Elastic Stack Overview Search. Observe. Protect.
A presentation at BBL Ankorstore (Private Event) in July 2023 in by David Pilato
Elastic Stack Overview Search. Observe. Protect.
Who? $ curl http://localhost:9200/speaker/_doc/dpilato { “name” : “David Pilato”, “jobs” : [ { “name” : “SRA Europe (SSII)”, “date” : “1995” }, { “name” : “SFR”, “date” : “1997” }, { “name” : “e-Brands / Vivendi”, “date”: “2000” }, { “name” : “DGDDI (douane)”, “date” : “2005” }, { “name” : “elastic”, “date” : “2013” } ], “motivations” : [ “family”, “job”, “deejay” ], “blog” : “https://david.pilato.fr/”, “twitter” : [ “@dadoonet”, “@elasticfr” ], “email” : “david@pilato.fr” } 2
The Elastic Search Platform Out of the Box Solutions Observability Logs, APM, Tracing, Metrics, Synthetics, Profiling, RUM Build Your Own Security SIEM, Endpoint, Cloud Kibana Explore, Visualize, Engage Elasticsearch Store, Search, Analyze Integrations Connect, Collect, Alert Search Product Search, Workplace Search, Business Analytics, Custom Search Apps
A typical search implementation… CREATE TABLE user ( name VARCHAR(100), comments VARCHAR(1000) ); INSERT INTO user VALUES (‘David Pilato’, ‘Developer at elastic’); INSERT INTO user VALUES (‘Malloum Laya’, ‘Worked with David at french customs service’); INSERT INTO user VALUES (‘David Gageot’, ‘Engineer at Doctolib’); INSERT INTO user VALUES (‘David David’, ‘Who is that guy?’); David 5
Search on term INSERT INSERT french INSERT INSERT INTO user VALUES (‘David Pilato’, ‘Developer at elastic’); INTO user VALUES (‘Malloum Laya’, ‘Worked with David at customs service’); INTO user VALUES (‘David Gageot’, ‘Engineer at Doctolib’); INTO user VALUES (‘David David’, ‘Who is that guy?’); SELECT * FROM user WHERE name=”David”; Empty set (0,00 sec) David 6
Search like INSERT INSERT french INSERT INSERT INTO user VALUES (‘David Pilato’, ‘Developer at elastic’); INTO user VALUES (‘Malloum Laya’, ‘Worked with David at customs service’); INTO user VALUES (‘David Gageot’, ‘Engineer at Doctolib’); INTO user VALUES (‘David David’, ‘Who is that guy?’); SELECT * FROM user WHERE name LIKE “%David%”; +———————+———————————+ | name | comments | +———————+———————————+ | David Pilato | Developer at elastic | | David Gageot | Engineer at Doctolib | | David David | Who is that guy? | +———————+———————————+ David 7
Search for terms INSERT INSERT french INSERT INSERT INTO user VALUES (‘David Pilato’, ‘Developer at elastic’); INTO user VALUES (‘Malloum Laya’, ‘Worked with David at customs service’); INTO user VALUES (‘David Gageot’, ‘Engineer at Doctolib’); INTO user VALUES (‘David David’, ‘Who is that guy?’); SELECT * FROM user WHERE name LIKE “%David Pilato%”; +———————+———————————+ | name | comments | +———————+———————————+ | David Pilato | Developer at elastic | +———————+———————————+ David Pilato 8
Search with inverted terms INSERT INSERT french INSERT INSERT INTO user VALUES (‘David Pilato’, ‘Developer at elastic’); INTO user VALUES (‘Malloum Laya’, ‘Worked with David at customs service’); INTO user VALUES (‘David Gageot’, ‘Engineer at Doctolib’); INTO user VALUES (‘David David’, ‘Who is that guy?’); SELECT * FROM user WHERE name LIKE “%Pilato David%”; Empty set (0,00 sec) SELECT * FROM user WHERE name LIKE “%Pilato%David%”; Empty set (0,00 sec) Pilato David 9
