Elastic Stack Overview Search. Observe. Protect.
A presentation at BBL CA-GIP (Private event) in January 2023 in 78280 Guyancourt, France by David Pilato
Elastic Stack Overview Search. Observe. Protect.
Who? $ curl http://localhost:9200/speaker/_doc/dpilato { “name” : “David Pilato”, “jobs” : [ { “name” : “SRA Europe (SSII)”, “date” : “1995” }, { “name” : “SFR”, “date” : “1997” }, { “name” : “e-Brands / Vivendi”, “date”: “2000” }, { “name” : “DGDDI (douane)”, “date” : “2005” }, { “name” : “elastic”, “date” : “2013” } ], “motivations” : [ “family”, “job”, “deejay” ], “blog” : “http://david.pilato.fr/”, “twitter” : [ “@dadoonet”, “@elasticfr” ], “email” : “david@pilato.fr” } 2
The Elastic Search Platform Enterprise Search Observability Security Kibana Explore, Visualize, Engage Elasticsearch Store, Search, Analyze Integrations Connect, Collect, Alert Public cloud Hybrid On-premises
The Elastic Search Platform Enterprise Search Observability Security Kibana Explore, Visualize, Engage Elasticsearch Store, Search, Analyze Integrations Connect, Collect, Alert Public cloud Hybrid On-premises
A typical search implementation… CREATE TABLE user ( name VARCHAR(100), comments VARCHAR(1000) ); INSERT INTO user VALUES (‘David Pilato’, ‘Developer at elastic’); INSERT INTO user VALUES (‘Malloum Laya’, ‘Worked with David at french customs service’); INSERT INTO user VALUES (‘David Gageot’, ‘Engineer at Doctolib’); INSERT INTO user VALUES (‘David David’, ‘Who is that guy?’); David 5
Search on term INSERT INSERT french INSERT INSERT INTO user VALUES (‘David Pilato’, ‘Developer at elastic’); INTO user VALUES (‘Malloum Laya’, ‘Worked with David at customs service’); INTO user VALUES (‘David Gageot’, ‘Engineer at Doctolib’); INTO user VALUES (‘David David’, ‘Who is that guy?’); SELECT * FROM user WHERE name=”David”; Empty set (0,00 sec) David 6
Search like INSERT INSERT french INSERT INSERT INTO user VALUES (‘David Pilato’, ‘Developer at elastic’); INTO user VALUES (‘Malloum Laya’, ‘Worked with David at customs service’); INTO user VALUES (‘David Gageot’, ‘Engineer at Doctolib’); INTO user VALUES (‘David David’, ‘Who is that guy?’); SELECT * FROM user WHERE name LIKE “%David%”; +———————+———————————+ | name | comments | +———————+———————————+ | David Pilato | Developer at elastic | | David Gageot | Engineer at Doctolib | | David David | Who is that guy? | +———————+———————————+ David 7
Search for terms INSERT INSERT french INSERT INSERT INTO user VALUES (‘David Pilato’, ‘Developer at elastic’); INTO user VALUES (‘Malloum Laya’, ‘Worked with David at customs service’); INTO user VALUES (‘David Gageot’, ‘Engineer at Doctolib’); INTO user VALUES (‘David David’, ‘Who is that guy?’); SELECT * FROM user WHERE name LIKE “%David Pilato%”; +———————+———————————+ | name | comments | +———————+———————————+ | David Pilato | Developer at elastic | +———————+———————————+ David Pilato 8
Search with inverted terms INSERT INSERT french INSERT INSERT INTO user VALUES (‘David Pilato’, ‘Developer at elastic’); INTO user VALUES (‘Malloum Laya’, ‘Worked with David at customs service’); INTO user VALUES (‘David Gageot’, ‘Engineer at Doctolib’); INTO user VALUES (‘David David’, ‘Who is that guy?’); SELECT * FROM user WHERE name LIKE “%Pilato David%”; Empty set (0,00 sec) SELECT * FROM user WHERE name LIKE “%Pilato%David%”; Empty set (0,00 sec) Pilato David 9
Search for terms INSERT INSERT french INSERT INSERT INTO user VALUES (‘David Pilato’, ‘Developer at elastic’); INTO user VALUES (‘Malloum Laya’, ‘Worked with David at customs service’); INTO user VALUES (‘David Gageot’, ‘Engineer at Doctolib’); INTO user VALUES (‘David David’, ‘Who is that guy?’); SELECT * FROM user WHERE name LIKE “%David%” AND name LIKE “%Pilato%”; +———————+———————————+ | name | comments | +———————+———————————+ | David Pilato | Developer at elastic | +———————+———————————+ Pilato David 10
Search in two fields INSERT INSERT french INSERT INSERT INTO user VALUES (‘David Pilato’, ‘Developer at elastic’); INTO user VALUES (‘Malloum Laya’, ‘Worked with David at customs service’); INTO user VALUES (‘David Gageot’, ‘Engineer at Doctolib’); INTO user VALUES (‘David David’, ‘Who is that guy?’); SELECT * FROM user WHERE name LIKE “%David%” OR comments LIKE “%David%”; +———————+——————————————————————-+ | name | comments | +———————+——————————————————————-+ | David Pilato | Developer at elastic | | Malloum Laya | Worked with David at french customs service | | David Gageot | Engineer at Doctolib | | David David | Who is that guy? | +———————+——————————————————————-+ David 11
Search with typos INSERT INSERT french INSERT INSERT INTO user VALUES (‘David Pilato’, ‘Developer at elastic’); INTO user VALUES (‘Malloum Laya’, ‘Worked with David at customs service’); INTO user VALUES (‘David Gageot’, ‘Engineer at Doctolib’); INTO user VALUES (‘David David’, ‘Who is that guy?’); SELECT * FROM user WHERE name LIKE “%Dadid%”; Empty set (0,00 sec) Dadid 13
Search with typos INSERT INSERT french INSERT INSERT INTO user VALUES (‘David Pilato’, ‘Developer at elastic’); INTO user VALUES (‘Malloum Laya’, ‘Worked with David at customs service’); INTO user VALUES (‘David Gageot’, ‘Engineer at Doctolib’); INTO user VALUES (‘David David’, ‘Who is that guy?’); SELECT * FROM user WHERE name LIKE “%adid%” OR name LIKE “%D_did%” OR name LIKE “%Da_id%” OR name LIKE “%Dad_d%” OR name LIKE “%Dadi%”; +———————+———————————+ | name | comments | +———————+———————————+ | David Pilato | Developer at elastic | | David Gageot | Engineer at Doctolib | | David David | Who is that guy? | +———————+———————————+ 14
What is a search engine? Index engine (indexing documents) Search engine (within the created indices) 16
Demo time!