Home for Elasticsearch examples available to everyone. It's a great way to get started.

Related tags

Searchexamples
Overview

Introduction

This is a collection of examples to help you get familiar with the Elastic Stack. Each example folder includes a README with detailed instructions for getting up and running with the particular example. The following information pertains to the examples repo as a whole.

Contents

Quick start

You have a few options to get started with the examples:

  • If you want to try them all, you can download the entire repo . Or, if you are familiar with Git, you can clone the repo. Then, simply follow the instructions in the individual README of the examples you're interested in to get started.

  • If you are only interested in a specific example or two, you can download the contents of just those examples - follow instructions in the individual READMEs OR you can use some of the options mentioned here.

Contributing

See here

Example catalog

Below is the list of examples available in this repo:

Common Data Formats

Exploring Public Datasets

Examples using the Elastic Stack for analyzing public dataset.

Getting Started with Graph exploration

Alerting on Elastic Stack

Alerting lets you set up watches (or rules) to detect and alert on changes in your Elasticsearch data. Below is a list of examples watches that configured to detect and alert on a few common scenarios:

Machine learning

Search & API Examples

Security Analytics

Miscellaneous

Comments
  • NYC collision data example

    NYC collision data example

    Hi, I'm a newbie, I'm running the nyc collision data example, and have elasic and kibana up and running, data and examples files are downloaded.

    I'm getting an error with step 1. ingest data into elasticsearch using logstash: cat nyc_collision_data.csv | d:/downloads/logstash-2.3.0/bin/logstash -f nyc_collision_logstash.conf

    I'm using windows command prompt, and the message I receive is: 'cat' is not recognized as an internal or external command, operable program or batch file.

    how do i get past this error? thx, rains

    image

    opened by rains555 22
  • Can't uncompress snapshot with DonorsChoose.org data

    Can't uncompress snapshot with DonorsChoose.org data

    Hi,

    Thank you very much for the example with DonorsChoose data, it's awesome!

    I wanted to run the example on my local pc, unfortunately I have problem with downloaded snapshot - I can't unpack it. I tried with winrar and 7-zip, but both failed. Error is always the same:

    image

    What is quite interesting to me, is fact that when I'm downloading file, the size is 7.5GB:

    image

    File downloads fine, but its size is different than expected:

    image

    Only 4.95GB.

    OS: windows 10 File System: NTFS Free space before unpacking: 10 GB

    Any help much appreciated. Thank you.

    opened by robertlyson 16
  • twitter_elk_example

    twitter_elk_example

    Hi, did not hear back on the nyc_collision example so tried the twitter_elk_example. logstash pipeline was started by 4 workers but then received this error in teh screen shot. any idea on how to resolve this error and get this example working?

    image

    opened by rains555 14
  • Problem loading sample dashboard

    Problem loading sample dashboard

    Hello, I'm a newbie and got kibana and elasticsearch running. I managed to ingest the data & do get a count response of approximately 473039

    But I cannot complete the next step to load the dashboard. Folllowing this in Kibana: Click the Settings tab >> Objects tab >> Import, and select restaurants_kibana.json

    I do get: Saved Objects: Cannot read property 'listeners' of undefined

    Can someone help walk me through? What am I missing?

    docs 
    opened by Sputniza 13
  • Installation setup docker

    Installation setup docker

    Hi,

    As discussed in issue https://github.com/elastic/examples/issues/18 here's an initial draft of an ELK stack Docker setup.

    Please review and edit anywhere you deem appropriate.

    Thanks.

    opened by rudijs 6
  • Error: Could not parse application options: invalid option: --manifestdir

    Error: Could not parse application options: invalid option: --manifestdir

    I tried downloading both v1 and v2 demo's, but when I install the NYC traffic demo i get the error:

    Error: Could not parse application options: invalid option: --manifestdir

    at the point where puppet is doing the provisioning. Looking around it seems this was deprecated in the 4.x puppet versions. https://github.com/mitchellh/vagrant/issues/3740

    Not really clear where to take it from here though. Any help to get the demo working would be appreciated.

    opened by ms82119 6
  • Configs for metricbeat and filebeat on EKS

    Configs for metricbeat and filebeat on EKS

    This example adds Kubernetes configuration files to run Metricbeat and Filebeat on Amazon EKS. EKS is slightly different in what comes OOTB compared to vanilla k8s that we reference in our documentation.

