OpenSearch guides

Select the category & articles you are interested in

OpenSearch
Elasticsearch
glossary-category-img OpenSearch Basics
glossary-category-img OpenSearch Capacity Planning
glossary-category-img OpenSearch Data Architecture
glossary-category-img OpenSearch Machine Learning
glossary-category-img OpenSearch Operations
glossary-category-img OpenSearch Security
How to Install OpenSearch on EC2 Using Terraform

To install OpenSearch on EC2, you will need a route-53 resource that connects to your VPC. The Terraform module will deploy 3 EBS, 5 EC2...

How to Install OpenSearch on Kubernetes (Using HELM charts)

Helm is the best way to find, share, and use software built for Kubernetes. To install OpenSearch using Helm charts, you need to first...

How to Migrate from Elasticsearch to OpenSearch

OpenSearch supports migration to Elasticsearch using rolling upgrades. There're 4 methods to migrate data from Elasticsearch to OpenSearch...

How to migrate from Elasticsearch to OpenSearch for versions after 7.10

If you’re using Elasticsearch version 7.11 or later, you cannot use rolling upgrades to migrate to OpenSearch. Instead, you can use these...

How to Set Up & Operate OpenSearch on Kubernetes Using the Open-Source Operator

Installation instructions, advantages of using the Operator for OpenSearch management, tips and benefits of...

How to Set Up Alerting in OpenSearch

There are 3 types of OpenSearch alerts: system, logs, & business specific. Before creating an alert you need to set a channel. An example...

OpenSearch Aggregation

The aggregations framework is a tool built in every OpenSearch deployment. The different aggregation types: Bucket, Metric & Pipeline...

OpenSearch Alias

An OpenSearch alias is a secondary name to refer to one or more indices. Aliases can be created and deleted dynamically using...

OpenSearch Bulk

OpenSearch bulk makes it possible to perform many write operations in a single API call, which increases indexing speed. Using bulk API...

OpenSearch Cache: Node Request, Shard Data & Field Data Cache

OpenSearch uses 3 types of caches to improve the efficiency of operation: node requests, shards and field data cache. It is possible to...

OpenSearch Circuit Breaker Exceptions: How to Handle Circuit Breakers

Circuit breaker exceptions are thrown to alert us that something needs to be fixed in OpenSearch in order to reduce memory usage. To fix...

OpenSearch Delete By Query

OpenSearch delete by query is an API, which provides functionality to delete all documents based on the matching query. If you don't...

OpenSearch Docker - How to Spin Up a Cluster Using Docker

The easiest way to start testing OpenSearch is running the available docker image. To spin up an OpenSearch cluster using docker, you need...

OpenSearch Document

Each OpenSearch document is a JSON structure, which is ultimately considered to be a series of key:value pairs. An example for creating...

OpenSearch Filter

OpenSearch Filters apply conditions inside the query to narrow down the matching results. A filter clause can be used used in...

OpenSearch Heap Size Usage and JVM Garbage Collection

The OpenSearch heap size is the amount of RAM allocated to the JVM of a node. When JVM performance is not optimal...

OpenSearch High CPU

High CPU in OpenSearch is often a symptom of other underlying issues. It should be fixed since a distressed node will slow query response...

OpenSearch Index

An OpenSearch index contains a schema and can have one or more shards and replicas. Here's how to create, delete, list, and query an index.

OpenSearch Mapping

An OpenSearch mapping contains the properties of each field in the index. A common issue is an incorrectly defined mapping. To update...

OpenSearch Max Shards Per Node Exceeded

If the max of shards per node is exceeded in OpenSearch, shards can't be allocated. To fix this, check to see whether the limit is at...

OpenSearch Nodes & Node Roles

There are different types of OpenSearch nodes. Each has its own role and purpose. Cluster-Manager, coordinating and data node roles differ...

OpenSearch Observability Visualizations: How to Use Notebooks and Operational Panels

Dashboards are the most useful tool to visualize data without having to code an entire framework that consumes data from the engine...

OpenSearch Queue

Queues in OpenSearch exist in the context of Thread Pools. Queues are used to hold the pending requests for thread pools instead of...

OpenSearch Rebalance

Cluster rebalancing is the process by which an OpenSearch cluster distributes data across the nodes. To force rebalance manually...

OpenSearch Recovery

In OpenSearch, recovery refers to the process of recovering an index or shard when something goes wrong. You can recover data by using...

