- Elasticsearch Guide: other versions:
- Getting Started
- Set up Elasticsearch
- Installing Elasticsearch
- Configuring Elasticsearch
- Important Elasticsearch configuration
- Important System Configuration
- Bootstrap Checks
- Heap size check
- File descriptor check
- Memory lock check
- Maximum number of threads check
- Max file size check
- Maximum size virtual memory check
- Maximum map count check
- Client JVM check
- Use serial collector check
- System call filter check
- OnError and OnOutOfMemoryError checks
- Early-access check
- G1GC check
- All permission check
- Starting Elasticsearch
- Stopping Elasticsearch
- Adding nodes to your cluster
- Installing X-Pack
- Set up X-Pack
- Configuring X-Pack Java Clients
- X-Pack Settings
- Bootstrap Checks for X-Pack
- Upgrade Elasticsearch
- API Conventions
- Document APIs
- Search APIs
- Aggregations
- Metrics Aggregations
- Avg Aggregation
- Weighted Avg Aggregation
- Cardinality Aggregation
- Extended Stats Aggregation
- Geo Bounds Aggregation
- Geo Centroid Aggregation
- Max Aggregation
- Min Aggregation
- Percentiles Aggregation
- Percentile Ranks Aggregation
- Scripted Metric Aggregation
- Stats Aggregation
- Sum Aggregation
- Top Hits Aggregation
- Value Count Aggregation
- Bucket Aggregations
- Adjacency Matrix Aggregation
- Auto-interval Date Histogram Aggregation
- Intervals
- Children Aggregation
- Composite Aggregation
- Date Histogram Aggregation
- Date Range Aggregation
- Diversified Sampler Aggregation
- Filter Aggregation
- Filters Aggregation
- Geo Distance Aggregation
- GeoHash grid Aggregation
- Global Aggregation
- Histogram Aggregation
- IP Range Aggregation
- Missing Aggregation
- Nested Aggregation
- Range Aggregation
- Reverse nested Aggregation
- Sampler Aggregation
- Significant Terms Aggregation
- Significant Text Aggregation
- Terms Aggregation
- Pipeline Aggregations
- Avg Bucket Aggregation
- Derivative Aggregation
- Max Bucket Aggregation
- Min Bucket Aggregation
- Sum Bucket Aggregation
- Stats Bucket Aggregation
- Extended Stats Bucket Aggregation
- Percentiles Bucket Aggregation
- Moving Average Aggregation
- Moving Function Aggregation
- Cumulative Sum Aggregation
- Bucket Script Aggregation
- Bucket Selector Aggregation
- Bucket Sort Aggregation
- Serial Differencing Aggregation
- Matrix Aggregations
- Caching heavy aggregations
- Returning only aggregation results
- Aggregation Metadata
- Returning the type of the aggregation
- Metrics Aggregations
- Indices APIs
- Create Index
- Delete Index
- Get Index
- Indices Exists
- Open / Close Index API
- Shrink Index
- Split Index
- Rollover Index
- Put Mapping
- Get Mapping
- Get Field Mapping
- Types Exists
- Index Aliases
- Update Indices Settings
- Get Settings
- Analyze
- Index Templates
- Indices Stats
- Indices Segments
- Indices Recovery
- Indices Shard Stores
- Clear Cache
- Flush
- Refresh
- Force Merge
- cat APIs
- Cluster APIs
- Query DSL
- Mapping
- Analysis
- Anatomy of an analyzer
- Testing analyzers
- Analyzers
- Normalizers
- Tokenizers
- Standard Tokenizer
- Letter Tokenizer
- Lowercase Tokenizer
- Whitespace Tokenizer
- UAX URL Email Tokenizer
- Classic Tokenizer
- Thai Tokenizer
- NGram Tokenizer
- Edge NGram Tokenizer
- Keyword Tokenizer
- Pattern Tokenizer
- Char Group Tokenizer
- Simple Pattern Tokenizer
- Simple Pattern Split Tokenizer
- Path Hierarchy Tokenizer
- Path Hierarchy Tokenizer Examples
- Token Filters
- Standard Token Filter
- ASCII Folding Token Filter
- Flatten Graph Token Filter
- Length Token Filter
- Lowercase Token Filter
- Uppercase Token Filter
- NGram Token Filter
- Edge NGram Token Filter
- Porter Stem Token Filter
- Shingle Token Filter
- Stop Token Filter
- Word Delimiter Token Filter
- Word Delimiter Graph Token Filter
- Multiplexer Token Filter
- Conditional Token Filter
- Predicate Token Filter Script
- Stemmer Token Filter
- Stemmer Override Token Filter
- Keyword Marker Token Filter
- Keyword Repeat Token Filter
- KStem Token Filter
- Snowball Token Filter
- Phonetic Token Filter
- Synonym Token Filter
- Synonym Graph Token Filter
- Compound Word Token Filters
- Reverse Token Filter
- Elision Token Filter
- Truncate Token Filter
- Unique Token Filter
- Pattern Capture Token Filter
- Pattern Replace Token Filter
- Trim Token Filter
- Limit Token Count Token Filter
- Hunspell Token Filter
- Common Grams Token Filter
- Normalization Token Filter
- CJK Width Token Filter
- CJK Bigram Token Filter
- Delimited Payload Token Filter
- Keep Words Token Filter
- Keep Types Token Filter
- Exclude mode settings example
- Classic Token Filter
- Apostrophe Token Filter
- Decimal Digit Token Filter
- Fingerprint Token Filter
- Minhash Token Filter
- Remove Duplicates Token Filter
- Character Filters
- Modules
- Index Modules
- Ingest Node
- Pipeline Definition
- Ingest APIs
- Accessing Data in Pipelines
- Conditional Execution in Pipelines
- Handling Failures in Pipelines
- Processors
- Append Processor
- Bytes Processor
- Convert Processor
- Date Processor
- Date Index Name Processor
- Dissect Processor
- Drop Processor
- Dot Expander Processor
- Fail Processor
- Foreach Processor
- Grok Processor
- Gsub Processor
- Join Processor
- JSON Processor
- KV Processor
- Lowercase Processor
- Pipeline Processor
- Remove Processor
- Rename Processor
- Script Processor
- Set Processor
- Set Security User Processor
- Split Processor
- Sort Processor
- Trim Processor
- Uppercase Processor
- URL Decode Processor
- SQL Access
- Monitor a cluster
- Rolling up historical data
- Set up a cluster for high availability
- Secure a cluster
- Overview
- Configuring security
- Encrypting communications in Elasticsearch
- Encrypting communications in an Elasticsearch Docker Container
- Enabling cipher suites for stronger encryption
- Separating node-to-node and client traffic
- Configuring an Active Directory realm
- Configuring a file realm
- Configuring an LDAP realm
- Configuring a native realm
- Configuring a PKI realm
- Configuring a SAML realm
- Configuring a Kerberos realm
- FIPS 140-2
- Security settings
- Security files
- Auditing settings
- How security works
- User authentication
- Built-in users
- Internal users
- Realms
- Realm chains
- Active Directory user authentication
- File-based user authentication
- LDAP user authentication
- Native user authentication
- PKI user authentication
- SAML authentication
- Kerberos authentication
- Integrating with other authentication systems
- Enabling anonymous access
- Controlling the user cache
- Configuring SAML single-sign-on on the Elastic Stack
- User authorization
- Auditing security events
- Encrypting communications
- Restricting connections with IP filtering
- Cross cluster search, tribe, clients, and integrations
- Tutorial: Getting started with security
- Tutorial: Encrypting communications
- Troubleshooting
- Can’t log in after upgrading to 6.5.4
- Some settings are not returned via the nodes settings API
- Authorization exceptions
- Users command fails due to extra arguments
- Users are frequently locked out of Active Directory