    I will also be referencing this example in a blog post on Monitoring EKS.

    Appreciate a quick review. Thanks!

    opened by asjadathick 5
  • Could not locate that visualization (id: BRFSS:-Respondents)

    Could not locate that visualization (id: BRFSS:-Respondents)

    screenshot from 2017-10-30 15-32-57 After uploading the data into elasticsearch, I'm unable to see the visualization in the kibana dashboard. For every element in the dashboard I get this error with different id not being located. screenshot from 2017-10-30 15-15-48

    Can't Reproduce 
    opened by osat 5
  • CPU - Change in IOWait is not suitable for the metricbeat

    CPU - Change in IOWait is not suitable for the metricbeat

    The Sample "CPU - Change in IOWait" is not suitable for the metricbeat, which is the replacement for topbeat. Error informaiton: SearchPhaseExecutionException[all shards failed]; nested: RemoteTransportException[elk5-es-poc-node-3][10.193.105.128:9301][indices:data/read/search[phase/query]]]; nested: IllegalArgumentException[Fielddata is disabled on text fields by default. Set fielddata=true on [beat.hostname] in order to load fielddata in memory by uninverting the inverted index. Note that this can however use significant memory.];

    opened by sitanxin 5
  • Canvas AMA Json Templates Fail

    Canvas AMA Json Templates Fail

    The Canvas AMA templates fail. The instructions and bulk load show the index as amaresponses.

    The Canvas widgets reference "responses" which of course fails:

    {escount index="responses" q="business_group:Engineering"}

    Changing all references from "responses" to "amaresponses" fixes the issue:

    {escount index="amaresponses" q="business_group:Engineering"}
    opened by packet-rat 4
  • Machine Learning example Lab 3 type field inconcisteny

    Machine Learning example Lab 3 type field inconcisteny

    The mapping for the index for Machine Learning example Lab 3 (user activity) defines metric as the type here: https://github.com/elastic/examples/blob/master/Machine%20Learning/Getting%20Started%20Examples/user_activity/ingest-data.sh#L23

    However, the JSON data referenced in the README file (https://github.com/elastic/examples/blob/master/Machine%20Learning/Getting%20Started%20Examples/user_activity/README.md) for the wget command uses log as the type.

    So the metric mapping will not be used when ingesting the data. Furthermore, with upcoming versions of Elasticsearch, this example will not work anymore, because support for multiple mapping types within an index will be deprecated.

    To fix this, the type fields need to match both in the ingest script as well as the JSON data.

    opened by walterra 4
  • Bump certifi from 2019.11.28 to 2022.12.7 in /Machine Learning/Analytics Jupyter Notebooks

    Bump certifi from 2019.11.28 to 2022.12.7 in /Machine Learning/Analytics Jupyter Notebooks

    Bumps certifi from 2019.11.28 to 2022.12.7.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies python 
    opened by dependabot[bot] 0
  • Bump certifi from 2017.7.27.1 to 2022.12.7 in /Exploring Public Datasets/nyc_restaurants/scripts

    Bump certifi from 2017.7.27.1 to 2022.12.7 in /Exploring Public Datasets/nyc_restaurants/scripts

    Bumps certifi from 2017.7.27.1 to 2022.12.7.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies python 
    opened by dependabot[bot] 0
  • Bump protobuf from 3.1.0.post1 to 3.18.3 in /Alerting/Sample Watches

    Bump protobuf from 3.1.0.post1 to 3.18.3 in /Alerting/Sample Watches

    Bumps protobuf from 3.1.0.post1 to 3.18.3.

    Release notes

    Sourced from protobuf's releases.

