Open in app

Sign in

Write

Sign in

Mastering Elastic Stack with APIs: Tips and Tricks

Vakhtang Matskeplishvili
2 min readJul 2, 2024

--

Everything you can do via the Kibana UI can also be achieved through direct APIs, and often, APIs offer more operations than the UI. Here are some practical tips and tricks to enhance efficiency and effectiveness when using Elastic Stack APIs. I use the “Dev Tools” in Kibana to access APIs.

Utilize “Dev Tools” Shortcuts

  • Ctrl+Enter: Execute the current request.
  • Ctrl+I: Auto-indent the selected text or the current line.

Add Useful Arguments to APIs:

Enhance the output of your API calls with additional arguments:

  • h: Specify which columns to include in the response.
  • s: Sort the response by specified fields.
  • format: Set the output format (e.g., json, yaml).
  • bytes: Display byte values in a human-readable format.
  • time: Display time values in a human-readable format.

Example:

GET _cat/indices?v&h=index,docs.count,store.size&s=store.size:desc

Update Index Settings or Mappings Across Multiple Indices:

Use wildcards to update multiple indices at once.

Example: Decrease the number of replicas for all indices by pattern:

PUT /my-index-*/_settings
{
  "index": {
    "number_of_replicas": 0
  }
}

Adding New Fields to Existing Mappings:

You cannot change existing fields mappings, but you can add new ones.

Example: Adding a new field to an existing index:

PUT /my-index/_mapping
{
  "properties": {
    "new_field": {
      "type": "text"
    }
  }
}

Incorporate Existing Templates into ILM:

When adding an existing template to the Index Lifecycle Management (ILM), ensure you update the settings in the relevant indices.

Example: Adding existing indices to ILM:

PUT /my-index-*/_settings
{
  "index": {
    "lifecycle": {
      "name": "my-ilm-policy"
    }
  }
}

Fetch Detailed Cluster or Index Settings:

Use the detailed flag to get comprehensive settings information.

Example:

GET /_cluster/settings?include_defaults=true

Explore _cat APIs with h Flag:

The _cat APIs are extremely powerful for retrieving information. Use the h flag to specify fields that are not visible without it. This can provide more detailed information. For all fields, use h=*

Example: Check indices, their document count, and deleted documents:

GET _cat/indices?v&h=index,docs.count,docs.deleted

Diagnose Cluster Allocation Issues:

Use _cluster/allocation/explain to understand why a shard cannot be assigned.

GET /_cluster/allocation/explain

Speed Up Cluster Restore:

Adjust concurrent allocation settings to expedite cluster restoration during a rolling restart.

Example: Increase concurrent recoveries:

PUT _cluster/settings
{
  "transient": {
    "cluster.routing.allocation.node_concurrent_recoveries": 10
  }
}

I hope these insights help you streamline your processes and make the most out of your Elastic Stack. Feel free to reach out if you have any questions or need further assistance.

Additionally, explore the “DBeast Monitor” an open-source platform for Elastic Stack components​​​​, advanced monitoring, and optimization.

https://github.com/dbeast-co/dbeast-monitor

Elasticsearch
Elastic Stack
Elk
Kibana
Management

--

--

Vakhtang Matskeplishvili

Written by Vakhtang Matskeplishvili

18 Followers

Try my open-source applications for Elasticsearch on my site: https://dbeast.co

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams