OpenSearch

Elasticsearch ILM (Index Lifecycle Management) & OpenSearch ISM (Index State Management) have the same goal, but their execution differs...

To install OpenSearch on EC2, you will need a route-53 resource that connects to your VPC. The Terraform module will deploy 3 EBS, 5 EC2...

Helm is the best way to find, share, and use software built for Kubernetes. To install OpenSearch using Helm charts, you need to first...

OpenSearch supports migration to Elasticsearch using rolling upgrades. There're 4 methods to migrate data from Elasticsearch to OpenSearch...

If you’re using Elasticsearch version 7.11 or later, you cannot use rolling upgrades to migrate to OpenSearch. Instead, you can use these...

If you don’t have enough disk space available, OpenSearch will stop allocating shards to the node. This will eventually prevent you from...

Installation instructions, advantages of using the Operator for OpenSearch management, tips and benefits of...

There are 3 types of OpenSearch alerts: system, logs, & business specific. Before creating an alert you need to set a channel. An example...

Anomaly detection is a feature in OpenSearch that captures unusual patterns in time series data. Here's how to set it up.

Here's how to configure an OpenSearch snapshot repository for Amazon S3, Azure Blob Storage & Google Cloud Storage (GCS).

OpenSearch index templates allow us to create indices with user defined configuration. An index can pull the configuration from these...

The aggregations framework is a tool built in every OpenSearch deployment. The different aggregation types: Bucket, Metric & Pipeline...

An OpenSearch alias is a secondary name to refer to one or more indices. Aliases can be created and deleted dynamically using...

For security reasons, it's key to enable audit logs in OpenSearch. Here's how to configure audit logs & create a dashboard for visualization.

Elasticsearch & OpenSearch offer ways to save costs by putting older data into cheaper machines. OS uses AWS UltraWarm & ES searchable...

OpenSearch bulk makes it possible to perform many write operations in a single API call, which increases indexing speed. Using bulk API...

OpenSearch uses 3 types of caches to improve the efficiency of operation: node requests, shards and field data cache. It is possible to...

Circuit breaker exceptions are thrown to alert us that something needs to be fixed in OpenSearch in order to reduce memory usage. To fix...

OpenSearch data streams enforce a setup that works well with time-based data, making the ISM policies easier to configure. To create...

OpenSearch delete by query is an API, which provides functionality to delete all documents based on the matching query. If you don't...

The easiest way to start testing OpenSearch is running the available docker image. To spin up an OpenSearch cluster using docker, you need...

Each OpenSearch document is a JSON structure, which is ultimately considered to be a series of key:value pairs. An example for creating...

OpenSearch Filters apply conditions inside the query to narrow down the matching results. A filter clause can be used used in...

When the “disk flood stage” threshold is exceeded on an OpenSearch cluster, it will start to block core actions. To resolve this issue...

The OpenSearch heap size is the amount of RAM allocated to the JVM of a node. When JVM performance is not optimal...

High CPU in OpenSearch is often a symptom of other underlying issues. It should be fixed since a distressed node will slow query response...

High disk watermark is one of the various thresholds on your OpenSearch cluster. Passing this threshold is a warning and you should ...

An OpenSearch index contains a schema and can have one or more shards and replicas. Here's how to create, delete, list, and query an index.

 In OpenSearch, kNN stands for k-nearest neighbors & is used to find nearby documents based on vector dimensions. The kNN OpenSearch plugin...

In OpenSearch, Active Directory (AD) via Lightweight Directory Access Protocol (LDAP) can be used for authentication. To configure it, use...

Low disk watermark is one of the various thresholds on your OpenSearch cluster. Here are possible actions you can take to resolve...

An OpenSearch mapping contains the properties of each field in the index. A common issue is an incorrectly defined mapping. To update...

If the max of shards per node is exceeded in OpenSearch, shards can't be allocated. To fix this, check to see whether the limit is at...

The OpenSearch process is very memory intensive. Here are the memory requirements and some tips to reduce your OpenSearch memory usage.

There are different types of OpenSearch nodes. Each has its own role and purpose. Cluster-Manager, coordinating and data node roles differ...

Dashboards are the most useful tool to visualize data without having to code an entire framework that consumes data from the engine...

Queues in OpenSearch exist in the context of Thread Pools. Queues are used to hold the pending requests for thread pools instead of...

Cluster rebalancing is the process by which an OpenSearch cluster distributes data across the nodes. To force rebalance manually...

In OpenSearch, recovery refers to the process of recovering an index or shard when something goes wrong. You can recover data by using...

OpenSearch red status indicates not only that the primary shard has been lost, but also that a replica has not been promoted...

OpenSearch requires a refresh operation to make indexed information available for search. You can set an OpenSearch refresh_interval by...

OpenSearch replication refers to storing a redundant copy of the data. OpenSearch creates 1 primary shard with a replication factor...

In OpenSearch, restore refers to a snapshot restore mechanism. To restore a cluster from the snapshot, an index, or selected indices...

By setting up access control in OpenSearch, you can ensure that each user will be able to access what they need while securing other data...

To prepare an OpenSearch cluster for production, you need to first configure the certificates for security. Opensearch.yml is used...

It is a best practice that OpenSearch shard size should not go above 50GB for a single shard. If you go above this limit...

An OpenSearch snapshot is a backup of an index taken from a running cluster. It's better to use snapshots instead of disk backups due...

A task is equivalent to an OpenSearch operation, any request performed on an OpenSearch cluster. The following commands are used...

OpenSearch threadpools are used to manage how requests are processed and to optimize the use of resources. The write threadpool...

An OpenSearch yellow status indicates that one or more of the replica shards on the cluster are not allocated to a node. This could occur...

PKI (Private Key Infrastructure) is a set of actors & procedures to manage digital certificates. To setup PKI authentication in OpenSearch...

OpenSearch offers an easy way to configure a hot-warm architecture under specific conditions. To set up a hot-warm architecture for ISM...