Tech Topics

Welcome to the Elastic Advent Calendar, 2020! A look at Week One

By
David Pilato

Drawing inspiration from the Elastic Stack calendar on Qiita (fully in Japanese) and SysAdvent (in English), our Elasticians shared 25 awesome topics with our community over the first 25 days of December in 2017, 2018 and 2019. We had such fun that we wanted to do it all over again for 2020!

We are covering a range of different topics, in a bunch of languages, to represent the Elastic team and our technologies.

You can follow the topics as they are posted right there, we'll tweet each new topic daily and be doing a weekly recap blog post like this one. Here's what you may have missed so far. This week you can learn more about Synthetics, Phonetic search, ESM for data migration, ECS, searching for local files with workplace search, importing OSM data, using Rally to import/export datasets...

Week One in review

Dec 1 [english] — Synthetics: proactive problem detection (Elasticsearch and Python - tools for a data scientist), by Ahil PonArul

Elastic is excited to introduce synthetic monitoring to our Uptime solution. This allows for more advanced uptime checks beyond basic pings. Combined with our new User Experience UI it also enables proactive problem detection.

This is a step by step example of how to set Synthetics up, as well as integrate it with APM.

Dec 2 [german] — Aufgemerkt & zugehört! Bessere Suchresultate mit phonetischer Suche, by Alexander Reelsen 

Phonetische Suche ist eine Möglichkeit, nach ähnlichen klingenden Termen zu suchen, indem ein phonetischer Hash im invertierten Index gespeichert wird. In diesem Artikel schauen wir uns einige unterschiedliche phonetische Algorithmen in Elasticsearch an und wie diese die eigene Suche verbessern können.

Dec 3 [english] — Cross version Elasticsearch data migration with ESM, by Medcl Zeng

I heard that you are using Elasticsearch, that's great as, you know for search, it is the best choice, and it is evolving very fast. There are so many new and nice features coming up or already that i guess you can't wait to upgrade to the latest version, right?

This blog post will explain how ESM could help to do your data migration.

Dec 4 [english] — Validate Elastic Common Schema (ECS) fields using Security Detection Rules, by Eric Beahan 

The Elastic Common Schema (ECS) provides an open, consistent model for structuring your data in the Elastic Stack. By normalizing data to a single common model, you can uniformly examine your data using interactive search, visualizations, and automated analysis.

Elastic provides hundreds of integrations that are ECS-compliant out-of-the-box, but ECS also allows you to normalize custom data sources. Normalizing a custom source can be an iterative and sometimes time-intensive process. However, we can use the Elastic Security Detection Engine to help quickly identify ECS non-compliance in our events.

Dec 5 [français/english] — Recherchez tous vos documents, n'importe où, avec Workplace Search | Searching anything, anywhere with Workplace Search, by David Pilato

You already know that Workplace Search comes with a lot of connectors which help you connect your enterprise document data sources and have a federated way to search across all that information. But what if a specific data source is not supported yet?

This post will cover how you can create a custom data source to send your own data. We'll also cover an example of how this was used in the community FSCrawler project.

Dec 6 [spanish/english] — Cargando datos de OSM en Elasticsearch | Uploading data from OSM into Elasticsearch, by Jorge Sanz 

One of the most common issues for Elastic stack users that deal with geospatial data is how to upload geospatial data users is how to ingest data in Elasticsearch. You can check Kibana 7.10 docs to learn about different ways to achieve this. Some time ago we wrote a blog post that introduces ogr2ogr, a tool from the GDAL library that helps on ingesting data from dozens of formats into Elasticsearch.

In this Advent Calendar post, we develop an example of this workflow using Docker to leverage the last version of the GDAL tool and OpenStreetMap as a popular source of Open Data Points of Interests.

Dec 7 [français/english] — Utilisez Rally comme outil d'import/export de données | Using Rally as a data import/export tool, by Laurent Huet 

This post will show you how you can use Rally to export data from one cluster to another. The idea is to extract the whole data from one or more indices in a (big) flat file and reuse it later to easily import in another cluster.

Rally helps you do that very easily.

More to come

It’s a great collection of content packed into some mighty small space, and we’d love to hear your feedback on the posts. Happy reading!