    Protocol Buffers v3.18.3

    C++

    Protocol Buffers v3.16.1

    Java

    • Improve performance characteristics of UnknownFieldSet parsing (#9371)

    Protocol Buffers v3.18.2

    Java

    • Improve performance characteristics of UnknownFieldSet parsing (#9371)

    Protocol Buffers v3.18.1

    Python

    • Update setup.py to reflect that we now require at least Python 3.5 (#8989)
    • Performance fix for DynamicMessage: force GetRaw() to be inlined (#9023)

    Ruby

    • Update ruby_generator.cc to allow proto2 imports in proto3 (#9003)

    Protocol Buffers v3.18.0

    C++

    • Fix warnings raised by clang 11 (#8664)
    • Make StringPiece constructible from std::string_view (#8707)
    • Add missing capability attributes for LLVM 12 (#8714)
    • Stop using std::iterator (deprecated in C++17). (#8741)
    • Move field_access_listener from libprotobuf-lite to libprotobuf (#8775)
    • Fix #7047 Safely handle setlocale (#8735)
    • Remove deprecated version of SetTotalBytesLimit() (#8794)
    • Support arena allocation of google::protobuf::AnyMetadata (#8758)
    • Fix undefined symbol error around SharedCtor() (#8827)
    • Fix default value of enum(int) in json_util with proto2 (#8835)
    • Better Smaller ByteSizeLong
    • Introduce event filters for inject_field_listener_events
    • Reduce memory usage of DescriptorPool
    • For lazy fields copy serialized form when allowed.
    • Re-introduce the InlinedStringField class
    • v2 access listener
    • Reduce padding in the proto's ExtensionRegistry map.
    • GetExtension performance optimizations
    • Make tracker a static variable rather than call static functions
    • Support extensions in field access listener
    • Annotate MergeFrom for field access listener
    • Fix incomplete types for field access listener
    • Add map_entry/new_map_entry to SpecificField in MessageDifferencer. They record the map items which are different in MessageDifferencer's reporter.
    • Reduce binary size due to fieldless proto messages
    • TextFormat: ParseInfoTree supports getting field end location in addition to start.

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies python 
    opened by dependabot[bot] 0
  • Example for Malware Analysis Winlog beat wana_cry is 5 years old.

    Example for Malware Analysis Winlog beat wana_cry is 5 years old.

    Will there ever be an update so that these images (wana_cry) can be used with a current version of elasticsearch? The snapshots cannot be used since there is a version miss match. See https://www.elastic.co/guide/en/elasticsearch/reference/current/snapshot-restore.html

    opened by DackJempsey 1
  • Bump nbconvert from 5.6.1 to 6.5.1 in /Machine Learning/Analytics Jupyter Notebooks

    Bump nbconvert from 5.6.1 to 6.5.1 in /Machine Learning/Analytics Jupyter Notebooks

    Bumps nbconvert from 5.6.1 to 6.5.1.

    Release notes

    Sourced from nbconvert's releases.

    Release 6.5.1

    No release notes provided.

    6.5.0

    What's Changed

    New Contributors

    Full Changelog: https://github.com/jupyter/nbconvert/compare/6.4.5...6.5

    6.4.3

    What's Changed

    New Contributors

    Full Changelog: https://github.com/jupyter/nbconvert/compare/6.4.2...6.4.3

    6.4.0

    What's Changed

    New Contributors

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies python 
    opened by dependabot[bot] 0
Releases(v2.1)
Owner
elastic
elastic
GitHub Repository
PwnWiki Telegram database searching bot

pwtgbot PwnWiki Telegram database searching bot. Screenshots How it looks like in the terminal when running How it looks like in Telegram Run Directly

K4YT3X 3 Jan 25, 2022
ForFinder is a search tool for folder and files

ForFinder is a search tool for folder and files. You can use that when you Source Code Analysis at your project's local files or other projects that you are download. Enter a root path and keyword to

