inovex GmbH, profile picture
Uploaded byinovex GmbH
1,312 views

Real-time Data Analytics mit Elasticsearch

The document provides an overview of real-time data analytics using Elasticsearch, covering its architecture, data ingestion methods, analysis capabilities, and visualization tools. It discusses key components such as Logstash for data collection and management, as well as the integration of Elasticsearch with Hadoop for enhanced analytics. Additionally, it highlights the use of aggregations for data analysis and the visualization capabilities through Kibana.

Embed presentation

Downloaded 22 times
Real-time Data Analytics mit Elasticsearch Bernhard Pflugfelder inovex GmbH
2 ‣  Big Data Engineer @ inovex ‣  Fields of interest: ‣  search ‣  analytics ‣  big data ‣  bi ‣  Working with: ‣  Lucene ‣  Solr ‣  Elasticsearch ‣  Hadoop Ecosystem ‣  bpflugfelder@inovex.de Bernhard Pflugfelder
‣  elasticsearch intro ‣  import your data ‣  analyze your data ‣  visualize your data Agenda
4 You know, … don’t you?
5 data analysis landscape the big picuture
6 elasticsearch intro Lucene under the hood scalable document- oriented plugin architecture REST & JSON Apache 2 license
7 elasticsearch intro architecture Primary Shard Replica Shard 1 2 3 Master node 321 Node 21 3 Node JSON Input JSON Output
8 fault tolerant node discovery node types high availability elasticsearch intro architecture
9 elasticsearch intro document-oriented & flat data model
10 real-time get core types mapping search query types insert, update, delete snapshot & backup elasticsearch intro core types, mapping, manipulation
11 getting data into elasticsearch …
12 getting data into elasticsearch logstash index api http bindings rivers spring-data- elasticsearch flume fluentd
‣  log collection and management tool ‣  collects, parses and stores log events ‣  became part of the ELK stack ‣  seamless integration with elasticsearch ‣  plugin architecture: ‣  inputs (syslog, ganglia, log4j and more) ‣  codec (json, line, multiline,… ) ‣  filters (csv, json, date, grep, … ) ‣  outputs (elasticsearch, … ) ‣  expect that logstash will be promoted to a more general ingestion pipeline 13 getting data into elasticsearch logstash
‣  works as an elasticsearch plugin ‣  service for pulling data into cluster ‣  examples: ‣  couchdb river ‣  rabbitmq river ‣  csv river ‣  jdbc river ‣  twitter river ‣  wikipedia river ‣  runs on a single node ‣  automatic allocation ‣  shall be deprecated sooner or later 14 getting data into elasticsearch rivers
‣  former hadoop-elasticsearch became official integration of elasticsearch and hadoop ‣  makes elasticsearch accessible from hive, pig, cascading and map/reduce ‣  automatic mapping between elasticsearch’s json and hadoop file formats ‣  every query to elasticsearch is performed by m/r jobs as follows: ‣  one mapper task per shard ‣  final aggregation by reducer ‣  elasticsearch works as a separate data store, index files are not stored in hdfs 15 getting data into elasticsearch elasticsearch and hadoop from http://www.elasticsearch.org/blog/elasticsearch-and-hadoop/
16 analyze your data …
17 analyze your data you know about facets, I am sure
18 analyze your data same analysis methodology, other visualization == kibana panels
19 analyze your data next generation of facets facets aggregations limited analysis functionality facets enabling custom analysis
20 analyze your data aggregations (aggs) ‣  gives insight into data space by ‣  slicing along dimensions ‣  drill down ‣  interactive ‣  quick by using field data ‣  two types of aggregations ‣  many types of aggregators ‣  customize with scripting ‣  use over search api ‣  json in / json out
Bucket aggs Aggregations that split the original set of documents into separate buckets. Metric aggs Aggregations that compute a specific metrics over a set of documents by aggregating of all documents per bucket. 21 analyze your data two aggregation types
22 analyze your data aggregation example _id: 1 ref: seo _id: 2 ref: direct _id: 3 ref: seo _id: 4 ref: other _id: 5 ref: direct _id: 6 ref: seo ref: seo id: 1, 3, 6 ref: direct id: 2, 5 ref: other id: 4 bucket metrics 3 2 1
23 analyze your data aggregation example _id: 1 ref: seo _id: 2 ref: direct _id: 3 ref: seo _id: 4 ref: other _id: 5 ref: direct _id: 6 ref: seo seo id: 1, 3, 6 direct id: 2, 5 other id: 4 buckets metrics 2 1 1 desktop id: 1 mobile id: 3, 6 desktop id: 1, 3, 6 1 desktop id: 2 mobile id: 5 1
my_aggregation: 24 analyze your data customize your analysis with nested aggregators "aggregations": {! !"<aggregation_name>": {! ! !"<aggregation_type>": {! ! ! !<aggregation_body>! ! !},! ! !["aggregations": { [<sub_aggregation>]* }]! !}! ![,"<aggregation_name_2>": { … }]*! }! bucket 1 bucket 2 bucket n metrics…
‣  terms ‣  range ‣  date range ‣  histogram ‣  date histogram ‣  geo distance ‣  geohash grid ‣  ... ‣  min ‣  max ‣  sum ‣  avg ‣  value count ‣  percentiles ‣  cardinality ‣  ... 25 analyze your data many types of aggregators
26 visualize your data …
27
28
29 sharing dashboards light-weighted web frontend visualize time-stamped data panels to visualize creating dashboards visualize your data kibana fancy visualization
30 ‣  elasticsearch is not only a search technology ‣  elasticsearch also provides powerful capabilities for data analytics ‣  aggregations framework ‣  real-time analytics ‣  plus: elasticsearch enables you to analyze unstructured along with structured data in one place ‣  data analytics ecosystem of elasticsearch: ‣  ELK stack (ingestion + analysis + visualization) ‣  deep hadoop integration to avoid separate data silos and make use of the advantages of both words wrapping up … and thanks for your attention!
31 Thank you very much for your attention Contact Bernhard Pflugfelder Big Data Engineer Cell: 0173 3181088 Mail: bernhard.pflugfelder@inovex.de

