication refers to storing a redundant copy of the data. Replicas are used to provide high availability and failover of...

An OpenSearch repository needs to be registered using the _snapshot endpoint. The supported repository types are: S3, HDFS, Azure...

In OpenSearch, restore refers to a snapshot restore mechanism. To restore a snapshot, an index, or selected indices...

In OpenSearch, routing refers to document routing. OpenSearch will determine which shard the document will be routed to for indexing when...

The OpenSearch scroll API is useful when a search returns a large set of results. Large search results are exhaustive for the system...

To search in OpenSearch, send a GET request to the _search endpoint in the search API. In the query phase and the fetch phase there are...

An OpenSearch cluster can start to reject search requests for several reasons. To resolve this, check the state of the thread pool and..

OpenSearch settings can be configured on the cluster-level, node-level and index-level. Here's how to set up and optimize your settings.

Each OpenSearch shard is an Apache Lucene index. The number of shards is set when an index is created, and cannot be changed without...

It is a best practice that OpenSearch shard size should not go above 50GB for a single shard. If you go above this limit...

An OpenSearch snapshot is a backup of an index taken from a running cluster. It's better to use snapshots instead of disk backups due...

An OpenSearch task is equivalent to an operation. OpenSearch provides a dedicated task API for the task management, which includes actions...

An OpenSearch template falls into one of these categories: index templates or search templates. To create a dynamic index template...

OpenSearch threadpools are used to manage how requests are processed and to optimize the use of resources. An example of...

An OpenSearch upgrade of an existing cluster can be done in 2 ways: through a rolling upgrade or a full cluster restart. To update...

A version corresponds to the OpenSearch built-in tracking system that tracks the changes in each document. By using _version...

An OpenSearch yellow status indicates that one or more of the replica shards on the cluster are not allocated to a node. This could occur...