Streamline your workflow with ESQL enhance data analysis with real-time insights, and speed up aggregations and visualizations Key Features Apply ESQL efficiently in analytics, observability, and cybersecurity Optimize performance and scalability for high-demand environments Discover how to visualize and debug ESQL queries Purchase of the print or Kindle book includes a free PDF eBook Book Description Built to simplify high-scale data analytics in Elasticsearch, this practical guide will take you from foundational concepts to advanced applications across search, observability, and security. It will help you overcome common challenges such as efficiently querying large datasets, applying advanced analytics without deep prior knowledge, and resolving for a unique and consolidated query language. Written by senior experts at Elastic with extensive field experience, this book delivers actionable guidance rooted in solving today’s data challenges at scale. After introducing ESQL and its architecture, the chapters explore real-world applications across various domains, including analytics, raw log analysis, observability, and cybersecurity. Advanced topics such as scaling, optimization, and future developments are also covered to help you maximize your ESQL capabilities. By the end of this book, you’ll be able to leverage ESQL for comprehensive data management and analysis, optimizing your workflows and enhancing your productivity with Elasticsearch. What you will learn Gain a solid understanding of ESQL and its architecture Use ESQL for data analysis and performance monitoring Apply ESQL in cybersecurity for threat detection and incident response Find out how to perform advanced searches using ESQL Prepare for future ESQL developments Showcase ESQL in action through real-world, persona-driven use cases Who this book is for If you’re an Elasticsearch user, this book is essential for your growth. Whether you’re a data analyst looking to build analytics on top of Elasticsearch, an SRE monitoring the health of your IT system, or a cybersecurity analyst, this book will give you a complete understanding of how ESQL is built and used. Additionally, database administrators, business intelligence professionals, and operational intelligence professionals will find this book invaluable. Even with a beginner-level knowledge of Elasticsearch, you’ll be able to get started and make the most of this comprehensive guide.

In this session we will explain how we are tuning, analyzing and fixing Elasticsearch huge cluster's performance issues in BNP Paribas, and how we are sizing our infrastructure to cope our performance needs.

We’ll explore: - How Elasticsearch can be used to organize and search through large content libraries (music samples, project files, video clips, code snippets) for fast retrieval. - Ways Kibana visualizations can track audience engagement and content performance in real time. - The role of AI-driven insights in shaping creative output, from deciding which DJ mixes to publish next to optimizing Python course delivery for beginners. - How to bridge technical concepts with creative workflows to reach a global audience, including Spanish-speaking learners in Latin America and Spain. Whether you’re a developer, educator, or creator, you’ll leave with practical ideas for using Elastic’s tools to bring structure, insight, and scalability to your own projects, technical or creative.

Streams provides a single, centralized UI within Kibana that streamlines common tasks like extracting fields, setting data retention, and routing data using AI, so you don't need to use multiple applications or manually configure underlying Elasticsearch components.

This talk examines the October 2024 Zalando outage, which resulted in severe revenue impact. The incident was triggered by an automated security scan that uncovered an unprotected GraphQL endpoint. This led to an unexpected amplification of requests, causing computationally expensive queries against the service in front of the search indices and ultimately overloading the Elasticsearch clusters. The prolonged impact highlighted difficulties in pinpointing the root cause of high load in Elasticsearch, and proved that even though a perfect storm is by definition a rare occurrence, it still should never be discarded. Sometimes, when you hear the hoofbeats, they are zebras after all.

Comment feriez-vous pour créer Elasticsearch si vous commenciez ce projet en 2025 ? Découpler le calcul (compute) du stockage (storage); Externaliser la gestion de la persistence et la réplication à un blob store comme S3, Google Cloud Storage ou encore Azure Blob Storage; Dynamiquement ajouter ou supprimer des instances; Avoir les bonnes valeurs par défaut; Et un chemin hyper clair et fluide pour les développeurs. C'est exactement ce que nous avons fait avec Elastic Serverless. Lors de cette session, vous allez découvrir comment nous avons re-conçu Elasticsearch pour lui permettre d'en faire davantage avec une architecture Stateless qui peut exécuter des requêtes sur un espace de stockage froid (cold storage).

KAI est une solution de datacleaning de données non structurées, basé notamment sur la recherche vectorielle d'Elasticsearch et son mode BBQ, récemment lancé. Stéphane NGO, CEO, k-ai expliquera pourquoi il est passé de la solution Cloud Hosted d'Elastic à sa version Serverless et quels sont les observations qu'il peut en tirer.