Çağrı Aliş 7 Oct 25, 2022
Es-schema - Common Data Schemas for Elasticsearch

Common Data Schemas for Elasticsearch The Common Data Schema for Elasticsearch i

Tim Schnell 2 Jan 25, 2022
PwnWiki 数据库搜索命令行工具;该工具有点像 searchsploit 命令,只是搜索的不是 Exploit Database 而是 PwnWiki 条目

PWSearch PwnWiki 数据库搜索命令行工具。该工具有点像 searchsploit 命令,只是搜索的不是 Exploit Database 而是 PwnWiki 条目。

K4YT3X 72 Dec 20, 2022
Yet another googlesearch - A Python library for executing intelligent, realistic-looking, and tunable Google searches.

yagooglesearch - Yet another googlesearch Overview yagooglesearch is a Python library for executing intelligent, realistic-looking, and tunable Google

115 Dec 29, 2022
🔍 Messages Searcher is make for search custom message in all channels in guild and dm.

🔍 Messages Searcher is make for search custom message in all channels in guild and dm.

Kaneki 33 Dec 31, 2022
Simple algorithm search engine like google in python using function

Mini-Search-Engine-Like-Google I have created the simple algorithm search engine like google in python using function. I am matching every word with w

Sachin Vinayak Dabhade 5 Sep 24, 2021
GitScanner is a script to make it easy to search for Exposed Git through an advanced Google search.

GitScanner Legal disclaimer Usage of GitScanner for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to

Kaio Gomes 3 Oct 28, 2022
Wagtail CLIP allows you to search your Wagtail images using natural language queries.

Wagtail CLIP allows you to search your Wagtail images using natural language queries.

Matt Segal 10 Dec 21, 2022
Google Search Engine Results Pages (SERP) in locally, no API key, no signup required

Local SERP Google Search Engine Results Pages (SERP) in locally, no API key, no signup required Make sure the chromedriver and required package are in

theblackcat102 4 Jun 29, 2021
A Python web searcher library with different search engines

Robert A simple Python web searcher library with different search engines. Install pip install roberthelper Usage from robert import GoogleSearcher

1 Dec 23, 2021
Super Simple Similarities Service

Super Simple Similarities Service

vincent d warmerdam 95 Dec 25, 2022
This project is a sample demo of Arxiv search related to AI/ML Papers built using Streamlit, sentence-transformers and Faiss.

This project is a sample demo of Arxiv search related to AI/ML Papers built using Streamlit, sentence-transformers and Faiss.

Karn Deb 49 Oct 30, 2022
Python Elasticsearch handler for the standard python logging framework

Python Elasticsearch Log handler This library provides an Elasticsearch logging appender compatible with the python standard logging library. This lib

Mohammed Mousa 0 Dec 08, 2021
基于RSSHUB阅读器实现的获取P站排行和P站搜图,使用时需使用代理

基于RSSHUB阅读器实现的获取P站排行和P站搜图

34 Dec 05, 2022
Reverse-ikea-image-search - A simple image of ikea search using jina.ai

IKEA Reverse Image Search This is a demo project to fetch ikea product images(IK

SOUVIK GHOSH 4 Mar 08, 2022
Google Project: Search and auto-complete sentences within given input text files, manipulating data with complex data-structures.

Auto-Complete Google Project In this project there is an implementation for one feature of Google's search engines - AutoComplete. Autocomplete, or wo

Hadassah Engel 10 Jun 20, 2022
Free and Open, Distributed, RESTful Search Engine

Elasticsearch Elasticsearch is the distributed, RESTful search and analytics engine at the heart of the Elastic Stack. You can use Elasticsearch to st

elastic 62.4k Jan 08, 2023
Modular search for Django

Haystack Author: Daniel Lindsley Date: 2013/07/28 Haystack provides modular search for Django. It features a unified, familiar API that allows you to

Haystack Search 3.4k Jan 04, 2023
A search engine to query social media insights with political theme

social-insights Social insights is an open source big data project that generates insights about various interesting topics happening every day. Curre

UMass GDSC 10 Feb 28, 2022