Geospatial analysis

Did you know that Elasticsearch has geospatial capabilities? Elasticsearch and geo go way back, to 2010. A lot has happened since then and today Elasticsearch provides robust geospatial capabilities with speed, all with a stack that scales automatically.

Not sure where to get started with Elasticsearch and geo? Then, you have come to the right place.

Elasticsearch supports two types of geo data: geo_point fields which support lat/lon pairs, and geo_shape fields, which support points, lines, circles, polygons, multi-polygons, and so on. Use explicit mapping to index geo data fields.

Have an index with lat/lon pairs but no geo_point mapping? Use runtime fields to make a geo_point field without reindexing.

Data is often messy and incomplete. Ingest pipelines lets you clean, transform, and augment your data before indexing.

Geo queries answer location-driven questions. Find documents that intersect with, are within, are contained by, or do not intersect your query geometry. Combine geospatial queries with full text search queries for unparalleled searching experience. For example, "Show me all subscribers that live within 5 miles of our new gym location, that joined in the last year and have running mentioned in their profile".

ES|QL has support for Geospatial Search functions, enabling efficient index searching for documents that intersect with, are within, are contained by, or are disjoint from a query geometry. In addition, the ST_DISTANCE function calculates the distance between two points.

Aggregations summarizes your data as metrics, statistics, or other analytics. Use bucket aggregations to group documents into buckets, also called bins, based on field values, ranges, or other criteria. Then, use metric aggregations to calculate metrics, such as a sum or average, from field values in each bucket. Compare metrics across buckets to gain insights from your data.

Geospatial bucket aggregations:

Geospatial metric aggregations:

Combine aggregations to perform complex geospatial analysis. For example, to calculate the most recent GPS tracks per flight, use a terms aggregation to group documents into buckets per aircraft. Then use geo-line aggregation to compute a track for each aircraft. In another example, use geotile grid aggregation to group documents into a grid. Then use geo-centroid aggregation to find the weighted centroid of each grid cell.

Use vector tile search API to consume Elasticsearch geo data within existing GIS infrastructure.

Visualize geo data with Kibana. Add your map to a dashboard to view your data from all angles.

This dashboard shows the effects of the Cumbre Vieja eruption.

Put machine learning to work for you and find the data that should stand out with anomaly detections. Find credit card transactions that occur in an unusual locations or a web request that has an unusual source location. Location-based anomaly detections make it easy to find and explore and compare anomalies with their typical locations.

Let your location data drive insights and action with geographic alerts. Commonly referred to as geo-fencing, track moving objects as they enter or exit a boundary to receive notifications through common business systems (email, Slack, Teams, PagerDuty, and more).

Interested in learning more? Follow step-by-step instructions for setting up tracking containment alerts to monitor moving vehicles.