More Related Content

PPTX
Azure DocumentDB for Healthcare Integration
byBizTalk360
 
PPTX
MongoDB Scalability Best Practices
byJason Terpko
 
PDF
Build your own Real Time Analytics and Visualization, Enable Complex Event Pr...
byvishnu rao
 
PDF
Adf walkthrough
byMSDEVMTL
 
PDF
Managing Data and Operation Distribution In MongoDB
byJason Terpko
 
PPT
Xadoop - new approaches to data analytics
byMaxim Grinev
 
PDF
Tapping into Scientific Data with Hadoop and Flink
byMichael Häusler
 
PDF
Big Data Analytics with Spark
byMohammed Guller
 
Azure DocumentDB for Healthcare Integration
byBizTalk360
 
MongoDB Scalability Best Practices
byJason Terpko
 
Build your own Real Time Analytics and Visualization, Enable Complex Event Pr...
byvishnu rao
 
Adf walkthrough
byMSDEVMTL
 
Managing Data and Operation Distribution In MongoDB
byJason Terpko
 
Xadoop - new approaches to data analytics
byMaxim Grinev
 
Tapping into Scientific Data with Hadoop and Flink
byMichael Häusler
 
Big Data Analytics with Spark
byMohammed Guller
 

What's hot

PDF
Real-time Analytics with Apache Flink and Druid
byJan Graßegger
 
PDF
Elasticsearch War Stories
byArno Broekhof
 
PPTX
Data+Need=Hack
byNikos Manolis
 
PPTX
Provenance as a building block for an open science infrastructure
byAndreas Schreiber
 
PPTX
MongoDB + Spring
byNorberto Leite
 
PPT
HTML Flight Scraper
byAnthony Kilde
 
PDF
Data Analytics with Druid
byYousun Jeong
 
PDF
Using ElasticSearch as a fast, flexible, and scalable solution to search occu...
bykristgen
 
PPT
Besides Circulation, How else is the print collection being used? Reporting o...
byRay Schwartz
 
PDF
VBA API for scriptDB primer
byBruce McPherson
 
ODP
Cassandra at Finn.io — May 30th 2013
byDataStax Academy
 
PDF
Health Sciences Research Informatics, Powered by Globus
byGlobus
 
PDF
SC7 Webinar 5 13/12/2017 UoA Presentation "Technical aspects of the 3rd secur...
byBigData_Europe
 