- Certificate verification fails for curl on Mac
- SSLHandshakeException causes connections to fail
- Common SSL/TLS exceptions
- Common Kerberos exceptions
- Common SAML issues
- Internal Server Error in Kibana
- Setup-passwords command fails due to connection failure
- Failures due to relocation of the configuration files
- Limitations
- Alerting on Cluster and Index Events
- Command line tools
- How To
- Testing
- Glossary of terms
- X-Pack APIs
- Info API
- Cross-cluster replication APIs
- Explore API
- Licensing APIs
- Migration APIs
- Machine learning APIs
- Add events to calendar
- Add jobs to calendar
- Close jobs
- Create calendar
- Create datafeeds
- Create filter
- Create jobs
- Delete calendar
- Delete datafeeds
- Delete events from calendar
- Delete filter
- Delete forecast
- Delete jobs
- Delete jobs from calendar
- Delete model snapshots
- Find file structure
- Flush jobs
- Forecast jobs
- Get calendars
- Get buckets
- Get overall buckets
- Get categories
- Get datafeeds
- Get datafeed statistics
- Get influencers
- Get jobs
- Get job statistics
- Get machine learning info
- Get model snapshots
- Get scheduled events
- Get filters
- Get records
- Open jobs
- Post data to jobs
- Preview datafeeds
- Revert model snapshots
- Start datafeeds
- Stop datafeeds
- Update datafeeds
- Update filter
- Update jobs
- Update model snapshots
- Rollup APIs
- Security APIs
- Authenticate
- Change passwords
- Clear cache
- Clear roles cache
- Create or update application privileges
- Create or update role mappings
- Create or update roles
- Create or update users
- Delete application privileges
- Delete role mappings
- Delete roles
- Delete users
- Disable users
- Enable users
- Get application privileges
- Get role mappings
- Get roles
- Get token
- Get users
- Has privileges
- Invalidate token
- SSL certificate
- Watcher APIs
- Definitions
- Release Highlights
- Breaking changes
- Release Notes
- Elasticsearch version 6.5.4
- Elasticsearch version 6.5.3
- Elasticsearch version 6.5.2
- Elasticsearch version 6.5.1
- Elasticsearch version 6.5.0
- Elasticsearch version 6.4.3
- Elasticsearch version 6.4.2
- Elasticsearch version 6.4.1
- Elasticsearch version 6.4.0
- Elasticsearch version 6.3.2
- Elasticsearch version 6.3.1
- Elasticsearch version 6.3.0
- Elasticsearch version 6.2.4
- Elasticsearch version 6.2.3
- Elasticsearch version 6.2.2
- Elasticsearch version 6.2.1
- Elasticsearch version 6.2.0
- Elasticsearch version 6.1.4
- Elasticsearch version 6.1.3
- Elasticsearch version 6.1.2
- Elasticsearch version 6.1.1
- Elasticsearch version 6.1.0
- Elasticsearch version 6.0.1
- Elasticsearch version 6.0.0
- Elasticsearch version 6.0.0-rc2
- Elasticsearch version 6.0.0-rc1
- Elasticsearch version 6.0.0-beta2
- Elasticsearch version 6.0.0-beta1
- Elasticsearch version 6.0.0-alpha2
- Elasticsearch version 6.0.0-alpha1
- Elasticsearch version 6.0.0-alpha1 (Changes previously released in 5.x)
IMPORTANT: No additional bug fixes or documentation updates
will be released for this version. For the latest information, see the
current release documentation.
Elasticsearch version 6.2.0
editElasticsearch version 6.2.0
editBreaking Changes
edit- Aggregations
- Core
-
- Forbid granting the all permission in production #27548
- Highlighting
- Rollover
- Search
Breaking Java Changes
editDeprecations
edit- Analysis
- Suggesters
New Features
edit- Machine Learning
-
- Added the ability to identify scheduled events and prevent anomaly detection during these periods. For more information, see Calendars and Scheduled Events.
