Home for Elasticsearch examples available to everyone. It's a great way to get started.

Related tags

Searchexamples
Overview

Introduction

This is a collection of examples to help you get familiar with the Elastic Stack. Each example folder includes a README with detailed instructions for getting up and running with the particular example. The following information pertains to the examples repo as a whole.

Contents

Quick start

You have a few options to get started with the examples:

  • If you want to try them all, you can download the entire repo . Or, if you are familiar with Git, you can clone the repo. Then, simply follow the instructions in the individual README of the examples you're interested in to get started.

  • If you are only interested in a specific example or two, you can download the contents of just those examples - follow instructions in the individual READMEs OR you can use some of the options mentioned here.

Contributing

See here

Example catalog

Below is the list of examples available in this repo:

Common Data Formats

Exploring Public Datasets

Examples using the Elastic Stack for analyzing public dataset.

Getting Started with Graph exploration

Alerting on Elastic Stack

Alerting lets you set up watches (or rules) to detect and alert on changes in your Elasticsearch data. Below is a list of examples watches that configured to detect and alert on a few common scenarios:

Machine learning

Search & API Examples

Security Analytics

Miscellaneous

Comments
  • NYC collision data example

    NYC collision data example

    Hi, I'm a newbie, I'm running the nyc collision data example, and have elasic and kibana up and running, data and examples files are downloaded.

    I'm getting an error with step 1. ingest data into elasticsearch using logstash: cat nyc_collision_data.csv | d:/downloads/logstash-2.3.0/bin/logstash -f nyc_collision_logstash.conf

    I'm using windows command prompt, and the message I receive is: 'cat' is not recognized as an internal or external command, operable program or batch file.

    how do i get past this error? thx, rains

    image

    opened by rains555 22
  • Can't uncompress snapshot with DonorsChoose.org data

    Can't uncompress snapshot with DonorsChoose.org data

    Hi,

    Thank you very much for the example with DonorsChoose data, it's awesome!

    I wanted to run the example on my local pc, unfortunately I have problem with downloaded snapshot - I can't unpack it. I tried with winrar and 7-zip, but both failed. Error is always the same:

    image

    What is quite interesting to me, is fact that when I'm downloading file, the size is 7.5GB:

    image

    File downloads fine, but its size is different than expected:

    image

    Only 4.95GB.

    OS: windows 10 File System: NTFS Free space before unpacking: 10 GB

    Any help much appreciated. Thank you.

    opened by robertlyson 16
  • twitter_elk_example

    twitter_elk_example

    Hi, did not hear back on the nyc_collision example so tried the twitter_elk_example. logstash pipeline was started by 4 workers but then received this error in teh screen shot. any idea on how to resolve this error and get this example working?

    image

    opened by rains555 14
  • Problem loading sample dashboard

    Problem loading sample dashboard

    Hello, I'm a newbie and got kibana and elasticsearch running. I managed to ingest the data & do get a count response of approximately 473039

    But I cannot complete the next step to load the dashboard. Folllowing this in Kibana: Click the Settings tab >> Objects tab >> Import, and select restaurants_kibana.json

    I do get: Saved Objects: Cannot read property 'listeners' of undefined

    Can someone help walk me through? What am I missing?

    docs 
    opened by Sputniza 13
  • Installation setup docker

    Installation setup docker

    Hi,

    As discussed in issue https://github.com/elastic/examples/issues/18 here's an initial draft of an ELK stack Docker setup.

    Please review and edit anywhere you deem appropriate.

    Thanks.

    opened by rudijs 6
  • Error: Could not parse application options: invalid option: --manifestdir

    Error: Could not parse application options: invalid option: --manifestdir

    I tried downloading both v1 and v2 demo's, but when I install the NYC traffic demo i get the error:

    Error: Could not parse application options: invalid option: --manifestdir

    at the point where puppet is doing the provisioning. Looking around it seems this was deprecated in the 4.x puppet versions. https://github.com/mitchellh/vagrant/issues/3740

    Not really clear where to take it from here though. Any help to get the demo working would be appreciated.

    opened by ms82119 6
  • Configs for metricbeat and filebeat on EKS

    Configs for metricbeat and filebeat on EKS

    This example adds Kubernetes configuration files to run Metricbeat and Filebeat on Amazon EKS. EKS is slightly different in what comes OOTB compared to vanilla k8s that we reference in our documentation.