PPTX
Joins and Other MongoDB 3.2 Aggregation Enhancements
byAndrew Morgan
 
PPTX
Hermes: Free the Data! Distributed Computing with MongoDB
byMongoDB
 
PPTX
Leveraging Azure Search in Your Application
byJeremy Hutchinson
 
PDF
MongoDB on Azure
byNorberto Leite
 
PPTX
Triggers In MongoDB
byJason Terpko
 
PDF
Extensibility of a database api with js
byArangoDB Database
 
KEY
Papyri.info's Linked Data Story
byHugh Cayless
 
Real-time Analytics with Apache Flink and Druid
byJan Graßegger
 
Elasticsearch War Stories
byArno Broekhof
 
Data+Need=Hack
byNikos Manolis
 
Provenance as a building block for an open science infrastructure
byAndreas Schreiber
 
MongoDB + Spring
byNorberto Leite
 
HTML Flight Scraper
byAnthony Kilde
 
Data Analytics with Druid
byYousun Jeong
 
Using ElasticSearch as a fast, flexible, and scalable solution to search occu...
bykristgen
 
Besides Circulation, How else is the print collection being used? Reporting o...
byRay Schwartz
 
VBA API for scriptDB primer
byBruce McPherson
 
Cassandra at Finn.io — May 30th 2013
byDataStax Academy
 
Health Sciences Research Informatics, Powered by Globus
byGlobus
 
SC7 Webinar 5 13/12/2017 UoA Presentation "Technical aspects of the 3rd secur...
byBigData_Europe
 
Joins and Other MongoDB 3.2 Aggregation Enhancements
byAndrew Morgan
 
Hermes: Free the Data! Distributed Computing with MongoDB
byMongoDB
 
Leveraging Azure Search in Your Application
byJeremy Hutchinson
 
MongoDB on Azure
byNorberto Leite
 
Triggers In MongoDB
byJason Terpko
 
Extensibility of a database api with js
byArangoDB Database
 
Papyri.info's Linked Data Story
byHugh Cayless
 

Viewers also liked

PDF
Goods and service tax (gst) procedures
byMyGstMyTax
 
PDF
Global Energy outlook 2035
byPrayukth K V
 
PDF
Wan ifra 2016
byVincent Peyrègne
 
PDF
Circular apavt avisos da secretaria de estado das comunidades
byConsolidador Aéreo
 
PPT
RUday Manchester | GOV.UK and user needs at the heart of content design | GDS
byLocal Direct
 
PDF
Libromoet2
byOscar Nájera
 
PPTX
Inmunodeficiencias
byClara G
 
PPTX
La creatividad una estrategia para el desarrollo urbano territorial en tiemp...
byJosé Antonio García Suárez
 
PPTX
Raza yorkshire terrier
bypaatriciags
 
PPT
T. 15 la pintura barroca española, siglo xvii
byascenm63
 
PPT
E Business Intro
byMrirfan
 
PPT
Clientes tema5(parte ii).crm
byCesar Raul Saavedra Sabuco
 
PDF
Education, Training, Clubs and Community
byLinku2 North Shore
 
PPTX
FME Server Meets the Challenge of Real-time
bySafe Software
 
PDF
Organic web strategy for lawyers
byGyi Tsakalakis ☕
 
PDF
programa-CDMX
byKarina Bueron
 
DOC
Tipos de riesgo y sus impactos Grupo Díaz Alva Gerencia Riesgos semana 4
byAlejandro Diaz Alva
 
DOCX
Informe Trubu urbana Punk
byEvelyn Galdames
 
PDF
BRIEF FLORERIA CUPIDO.COM
byCámara Peruana de Comercio Electrónico
 
PDF
Domo control arm catalogue20131109
byTaizhou Domo Import & Export Co., Ltd
 
Goods and service tax (gst) procedures
byMyGstMyTax
 
Global Energy outlook 2035
byPrayukth K V
 
Wan ifra 2016
byVincent Peyrègne
 
Circular apavt avisos da secretaria de estado das comunidades
byConsolidador Aéreo
 