- Plugin Ingest GeoIp
- Plugin Lang Painless
- Plugins
- Rank Evaluation
- Recovery
- Reindex API
- Security
-
- X-Pack security now supports user authentication using SAML Single Sign on. For more information, see SAML authentication.
- Watcher
-
- Added a transform input for chained input. For more information, see Transforming chained input data.
Enhancements
edit- Allocation
- Analysis
- Circuit Breakers
- Cluster
- Core
-
- Introduce elasticsearch-core jar #28191 (issue: #27933)
- Rename core module to server #28190 (issue: #27933)
- Rename core module to server #28180 (issue: #27933)
- Introduce elasticsearch-core jar #28178 (issue: #27933)
- Add Writeable.Reader support to TransportResponseHandler #28010 (issue: #26315)
- Simplify rejected execution exception #27664 (issue: #27663)
- Add node name to thread pool executor name #27663 (issues: #26007, #26835)
- Discovery
- Engine
- Geo
- Highlighting
- Ingest
- Internal
- Java API
- Java High Level REST Client
-
- add toString implementation for UpdateRequest. #27997 (issue: #27986)
- Add Close Index API to the high level REST client #27734 (issue: #27205)
- Add Open Index API to the high level REST client #27574 (issue: #27205)
- Added Create Index support to high-level REST client #27351 (issue: #27205)
- Add multi get api to the high level rest client #27337 (issue: #27205)
- Add msearch api to high level client #27274
- Machine Learning
-
- Increased tokenization flexibility for categorization. Now all Elasticsearch analyzer functionality is available, which opens up the possibility of sensibly categorizing non-English log messages. For more information, see Customizing the Categorization Analyzer.
- Improved the sensitivity of the analysis to high variance data with lots of values near zero.
- Improved the decay rate of the model memory by using a weighted moving average.
-
Machine learning indices created after upgrading to 6.2 have the
auto_expand_replicas: 0-1
setting rather than a fixed setting of 1 replica. As a result, machine learning indices created after upgrading to 6.2 can have a green status on single node clusters. There is no impact in multi-node clusters. - Changed the credentials that are used by datafeeds. When X-Pack security is enabled, a datafeed stores the roles of the user who created or updated the datafeed at that time. This means that if those roles are updated, the datafeed subsequently runs with the new permissions that are associated with the roles. However, if the user’s roles are adjusted after creating or updating the datafeed then the datafeed continues to run with the permissions that are associated with the original roles. For more information, see Datafeeds.
-
Added a new
scheduled
forecast status, which indicates that the forecast has not started yet.
- Mapping
- Monitoring
-
-
X-Pack monitoring indices (
.monitoring
) created after upgrading to 6.2 have theauto_expand_replicas: 0-1
setting rather than a fixed setting of 1 replica. As a result, monitoring indices created after upgrading to 6.2 can have a green status on single node clusters. There is no impact in multi-node clusters. - Added a cluster alert that triggers whenever a node is added, removed, or restarted.
-
X-Pack monitoring indices (
- Network
-
- Add NioGroup for use in different transports #27737 (issue: #27260)
- Add read timeouts to http module #27713
-
Implement byte array reusage in
NioTransport
#27696 (issue: #27563) - Introduce resizable inbound byte buffer #27551 (issue: #27563)
- Decouple nio constructs from the tcp transport #27484 (issue: #27260)
- Packaging
- Percolator
-
- also extract match_all queries when indexing percolator queries #27585
- Plugin Lang Painless
- Plugins
- Rank Evaluation
-
- Simplify RankEvalResponse output #28266
- Recovery
-
- Truncate tlog cli should assign global checkpoint #28192 (issue: #28181)
- Replica starts peer recovery with safe commit #28181 (issue: #10708)
- Primary send safe commit in file-based recovery #28038 (issue: #10708)
- Fail resync-failed shards in subsequent writes #28005
- Introduce promoting index shard state #28004 (issue: #24841)
- Non-peer recovery should set the global checkpoint #27965
- Persist global checkpoint when finalizing a peer recovery #27947 (issue: #27861)
- Rollback a primary before recovering from translog #27804 (issue: #10708)
- Search
- Security
-
- Added the ability to refresh tokens that were created by the token API. The API provides information about a refresh token, which you can use within 24 hours of its creation to extend the life of a token. For more information, see Token management APIs.