    I will also be referencing this example in a blog post on Monitoring EKS.

    Appreciate a quick review. Thanks!

    opened by asjadathick 5
  • Could not locate that visualization (id: BRFSS:-Respondents)

    Could not locate that visualization (id: BRFSS:-Respondents)

    screenshot from 2017-10-30 15-32-57 After uploading the data into elasticsearch, I'm unable to see the visualization in the kibana dashboard. For every element in the dashboard I get this error with different id not being located. screenshot from 2017-10-30 15-15-48

    Can't Reproduce 
    opened by osat 5
  • CPU - Change in IOWait is not suitable for the metricbeat

    CPU - Change in IOWait is not suitable for the metricbeat

    The Sample "CPU - Change in IOWait" is not suitable for the metricbeat, which is the replacement for topbeat. Error informaiton: SearchPhaseExecutionException[all shards failed]; nested: RemoteTransportException[elk5-es-poc-node-3][10.193.105.128:9301][indices:data/read/search[phase/query]]]; nested: IllegalArgumentException[Fielddata is disabled on text fields by default. Set fielddata=true on [beat.hostname] in order to load fielddata in memory by uninverting the inverted index. Note that this can however use significant memory.];

    opened by sitanxin 5
  • Canvas AMA Json Templates Fail

    Canvas AMA Json Templates Fail

    The Canvas AMA templates fail. The instructions and bulk load show the index as amaresponses.

    The Canvas widgets reference "responses" which of course fails:

    {escount index="responses" q="business_group:Engineering"}
    

    Changing all references from "responses" to "amaresponses" fixes the issue:

    {escount index="amaresponses" q="business_group:Engineering"}
    
    opened by packet-rat 4
  • Machine Learning example Lab 3 type field inconcisteny

    Machine Learning example Lab 3 type field inconcisteny

    The mapping for the index for Machine Learning example Lab 3 (user activity) defines metric as the type here: https://github.com/elastic/examples/blob/master/Machine%20Learning/Getting%20Started%20Examples/user_activity/ingest-data.sh#L23

    However, the JSON data referenced in the README file (https://github.com/elastic/examples/blob/master/Machine%20Learning/Getting%20Started%20Examples/user_activity/README.md) for the wget command uses log as the type.

    So the metric mapping will not be used when ingesting the data. Furthermore, with upcoming versions of Elasticsearch, this example will not work anymore, because support for multiple mapping types within an index will be deprecated.

    To fix this, the type fields need to match both in the ingest script as well as the JSON data.

    opened by walterra 4
  • Bump certifi from 2019.11.28 to 2022.12.7 in /Machine Learning/Analytics Jupyter Notebooks

    Bump certifi from 2019.11.28 to 2022.12.7 in /Machine Learning/Analytics Jupyter Notebooks

    Bumps certifi from 2019.11.28 to 2022.12.7.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies python 
    opened by dependabot[bot] 0
  • Bump certifi from 2017.7.27.1 to 2022.12.7 in /Exploring Public Datasets/nyc_restaurants/scripts

    Bump certifi from 2017.7.27.1 to 2022.12.7 in /Exploring Public Datasets/nyc_restaurants/scripts

    Bumps certifi from 2017.7.27.1 to 2022.12.7.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies python 
    opened by dependabot[bot] 0
  • Bump protobuf from 3.1.0.post1 to 3.18.3 in /Alerting/Sample Watches

    Bump protobuf from 3.1.0.post1 to 3.18.3 in /Alerting/Sample Watches

    Bumps protobuf from 3.1.0.post1 to 3.18.3.

    Release notes

    Sourced from protobuf's releases.