OpenSearch Red Status

OpenSearch red status indicates not only that the primary shard has been lost, but also that a replica has not been promoted...

OpenSearch Refresh Interval

OpenSearch requires a refresh operation to make indexed information available for search. You can set an OpenSearch refresh_interval by...

OpenSearch Replication

OpenSearch replication refers to storing a redundant copy of the data. OpenSearch creates 1 primary shard with a replication factor...

OpenSearch Restore

In OpenSearch, restore refers to a snapshot restore mechanism. To restore a cluster from the snapshot, an index, or selected indices...

OpenSearch Shards Too Large

It is a best practice that OpenSearch shard size should not go above 50GB for a single shard. If you go above this limit...

OpenSearch Snapshot

An OpenSearch snapshot is a backup of an index taken from a running cluster. It's better to use snapshots instead of disk backups due...

OpenSearch Task

A task is equivalent to an OpenSearch operation, any request performed on an OpenSearch cluster. The following commands are used...

OpenSearch Threadpool

OpenSearch threadpools are used to manage how requests are processed and to optimize the use of resources. The write threadpool...

OpenSearch Yellow Status

An OpenSearch yellow status indicates that one or more of the replica shards on the cluster are not allocated to a node. This could occur...

How to Optimize OpenSearch Disk Space and Usage

If you don’t have enough disk space available, OpenSearch will stop allocating shards to the node. This will eventually prevent you from...

OpenSearch Flood Stage Disk Watermark

When the “disk flood stage” threshold is exceeded on an OpenSearch cluster, it will start to block core actions. To resolve this issue...

OpenSearch High Disk Watermark

High disk watermark is one of the various thresholds on your OpenSearch cluster. Passing this threshold is a warning and you should ...

OpenSearch Low Disk Watermark

Low disk watermark is one of the various thresholds on your OpenSearch cluster. Here are possible actions you can take to resolve...

OpenSearch Memory Usage Guide

The OpenSearch process is very memory intensive. Here are the memory requirements and some tips to reduce your OpenSearch memory usage.

Elasticsearch ILM VS. OpenSearch ISM Policy - Comparison, Explanation and Instructions (OpenSearch ILM)

Elasticsearch ILM (Index Lifecycle Management) & OpenSearch ISM (Index State Management) have the same goal, but their execution differs...

Index Templates in OpenSearch - How to Use Composable Templates

OpenSearch index templates allow us to create indices with user defined configuration. An index can pull the configuration from these...

OpenSearch AWS UltraWarm/Cold vs Elasticsearch Searchable Snapshots

Elasticsearch & OpenSearch offer ways to save costs by putting older data into cheaper machines. OS uses AWS UltraWarm & ES searchable...

Setting up Hot-Warm architecture for ISM in OpenSearch

OpenSearch offers an easy way to configure a hot-warm architecture under specific conditions. To set up a hot-warm architecture for ISM...

How To Set Up OpenSearch Anomaly Detection

Anomaly detection is a feature in OpenSearch that captures unusual patterns in time series data. Here's how to set it up.

OpenSearch Data Streams

OpenSearch data streams enforce a setup that works well with time-based data, making the ISM policies easier to configure. To create...

Opensearch k-NN

 In OpenSearch, kNN stands for k-nearest neighbors & is used to find nearby documents based on vector dimensions. The kNN OpenSearch plugin...

How to set up snapshot repositories in OpenSearch (S3, GCS, Azure)

Here's how to configure an OpenSearch snapshot repository for Amazon S3, Azure Blob Storage & Google Cloud Storage (GCS).

OpenSearch Audit logs (How to Create a Dashboard to Visualize Audit Logs)

For security reasons, it's key to enable audit logs in OpenSearch. Here's how to configure audit logs & create a dashboard for visualization.

OpenSearch LDAP Authentication & Active Directory

In OpenSearch, Active Directory (AD) via Lightweight Directory Access Protocol (LDAP) can be used for authentication. To configure it, use...

OpenSearch Security - Access Control (Users, Roles, Permissions, etc)

By setting up access control in OpenSearch, you can ensure that each user will be able to access what they need while securing other data...

OpenSearch Security - Configuration (Certificates)

To prepare an OpenSearch cluster for production, you need to first configure the certificates for security. Opensearch.yml is used...

PKI Authentication in OpenSearch

PKI (Private Key Infrastructure) is a set of actors & procedures to manage digital certificates. To setup PKI authentication in OpenSearch...

Skip to content