elastic has released version 5.2 of their search software, Elasticsearch. Here is what you can expect from this release:
- Numeric & Date range fields: New field types (integer_range, float_range, long_range, double_range, and date_range) were added allowing you to define a minimum and maximum numeric or date range when you post data to the document field. For example, an event lasting an entire weekend can now be easily added and can then be searched by checking if the event’s date range lies inside or outside a search range or a specific date falls within the event’s date range.
- Cluster Allocation Explain API: For Elasticsearch admins, when a cluster went down because of shards not being allocated often required a number of queries to different APIs to figure out what exactly happened to a cluster. The new Cluster Allocation Explain API combines the information scattered around different APIs to make it easier to diagnose the problem and get it solved quicker.
- Keyword Normalization: For the new keyword type added in version 5.0, it was not easy to do things like lowercase the characters since it was meant for aggregations & scripting. This update allows you to use normalizers – tokenizers that only affect individual characters, not entire terms. This allows you to use character modifiers on the field when you need to.
- Term Aggregation Partitioning: Elasticsearch defaults term aggregations to the top 10 but can be set to higher values. However, many were requesting if there was a way to just return all top terms (such as using a negative value). However, it is not possible. Why? Because can take much longer for databases with many thousands, millions, or even billions of terms. However, people were persistent so they came up with another way. An example is looking for all the accounts that have not logged in recently. In this update you can partition the terms across a set number then request the terms from each partition individually.