    Protocol Buffers v3.18.3

    C++

    Protocol Buffers v3.16.1

    Java

    • Improve performance characteristics of UnknownFieldSet parsing (#9371)

    Protocol Buffers v3.18.2

    Java

    • Improve performance characteristics of UnknownFieldSet parsing (#9371)

    Protocol Buffers v3.18.1

    Python

    • Update setup.py to reflect that we now require at least Python 3.5 (#8989)
    • Performance fix for DynamicMessage: force GetRaw() to be inlined (#9023)

    Ruby

    • Update ruby_generator.cc to allow proto2 imports in proto3 (#9003)

    Protocol Buffers v3.18.0

    C++

    • Fix warnings raised by clang 11 (#8664)
    • Make StringPiece constructible from std::string_view (#8707)
    • Add missing capability attributes for LLVM 12 (#8714)
    • Stop using std::iterator (deprecated in C++17). (#8741)
    • Move field_access_listener from libprotobuf-lite to libprotobuf (#8775)
    • Fix #7047 Safely handle setlocale (#8735)
    • Remove deprecated version of SetTotalBytesLimit() (#8794)
    • Support arena allocation of google::protobuf::AnyMetadata (#8758)
    • Fix undefined symbol error around SharedCtor() (#8827)
    • Fix default value of enum(int) in json_util with proto2 (#8835)
    • Better Smaller ByteSizeLong
    • Introduce event filters for inject_field_listener_events
    • Reduce memory usage of DescriptorPool
    • For lazy fields copy serialized form when allowed.
    • Re-introduce the InlinedStringField class
    • v2 access listener
    • Reduce padding in the proto's ExtensionRegistry map.
    • GetExtension performance optimizations
    • Make tracker a static variable rather than call static functions
    • Support extensions in field access listener
    • Annotate MergeFrom for field access listener
    • Fix incomplete types for field access listener
    • Add map_entry/new_map_entry to SpecificField in MessageDifferencer. They record the map items which are different in MessageDifferencer's reporter.
    • Reduce binary size due to fieldless proto messages
    • TextFormat: ParseInfoTree supports getting field end location in addition to start.

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies python 
    opened by dependabot[bot] 0
  • Example for Malware Analysis Winlog beat wana_cry is 5 years old.

    Example for Malware Analysis Winlog beat wana_cry is 5 years old.

    Will there ever be an update so that these images (wana_cry) can be used with a current version of elasticsearch? The snapshots cannot be used since there is a version miss match. See https://www.elastic.co/guide/en/elasticsearch/reference/current/snapshot-restore.html

    opened by DackJempsey 1
  • Bump nbconvert from 5.6.1 to 6.5.1 in /Machine Learning/Analytics Jupyter Notebooks

    Bump nbconvert from 5.6.1 to 6.5.1 in /Machine Learning/Analytics Jupyter Notebooks

    Bumps nbconvert from 5.6.1 to 6.5.1.

    Release notes

    Sourced from nbconvert's releases.

    Release 6.5.1

    No release notes provided.

    6.5.0

    What's Changed

    New Contributors

    Full Changelog: https://github.com/jupyter/nbconvert/compare/6.4.5...6.5

    6.4.3

    What's Changed

    New Contributors

    Full Changelog: https://github.com/jupyter/nbconvert/compare/6.4.2...6.4.3

    6.4.0

    What's Changed

    New Contributors

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies python 
    opened by dependabot[bot] 0
Releases(v2.1)
Owner
elastic
elastic
A search engine to query social media insights with political theme

social-insights Social insights is an open source big data project that generates insights about various interesting topics happening every day. Curre

UMass GDSC 10 Feb 28, 2022
Wagtail CLIP allows you to search your Wagtail images using natural language queries.

Wagtail CLIP allows you to search your Wagtail images using natural language queries.