RUday Manchester | GOV.UK and user needs at the heart of content design | GDS
byLocal Direct
 
Libromoet2
byOscar Nájera
 
Inmunodeficiencias
byClara G
 
La creatividad una estrategia para el desarrollo urbano territorial en tiemp...
byJosé Antonio García Suárez
 
Raza yorkshire terrier
bypaatriciags
 
T. 15 la pintura barroca española, siglo xvii
byascenm63
 
E Business Intro
byMrirfan
 
Clientes tema5(parte ii).crm
byCesar Raul Saavedra Sabuco
 
Education, Training, Clubs and Community
byLinku2 North Shore
 
FME Server Meets the Challenge of Real-time
bySafe Software
 
Organic web strategy for lawyers
byGyi Tsakalakis ☕
 
programa-CDMX
byKarina Bueron
 
Tipos de riesgo y sus impactos Grupo Díaz Alva Gerencia Riesgos semana 4
byAlejandro Diaz Alva
 
Informe Trubu urbana Punk
byEvelyn Galdames
 
BRIEF FLORERIA CUPIDO.COM
byCámara Peruana de Comercio Electrónico
 
Domo control arm catalogue20131109
byTaizhou Domo Import & Export Co., Ltd
 

Similar to Real-time Data Analytics mit Elasticsearch

PDF
Elasticsearch Introduction at BigData meetup
byEric Rodriguez (Hiring in Lex)
 
PDF
Meetup070416 Presentations
byAna Rebelo
 
PDF
Elasticsearch for Data Analytics
byFelipe
 
PDF
ELK - What's new and showcases
byAndrii Gakhov
 
PDF
Elasticsearch speed is key
byEnterprise Search Warsaw Meetup
 
PPTX
Elasticsearch, Logstash, Kibana. Cool search, analytics, data mining and more...
byOleksiy Panchenko
 
PDF
[Virtual Meetup] Using Elasticsearch as a Time-Series Database in the Endpoin...
byAnna Ossowski
 
PPTX
BigData Search Simplified with ElasticSearch
byTO THE NEW | Technology
 
PDF
Séminaire Big Data Alter Way - Elasticsearch - octobre 2014
byALTER WAY
 
PDF
Roaring with elastic search sangam2018
byVinay Kumar
 
PDF
Architecture at Scale
byElasticsearch
 
PPTX
Elastic Search Capability Presentation.pptx
byKnoldus Inc.
 
PDF
Elastic search from the trenches
byVinícius Carvalho
 
PDF
Crafting Solutions with the Elastic Stack: pragmatic takes and lessons learned
byGuido Lena Cota
 
PDF
Pablo Musa - Managing your Black Friday Logs - Codemotion Amsterdam 2019
byCodemotion
 
PDF
Introduction to Elasticsearch
byRuslan Zavacky
 
PDF
Explore Elasticsearch and Why It’s Worth Using
byInexture Solutions
 
PPTX
Academy PRO: Elasticsearch Misc
byBinary Studio
 
PPTX
ElasticSearch as (only) datastore
byTomas Sirny
 
PDF
Using MongoDB + Hadoop Together
byMongoDB
 
Elasticsearch Introduction at BigData meetup
byEric Rodriguez (Hiring in Lex)
 
Meetup070416 Presentations
byAna Rebelo
 
Elasticsearch for Data Analytics
byFelipe
 
ELK - What's new and showcases
byAndrii Gakhov
 
Elasticsearch speed is key
byEnterprise Search Warsaw Meetup
 
Elasticsearch, Logstash, Kibana. Cool search, analytics, data mining and more...
byOleksiy Panchenko
 
[Virtual Meetup] Using Elasticsearch as a Time-Series Database in the Endpoin...
byAnna Ossowski
 
BigData Search Simplified with ElasticSearch
byTO THE NEW | Technology
 
Séminaire Big Data Alter Way - Elasticsearch - octobre 2014
byALTER WAY
 
Roaring with elastic search sangam2018
byVinay Kumar
 
Architecture at Scale
byElasticsearch
 
Elastic Search Capability Presentation.pptx
byKnoldus Inc.
 