-
Added principal and role information to
access_granted
,access_denied
,run_as_granted
, andrun_as_denied
audit events. For more information about these events, see Auditing Security Events. - Added audit event ignore policies, which are a way to tune the verbosity of an audit trail. These policies define rules for ignoring audit events that match specific attribute values. For more information, see Logfile Audit Events Ignore Policies.
- Added a certificates API, which enables you to retrieve information about the X.509 certificates that are used to encrypt communications in your Elasticsearch cluster. For more information, see SSL certificate.
- Sequence IDs
-
- Do not keep 5.x commits when having 6.x commits #28188 (issues: #27606, #28038)
- Use lastSyncedGlobalCheckpoint in deletion policy #27826 (issue: #27606)
- Use CountedBitSet in LocalCheckpointTracker #27793
- Only fsync global checkpoint if needed #27652
- Keep commits and translog up to the global checkpoint #27606
- Adjust CombinedDeletionPolicy for multiple commits #27456 (issues: #10708, #27367)
- Keeps index commits up to the current global checkpoint #27367 (issue: #10708)
- Dedup translog operations by reading in reverse #27268 (issue: #10708)
- Settings
-
- Add validation of keystore setting names #27626
- Snapshot/Restore
- Task Manager
- Translog
- Watcher
-
-
Added the ability to set the
index
anddoc_type
dynamically in an index action. For more information, see Index Action. -
Added a
refresh
index action attribute, which enables you to set the refresh policy of the write request. For more information, see Index Action. - Added support for actions in slack attachments, which enables you to add buttons that can be clicked in slack messages. For more information, see Slack Action.
-
Watcher indices (
.watch*
andtriggered_watches
) created after upgrading to 6.2 have theauto_expand_replicas: 0-1
setting rather than a fixed setting of 1 replica. As a result, Watcher indices created after upgrading to 6.2 can have a green status on single node clusters. There is no impact in multi-node clusters.
-
Added the ability to set the
Bug Fixes
edit- Aggregations
-
- Adds metadata to rewritten aggregations #28185 (issue: #28170)
- Fix NPE on composite aggregation with sub-aggregations that need scores #28129
- StringTerms.Bucket.getKeyAsNumber detection type #28118 (issue: #28012)
- Fix incorrect results for aggregations nested under a nested aggregation #27946 (issue: #27912)
- Fix global aggregation that requires breadth first and scores #27942 (issues: #22321, #27928)
- Fix composite aggregation when after term is missing in the shard #27936
- Fix preserving FiltersAggregationBuilder#keyed field on rewrite #27900 (issue: #27841)
- Using DocValueFormat::parseBytesRef for parsing missing value parameter #27855 (issue: #27788)
-
Fix illegal cast of the "low cardinality" optimization of the
terms
aggregation. #27543 - Always include the _index and _id for nested search hits. #27201 (issue: #27053)
- Allocation
-
- Do not open indices with broken settings #26995
- Core
-
- Fix lock accounting in releasable lock #28202
- Fixes ByteSizeValue to serialise correctly #27702 (issue: #27568)
- Do not set data paths on no local storage required #27587 (issue: #27572)
- Ensure threadcontext is preserved when refresh listeners are invoked #27565
- Ensure logging is configured for CLI commands #27523 (issue: #27521)
- Engine
- Geo
- Highlighting
-
- Fix highlighting on a keyword field that defines a normalizer #27604
- Inner Hits
- Internal
- Java REST Client
- Machine Learning
-
- Improved error reporting for crashes and resource problems on Linux.
