• Elasticsearch is a full-text search and analytics engine based on Apache Lucene.
• It makes it easier to perform data aggregation operations on data from multiple sources and to perform unstructured queries such as Fuzzy Searches on the stored data.
• It stores data in a document-like format and serializes data in JSON format.
• It is distributed and horizontally scalable.
• It is RESTful, and its operations can easily be accessed over HTTP through the API.
• It is possible to effectively operate on the persistent storage data through CRUD operations.
• Elasticsearch works on a concept known as inverse indexing.
  • This concept comes from Lucene.
  • This index is similar to terms present at the back of a book that show the pages on which each critical term in the book may be present or discussed.
  • The inverted index makes it easier to resolve queries to specific documents they could be related to based on the keywords present in the query.
    • It speeds up a document retrieval process by limiting the search space of documents to be considered for that query.

An overview of the Elastic Stack | Starting with the Elasticsearch Platform and its Solutions [8.9] | Elastic

Overview | enterprise-search-js [8.9] | Elastic

Ingest

• Elastic provides several components that ingest data:
  • Collect and ship logs, metrics, and other data types with Elastic Agent or Beats.
  • Manage your Elastic Agents with Fleet.
  • Collect detailed performance information with Elastic APM.
• If you want to transform or enrich data before it’s stored, you can use Elasticsearch ingest pipelines or Logstash.
• Refer to Adding data to Elasticsearch to help you decide which ingest component to use.

Fleet and Elastic Agent

• Elastic Agent is a single, unified way to add monitoring for logs, metrics, and other types of data to a host.
  • It can also protect hosts from security threats, query data from operating systems, forward data from remote services or hardware, and more.
  • Each agent has a single policy to which you can add integrations for new data sources, security protections, and more.
• Fleet enables you to manage Elastic Agents and their policies centrally.
  • Use Fleet to monitor the state of all your Elastic Agents, manage agent policies, and upgrade Elastic Agent binaries or integrations.

Elastic APM

• Elastic APM is an application performance monitoring system built on the Elastic Stack.
• It allows you to monitor software services and applications in real time by collecting detailed performance information on response time for incoming requests, database queries, calls to caches, external HTTP requests, and more.
• This makes it easy to pinpoint and fix performance problems quickly.