Elastic search from the trenches
byVinícius Carvalho
 
Crafting Solutions with the Elastic Stack: pragmatic takes and lessons learned
byGuido Lena Cota
 
Pablo Musa - Managing your Black Friday Logs - Codemotion Amsterdam 2019
byCodemotion
 
Introduction to Elasticsearch
byRuslan Zavacky
 
Explore Elasticsearch and Why It’s Worth Using
byInexture Solutions
 
Academy PRO: Elasticsearch Misc
byBinary Studio
 
ElasticSearch as (only) datastore
byTomas Sirny
 
Using MongoDB + Hadoop Together
byMongoDB
 

More from inovex GmbH

PDF
lldb – Debugger auf Abwegen
byinovex GmbH
 
PDF
Are you sure about that?! Uncertainty Quantification in AI
byinovex GmbH
 
PDF
Why natural language is next step in the AI evolution
byinovex GmbH
 
PDF
WWDC 2019 Recap
byinovex GmbH
 
PDF
Network Policies
byinovex GmbH
 
PDF
Interpretable Machine Learning
byinovex GmbH
 
PDF
Jenkins X – CI/CD in wolkigen Umgebungen
byinovex GmbH
 
PDF
AI auf Edge-Geraeten
byinovex GmbH
 
PDF
Prometheus on Kubernetes
byinovex GmbH
 
PDF
Deep Learning for Recommender Systems
byinovex GmbH
 
PDF
Azure IoT Edge
byinovex GmbH
 
PDF
Representation Learning von Zeitreihen
byinovex GmbH
 
PDF
Talk to me – Chatbots und digitale Assistenten
byinovex GmbH
 
PDF
Künstlich intelligent?
byinovex GmbH
 
PDF
Dev + Ops = Go
byinovex GmbH
 
PDF
Das Android Open Source Project
byinovex GmbH
 
PDF
Machine Learning Interpretability
byinovex GmbH
 
PDF
Performance evaluation of GANs in a semisupervised OCR use case
byinovex GmbH
 
PDF
People & Products – Lessons learned from the daily IT madness
byinovex GmbH
 
PDF
Infrastructure as (real) Code – Manage your K8s resources with Pulumi
byinovex GmbH
 
lldb – Debugger auf Abwegen
byinovex GmbH
 
Are you sure about that?! Uncertainty Quantification in AI
byinovex GmbH
 
Why natural language is next step in the AI evolution
byinovex GmbH
 
WWDC 2019 Recap
byinovex GmbH
 
Network Policies
byinovex GmbH
 
Interpretable Machine Learning
byinovex GmbH
 
Jenkins X – CI/CD in wolkigen Umgebungen
byinovex GmbH
 
AI auf Edge-Geraeten
byinovex GmbH
 
Prometheus on Kubernetes
byinovex GmbH
 
Deep Learning for Recommender Systems
byinovex GmbH
 
Azure IoT Edge
byinovex GmbH
 
Representation Learning von Zeitreihen
byinovex GmbH
 
Talk to me – Chatbots und digitale Assistenten
byinovex GmbH
 
Künstlich intelligent?
byinovex GmbH
 
Dev + Ops = Go
byinovex GmbH
 
Das Android Open Source Project
byinovex GmbH
 
Machine Learning Interpretability
byinovex GmbH
 
Performance evaluation of GANs in a semisupervised OCR use case
byinovex GmbH
 
People & Products – Lessons learned from the daily IT madness
byinovex GmbH
 
Infrastructure as (real) Code – Manage your K8s resources with Pulumi
byinovex GmbH
 

Recently uploaded

PPTX
Computer architecture, Computer architecture ,Computer architecture
bywaheedqazi123
 
PDF
GenerationAI Paris 2025 | City of Light (COL)
byapidays
 
PPTX
apidays Paris 2025 | Integration is Feminist: Building Peace in Distributed S...
byapidays
 
PPTX
WEEK 1-introduction of industrial arts grade 7.pptx
byrosierufinomaliongan
 
PDF
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
PDF
TravelTech Paris 2025 | The EU Digital Identity Wallet and it’s impact on Tra...
byapidays
 