Matt Segal 10 Dec 21, 2022
Google Search Engine Results Pages (SERP) in locally, no API key, no signup required

Local SERP Google Search Engine Results Pages (SERP) in locally, no API key, no signup required Make sure the chromedriver and required package are in

theblackcat102 4 Jun 29, 2021
Pysolr — Python Solr client

pysolr pysolr is a lightweight Python client for Apache Solr. It provides an interface that queries the server and returns results based on the query.

Haystack Search 626 Dec 01, 2022
rclip - AI-Powered Command-Line Photo Search Tool

rclip is a command-line photo search tool based on the awesome OpenAI's CLIP neural network.

Yurij Mikhalevich 394 Dec 12, 2022
A simple tool for searching images inside a local folder with text/image input using CLIP

clip-search (WIP) A simple tool for searching images inside a local folder with text/image input using CLIP 10 results for "a blonde woman" in a folde

5 Dec 25, 2022
cve-search - a tool to perform local searches for known vulnerabilities

cve-search cve-search is a tool to import CVE (Common Vulnerabilities and Exposures) and CPE (Common Platform Enumeration) into a MongoDB to facilitat

cve-search 2k Jan 01, 2023
Inverted index creation and query search mechanism on Wikipedia pages.

WikiPedia Search Engine Step 1 : Installing Requirements Install "stemming" module for python using pip. Step 2 : Parsing the Data To parse the data,

Piyush Atri 1 Nov 27, 2021
A library for fast parse & import of Windows Prefetch into Elasticsearch.

prefetch2es Fast import of Windows Prefetch(.pf) into Elasticsearch. prefetch2es uses C library libscca. Usage When using from the commandline interfa

S.Nakano 5 Nov 24, 2022
Home for Elasticsearch examples available to everyone. It's a great way to get started.

Introduction This is a collection of examples to help you get familiar with the Elastic Stack. Each example folder includes a README with detailed ins

elastic 2.5k Jan 03, 2023
Senginta is All in one Search Engine Scrapper for used by API or Python Module. It's Free!

Senginta is All in one Search Engine Scrapper. With traditional scrapping, Senginta can be powerful to get result from any Search Engine, and convert to Json. Now support only for Google Product Sear

33 Nov 21, 2022
Python script for finding duplicate images within a folder.

Python script for finding duplicate images within a folder.

194 Dec 31, 2022
High level Python client for Elasticsearch

Elasticsearch DSL Elasticsearch DSL is a high-level library whose aim is to help with writing and running queries against Elasticsearch. It is built o

elastic 3.6k Dec 30, 2022
Google Project: Search and auto-complete sentences within given input text files, manipulating data with complex data-structures.

Auto-Complete Google Project In this project there is an implementation for one feature of Google's search engines - AutoComplete. Autocomplete, or wo

Hadassah Engel 10 Jun 20, 2022
User-friendly, tiny source code searcher written by pure Python.

User-friendly, tiny source code searcher written in pure Python. Example Usages Cat is equivalent in the regular expression as '^Cat$' bor class Cat

Furkan Onder 106 Nov 02, 2022
A library for fast import of Windows NT Registry(REGF) into Elasticsearch.

A library for fast import of Windows NT Registry(REGF) into Elasticsearch.

S.Nakano 3 Apr 01, 2022
Simple algorithm search engine like google in python using function

Mini-Search-Engine-Like-Google I have created the simple algorithm search engine like google in python using function. I am matching every word with w

Sachin Vinayak Dabhade 5 Sep 24, 2021
A real-time tech course finder, created using Elasticsearch, Python, React+Redux, Docker, and Kubernetes.

A real-time tech course finder, created using Elasticsearch, Python, React+Redux, Docker, and Kubernetes.

Dinesh Sonachalam 130 Dec 20, 2022
Es-schema - Common Data Schemas for Elasticsearch

Common Data Schemas for Elasticsearch The Common Data Schema for Elasticsearch i

Tim Schnell 2 Jan 25, 2022
Deep Image Search - AI-Based Image Search Engine

Deep Image Search is an AI-based image search engine that includes deep transfer learning features Extraction and tree-based vectorized search technique.

144 Jan 05, 2023