Ingestion APIsedit

In Kibana, the Use the API ingestion method enables you to programmatically add documents to your search-optimized Elasticsearch index.

Enterprise Search now writes directly to Elasticsearch indices. We recommend using Elasticsearch APIs for optimized ingestion. Get up and running quickly with these APIs by using an Elasticsearch programming language client.

If you prefer to use App Search ingestion tools, refer to the App Search documentation.

Getting startededit

Create an Elasticsearch indexedit

To use the API ingestion method, first create an Elasticsearch index:

  1. In Kibana, navigate to Search > Content > Elasticsearch indices.
  2. Select Create new index.
  3. Choose Use the API ingestion method.
  4. Name your index and (optionally) select a language analyzer. The index name will be automatically prefixed with search-.
  5. Select Create index.

Once created, you can follow our getting started flow in the UI. This includes code samples for integrating with a number of Elasticsearch programming language clients.

Create an API keyedit

You’ll need an API key to authenticate your requests to the ingestion API.

Select Manage API keys to view existing API keys, or to create a new one. Follow the UI instructions if you need to create a new API key.

Refer to the Kibana documentation for more information about API keys.

Elasticsearch HTTP APIsedit

Use the following Elasticsearch Document APIs to index documents:

  • Bulk API: Performs multiple indexing or delete operations in a single API call. This reduces overhead and can greatly increase indexing speed. We generally recommend using the bulk API to index documents.

    Some officially supported clients provide helpers for bulk requests and reindexing. Refer to the bulk API documentation for more information.

  • Index API: Adds a JSON document to the specified data stream or index and makes it searchable.
  • Update API: Enables you to script document updates. The script can update, delete, or skip modifying the document.
  • Update By Query API: Updates documents that match a specified query.

Elasticsearch limits the maximum size of a HTTP request to 100mb by default. It is impossible to index a single document which exceeds the size limit. Pre-process larger documents into smaller chunks before sending them to Elasticsearch. For more information, refer to the Bulk API description information.

Programming language clientsedit

Elasticsearch programming language clientsedit

Elasticsearch provides official clients for many programming languages. This enables you to use the Elasticsearch APIs in your application, without having to write your own HTTP requests.

See the full list of Elasticsearch programming language clients.

Enterprise Search programming language clientsedit

These client libraries provide programming language native APIs for Enterprise Search, App Search, and Workplace Search.

See the full list of Enterprise Search programming language clients.

Learn moreedit