PDF
Why Many Smart Device Platforms Fail to Scale?
byPromeraki Developments
 
PDF
Supercharge Your Copilot-Driven Collaboration with Microsoft 365 Agents SDK
byAntti Koskela
 
PDF
NTG -Company Profile_Software_Vendor_Company_in_MENA
byMustafa Kuğu
 
PDF
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
PDF
The Emergence of Empathic XR: AWE Asia 2026 keynote
byMark Billinghurst
 
PPTX
NTG - Data Center Management System Software
byMustafa Kuğu
 
PDF
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
PDF
Rustici Software: eLearning standards in the age of AI
byRustici Software
 
PDF
Python Automation in Action: Real-World Use Cases and Practical Implementation
byDenys Smirnov
 
PPTX
How Does an ICO Launchpad Work Step-by-Step Breakdown.pptx
byTom Hardy S
 
PDF
Mount File Systems using UUID and Label - RHCSA (RH134).pdf
byLinuxCert Guru
 
PPTX
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
PDF
Configure and Manage Systemd Timers- RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
Analyze and Preserve Logs - RHCSA (RH134).pdf
byLinuxCert Guru
 
Computer architecture, Computer architecture ,Computer architecture
bywaheedqazi123
 
GenerationAI Paris 2025 | City of Light (COL)
byapidays
 
apidays Paris 2025 | Integration is Feminist: Building Peace in Distributed S...
byapidays
 
WEEK 1-introduction of industrial arts grade 7.pptx
byrosierufinomaliongan
 
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
TravelTech Paris 2025 | The EU Digital Identity Wallet and it’s impact on Tra...
byapidays
 
Why Many Smart Device Platforms Fail to Scale?
byPromeraki Developments
 
Supercharge Your Copilot-Driven Collaboration with Microsoft 365 Agents SDK
byAntti Koskela
 
NTG -Company Profile_Software_Vendor_Company_in_MENA
byMustafa Kuğu
 
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
The Emergence of Empathic XR: AWE Asia 2026 keynote
byMark Billinghurst
 
NTG - Data Center Management System Software
byMustafa Kuğu
 
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
Rustici Software: eLearning standards in the age of AI
byRustici Software
 
Python Automation in Action: Real-World Use Cases and Practical Implementation
byDenys Smirnov
 
How Does an ICO Launchpad Work Step-by-Step Breakdown.pptx
byTom Hardy S
 
Mount File Systems using UUID and Label - RHCSA (RH134).pdf
byLinuxCert Guru
 
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
Configure and Manage Systemd Timers- RHCSA (RH134).pdf
byLinuxCert Guru
 