Découvrez comment la création de divers projets parallèles a révélé le besoin d'un outil plus performant et sécurisé pour interagir avec Elasticsearch. Explorez avec nous le processus qui nous a amenés à choisir Rust pour son potentiel en termes de performance et de sécurité. Ce talk présente un POC (Proof of Concept) illustrant comment ces projets parallèles ont inspiré et façonné sa création. Nous examinerons un écosystème riche, les défis rencontrés et les solutions innovantes mises en œuvre pour aboutir à un outil robuste.

Everyone’s talking about AI agents! But what are they, and how do you build one? This talk cuts through the hype. Drawing on my experience building a GenAI platform, I’ll show that powerful agents are within reach, no advanced degree required. We’ll define agents simply: LLMs + tools + memory. Then we’ll build an agent with the OpenAI Python SDK, using coding basics you know: functions, loops, and conditions. I’ll show how you can enhance your agent with a knowledge base using Elasticsearch as a tool. By the end, you won't just understand agents; you'll be fully equipped to build your own.

For years, Elasticsearch was known as a powerful engine for traditional text ingestion, processing, and search - for example, logs. In this talk, we’ll cover the capabilities introduced since then that make Elasticsearch (and the rest of the Elastic Stack) a strong choice for going beyond log analysis and classic BM25 search. Topics include dense vectors, sparse vectors, and hybrid search, along with features that improve effectiveness in modern retrieval scenarios.

Discover how Trendyol leverages translation workflows with Elasticsearch, powering fast, scalable searches across translation memory and CMS content. It highlights techniques for scaling translation workflows and improving content retrieval.

How to create a customized running plan using Python, Elasticsearch, and Agno\nWhen working out, deciding what workout to do next to achieve a specific goal can be challenging. This talk will guide you through creating a four-week workout plan as a Notion page with to-do list items tailored to your workout history, helping you run a faster 5K

When working out, deciding what workout to do next to achieve a specific goal can be challenging. This talk will guide you through creating a four-week workout plan as a Notion page with to-do list items tailored to your workout history, helping you run a faster 5K

When working out, deciding what workout to do next to achieve a specific goal can be challenging. This talk will guide you through creating a four-week workout plan as a Notion page with to-do list items tailored to your workout history, helping you run a faster 5K

Scaling Agentic AI with Claude, MCP, and Vectors. We'll focus on a financial services Agentic AI case study that empowers analysts with a conversational AI assistant built using Anthropic Claude 3.5 Sonnet on Amazon Bedrock. Elasticsearch vector database. Elasticsearch MCP (Model Context Protocol) Server. This assistant transforms complex workflows—like assessing the impact of market news on thousands of customer portfolios—into an intuitive, natural language dialogue. We'll demonstrate how to build and deploy AI Agents that help: Rapidly identify patterns in complex financial data; Build meaningful correlations, such as linking news sentiment to portfolio performance; Engage with your data in real-time, using natural language. We'll also highlight how MCP servers can integrate additional services, such as weather data and email notifications, demonstrating the power of search and generative AI.

Experiments to analyze the utility, efficiency and effectiveness of brute force k nearest neighbor and approximate nearest neighbor algorithms available in Elasticsearch to enable Zalando's search, browse and fashion assistant capabilities.

Recognized by Gartner as a leading observability tool, Elasticsearch is not just log analytics. It has infrastructure monitoring, alerts, APM capabilities—and it's all open-source! Now with the addition of OpenTelemetry, it's even easier to onboard your telemetry data in a standard and vendor-neutral way. Join Andrzej in a technical session to discover the shortest path from zero to a fully functional open-source observability solution with the OTEK stack - OpenTelemetry, Elasticsearch and Kibana.

ES|QL is a new piped query language for Elasticsearch. It supports writing composable queries and it features a multi-staged execution. Unlike the other languages supported by Elasticsearch, ES|QL doesn't transpile to Query DSL or use the internal search client: it's based on its own stack. This comes with a sophisticated query analysis and optimisation steps, as well as parallelisation and vectorisation. This talk will give an overview of the execution flow of a query and touch on a few key implementation aspects, following the query from its first syntactic analysis down to Lucene delegation followed by returning the results back to the user, all in a distributed environment.