WARNING: The 2.x versions of Elasticsearch have passed their EOL dates. If you are running a 2.x version, we strongly advise you to upgrade.
This documentation is no longer maintained and may be removed. For the latest information, see the current Elasticsearch documentation.
Now that we have covered the simple case of searching for structured data, it is time to explore full-text search: how to search within full-text fields in order to find the most relevant documents.
The two most important aspects of full-text search are as follows:
- The ability to rank results by how relevant they are to the given query, whether relevance is calculated using TF/IDF (see What Is Relevance?), proximity to a geolocation, fuzzy similarity, or some other algorithm.
- The process of converting a block of text into distinct, normalized tokens (see Analysis and Analyzers) in order to (a) create an inverted index and (b) query the inverted index.
As soon as we talk about either relevance or analysis, we are in the territory of queries, rather than filters.
Intro to Kibana
ELK for Logs & Metrics