Analyze and Preserve Logs - RHCSA (RH134).pdf
byLinuxCert Guru
 

Real-time Data Analytics mit Elasticsearch

  • 1.
    Real-time Data Analyticsmit Elasticsearch Bernhard Pflugfelder inovex GmbH
  • 2.
    2 ‣  Big DataEngineer @ inovex ‣  Fields of interest: ‣  search ‣  analytics ‣  big data ‣  bi ‣  Working with: ‣  Lucene ‣  Solr ‣  Elasticsearch ‣  Hadoop Ecosystem ‣  bpflugfelder@inovex.de Bernhard Pflugfelder
  • 3.
    ‣  elasticsearch intro ‣ import your data ‣  analyze your data ‣  visualize your data Agenda
  • 4.
    4 You know, …don’t you?
  • 5.
  • 6.
  • 7.
    7 elasticsearch intro architecture Primary ShardReplica Shard 1 2 3 Master node 321 Node 21 3 Node JSON Input JSON Output
  • 8.
  • 9.
  • 10.
    10 real-time get core typesmapping search query types insert, update, delete snapshot & backup elasticsearch intro core types, mapping, manipulation
  • 11.
    11 getting data intoelasticsearch …
  • 12.
    12 getting data intoelasticsearch logstash index api http bindings rivers spring-data- elasticsearch flume fluentd
  • 13.
    ‣  log collectionand management tool ‣  collects, parses and stores log events ‣  became part of the ELK stack ‣  seamless integration with elasticsearch ‣  plugin architecture: ‣  inputs (syslog, ganglia, log4j and more) ‣  codec (json, line, multiline,… ) ‣  filters (csv, json, date, grep, … ) ‣  outputs (elasticsearch, … ) ‣  expect that logstash will be promoted to a more general ingestion pipeline 13 getting data into elasticsearch logstash
  • 14.
    ‣  works asan elasticsearch plugin ‣  service for pulling data into cluster ‣  examples: ‣  couchdb river ‣  rabbitmq river ‣  csv river ‣  jdbc river ‣  twitter river ‣  wikipedia river ‣  runs on a single node ‣  automatic allocation ‣  shall be deprecated sooner or later 14 getting data into elasticsearch rivers
  • 15.
    ‣  former hadoop-elasticsearchbecame official integration of elasticsearch and hadoop ‣  makes elasticsearch accessible from hive, pig, cascading and map/reduce ‣  automatic mapping between elasticsearch’s json and hadoop file formats ‣  every query to elasticsearch is performed by m/r jobs as follows: ‣  one mapper task per shard ‣  final aggregation by reducer ‣  elasticsearch works as a separate data store, index files are not stored in hdfs 15 getting data into elasticsearch elasticsearch and hadoop from http://www.elasticsearch.org/blog/elasticsearch-and-hadoop/
  • 16.
  • 17.
    17 analyze your data youknow about facets, I am sure
  • 18.
    18 analyze your data sameanalysis methodology, other visualization == kibana panels
  • 19.
    19 analyze your data nextgeneration of facets facets aggregations limited analysis functionality facets enabling custom analysis
  • 20.
    20 analyze your data aggregations(aggs) ‣  gives insight into data space by ‣  slicing along dimensions ‣  drill down ‣  interactive ‣  quick by using field data ‣  two types of aggregations ‣  many types of aggregators ‣  customize with scripting ‣  use over search api ‣  json in / json out
  • 21.
    Bucket aggs Aggregations thatsplit the original set of documents into separate buckets. Metric aggs Aggregations that compute a specific metrics over a set of documents by aggregating of all documents per bucket. 21 analyze your data two aggregation types
  • 22.
    22 analyze your data aggregationexample _id: 1 ref: seo _id: 2 ref: direct _id: 3 ref: seo _id: 4 ref: other _id: 5 ref: direct _id: 6 ref: seo ref: seo id: 1, 3, 6 ref: direct id: 2, 5 ref: other id: 4 bucket metrics 3 2 1
  • 23.
    23 analyze your data aggregationexample _id: 1 ref: seo _id: 2 ref: direct _id: 3 ref: seo _id: 4 ref: other _id: 5 ref: direct _id: 6 ref: seo seo id: 1, 3, 6 direct id: 2, 5 other id: 4 buckets metrics 2 1 1 desktop id: 1 mobile id: 3, 6 desktop id: 1, 3, 6 1 desktop id: 2 mobile id: 5 1
  • 24.
    my_aggregation: 24 analyze your data customizeyour analysis with nested aggregators "aggregations": {! !"<aggregation_name>": {! ! !"<aggregation_type>": {! ! ! !<aggregation_body>! ! !},! ! !["aggregations": { [<sub_aggregation>]* }]! !}! ![,"<aggregation_name_2>": { … }]*! }! bucket 1 bucket 2 bucket n metrics…
  • 25.
    ‣  terms ‣  range ‣ date range ‣  histogram ‣  date histogram ‣  geo distance ‣  geohash grid ‣  ... ‣  min ‣  max ‣  sum ‣  avg ‣  value count ‣  percentiles ‣  cardinality ‣  ... 25 analyze your data many types of aggregators
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
    30 ‣  elasticsearch isnot only a search technology ‣  elasticsearch also provides powerful capabilities for data analytics ‣  aggregations framework ‣  real-time analytics ‣  plus: elasticsearch enables you to analyze unstructured along with structured data in one place ‣  data analytics ecosystem of elasticsearch: ‣  ELK stack (ingestion + analysis + visualization) ‣  deep hadoop integration to avoid separate data silos and make use of the advantages of both words wrapping up … and thanks for your attention!
  • 31.
    31 Thank you verymuch for your attention Contact Bernhard Pflugfelder Big Data Engineer Cell: 0173 3181088 Mail: bernhard.pflugfelder@inovex.de