- Improved the detection of seasonal trends in bucket spans longer than 1 hour.
- Updated the forecast API to wait for validation and return an error if the validation fails.
- Set the actual bucket value to 0 in model plots for empty buckets for count and sum functions. The count and sum functions treat empty buckets as 0 rather than unknown for anomaly detection, so it was inconsistent not to do the same for model plots. This inconsistency resulted in problems plotting these buckets in Kibana.
- Mapping
- Network
-
- Only bind loopback addresses when binding to local #28029 (issue: #1877)
- Remove potential nio selector leak #27825
- Fix issue where the incorrect buffers are written #27695 (issue: #27551)
- Throw UOE from compressible bytes stream reset #27564 (issue: #24927)
- Bubble exceptions when closing compressible streams #27542 (issue: #27540)
- Packaging
- Percolator
- Plugin Analysis ICU
-
- Catch InvalidPathException in IcuCollationTokenFilterFactory #27202
- Plugin Analysis Phonetic
- Plugin Lang Painless
- Plugin Repository HDFS
-
- Fix SecurityException when HDFS Repository used against HA Namenodes #27196
- Plugins
- Recovery
-
- Open engine should keep only starting commit #28228 (issues: #27804, #28181)
- Allow shrinking of indices from a previous major #28076 (issue: #28061)
- Set global checkpoint before open engine from store #27972 (issues: #27965, #27970)
- Check and repair index under the store metadata lock #27768 (issues: #24481, #24787, #27731)
- Flush old indices on primary promotion and relocation #27580 (issue: #27536)
- Rollover
- Scripting
-
- Ensure we protect Collections obtained from scripts from self-referencing #28335
- Scroll
- Search
-
- Fix simple_query_string on invalid input #28219 (issue: #28204)
- Use the underlying connection version for CCS connections #28093
- Fix synonym phrase query expansion for cross_fields parsing #28045
- Carry forward weights, etc on rescore rewrite #27981 (issue: #27979)
- Fix routing with leading or trailing whitespace #27712 (issue: #27708)
- Security
-
-
Updated the
setup-passwords
command to generate passwords with charactersA-Z
,a-z
, and0-9
, so that they are safe to use in shell scripts. For more information about this command, see elasticsearch-setup-passwords. -
Improved the error messages that occur if the
x-pack
directory is missing when you runusers
commands. - Fixed the ordering of realms in a realm chain, which determines the order in which the realms are consulted. For more information, see Realms.
-
Updated the
- Sequence IDs
- Settings
-
- Settings: Introduce settings updater for a list of settings #28338 (issue: #28047)
- Fix setting notification for complex setting (affixMap settings) that could cause transient settings to be ignored #28317 (issue: #28316)
- Fix environment variable substitutions in list setting #28106 (issue: #27926)
- Allow index settings to be reset by wildcards #27671 (issue: #27537)
- Snapshot/Restore
-
- Consistent updates of IndexShardSnapshotStatus #28130 (issue: #26480)
- Avoid concurrent snapshot finalizations when deleting an INIT snapshot #28078 (issues: #27214, #27931, #27974)
- Do not start snapshots that are deleted during initialization #27931
- Do not swallow exception in ChecksumBlobStoreFormat.writeAtomic() #27597
- Consistent update of stage and failure message in IndexShardSnapshotStatus #27557 (issue: #26480)
- Fail restore when the shard allocations max retries count is reached #27493 (issue: #26865)
- Delete shard store files before restoring a snapshot #27476 (issues: #20220, #26865)
- Stats
- Term Vectors
- Watcher
-
- Replaced group settings with affix key settings where filters are needed. For more information, see https://github.com/elastic/elasticsearch/pull/28338.
Upgrades
editOn this page
Was this helpful?
Thank you for your feedback.