Search for terms INSERT INSERT french INSERT INSERT INTO user VALUES (‘David Pilato’, ‘Developer at elastic’); INTO user VALUES (‘Malloum Laya’, ‘Worked with David at customs service’); INTO user VALUES (‘David Gageot’, ‘Engineer at Doctolib’); INTO user VALUES (‘David David’, ‘Who is that guy?’); SELECT * FROM user WHERE name LIKE “%David%” AND name LIKE “%Pilato%”; +———————+———————————+ | name | comments | +———————+———————————+ | David Pilato | Developer at elastic | +———————+———————————+ Pilato David 10
Search in two fields INSERT INSERT french INSERT INSERT INTO user VALUES (‘David Pilato’, ‘Developer at elastic’); INTO user VALUES (‘Malloum Laya’, ‘Worked with David at customs service’); INTO user VALUES (‘David Gageot’, ‘Engineer at Doctolib’); INTO user VALUES (‘David David’, ‘Who is that guy?’); SELECT * FROM user WHERE name LIKE “%David%” OR comments LIKE “%David%”; +———————+——————————————————————-+ | name | comments | +———————+——————————————————————-+ | David Pilato | Developer at elastic | | Malloum Laya | Worked with David at french customs service | | David Gageot | Engineer at Doctolib | | David David | Who is that guy? | +———————+——————————————————————-+ David 11
Search with typos INSERT INSERT french INSERT INSERT INTO user VALUES (‘David Pilato’, ‘Developer at elastic’); INTO user VALUES (‘Malloum Laya’, ‘Worked with David at customs service’); INTO user VALUES (‘David Gageot’, ‘Engineer at Doctolib’); INTO user VALUES (‘David David’, ‘Who is that guy?’); SELECT * FROM user WHERE name LIKE “%Dadid%”; Empty set (0,00 sec) Dadid 13
Search with typos INSERT INSERT french INSERT INSERT INTO user VALUES (‘David Pilato’, ‘Developer at elastic’); INTO user VALUES (‘Malloum Laya’, ‘Worked with David at customs service’); INTO user VALUES (‘David Gageot’, ‘Engineer at Doctolib’); INTO user VALUES (‘David David’, ‘Who is that guy?’); SELECT * FROM user WHERE name LIKE “%adid%” OR name LIKE “%D_did%” OR name LIKE “%Da_id%” OR name LIKE “%Dad_d%” OR name LIKE “%Dadi%”; +———————+———————————+ | name | comments | +———————+———————————+ | David Pilato | Developer at elastic | | David Gageot | Engineer at Doctolib | | David David | Who is that guy? | +———————+———————————+ 14
User Interface 16
What is a search engine? Index engine (indexing documents) Search engine (within the created indices) 17
Demo time!
The Elastic Search Platform Out of the Box Solutions Observability Logs, APM, Tracing, Metrics, Synthetics, Profiling, RUM Build Your Own Security SIEM, Endpoint, Cloud Kibana Explore, Visualize, Engage Elasticsearch Store, Search, Analyze Integrations Connect, Collect, Alert Search Product Search, Workplace Search, Business Analytics, Custom Search Apps
ELASTIC ENTERPRISE SEARCH Search everything, anywhere Easily implement powerful, modern search experiences across your website, app, or digital workplace. Search it all, simply.
ELASTIC OBSERVABILITY Unified visibility across your entire ecosystem Bring your logs, metrics, and traces together into a single stack so you can monitor, detect, and react to events with speed.
ELASTIC SECURITY Security how it should be: open Elastic Security integrates endpoint security and SIEM to give you prevention, collection, detection, and response capabilities for unified protection across your infrastructure.
Searching for Rides
Searching for Restaurants
Searching for Love
www.meetup.com/ElasticFR @elastic discuss.elastic.co