Elasticsearch is an open-source, RESTful, distributed search and analytics engine built on Apache Lucene. Since the first version of Elasticsearch was released in 2010, it has quickly become the most popular search engine, and is commonly used for log analytics, full-text search, and operational intelligence use cases.

When coupled with Kibana, a visualization tool, Elasticsearch can be used to provide near-real time analytics using large volumes of log data. Elasticsearch is also popular because of its easy-to-use search APIs which allow you to easily add powerful search capabilities to your applications.

Elasticsearch is an open-source, RESTful, distributed search and analytics engine built on Apache Lucene. You can send new data, called documents, to Elasticsearch using the API or ingestion tools such as Logstash and Amazon Kinesis Firehose. Elasticsearch automatically stores the original document and adds a searchable reference to the document in the cluster’s index. You can then search and retrieve the document using the Elasticsearch API. You can also use Kibana, an open-source analytics and visualization tool, to search, analyze, and dashboard your data.

Elasticsearch is a free open source software. You can run Elasticsearch on-premises, on Amazon EC2, or on Amazon Elasticsearch Service. With on-premises or Amazon EC2 deployments, you install Elasticsearch and other necessary software, provision infrastructure, and manage the cluster yourself. With Amazon Elasticsearch Service, you don’t have to worry about provisioning infrastructure or installing and maintaining Elasticsearch software. Amazon Elasticsearch Service is a fully managed service that simplifies time-consuming cluster management tasks such as software patching, failure recovery, backups, and monitoring.

Get Started with AWS for Free

Create a Free Account
Or Sign In to the Console

AWS Free Tier includes 750 hrs per month of a t2.micro.elasticsearch or t2.small.elasticsearch instance and 10GB per month of optional Amazon EBS storage (Magnetic or General Purpose)

View AWS Free Tier Details »


By using distributed inverted indices, Elasticsearch quickly finds the best matches for your full-text searches from even very large data sets.


Elasticsearch offers simple REST based APIs, a simple HTTP interface, and uses schema-free JSON documents making it easy to index, search, and query your data.


Elasticsearch comes integrated with Kibana, a popular visualization and reporting tool. It also offers built-in integration with Logstash to easily transform source data using pre-defined templates and load it data into your index. In addition, you can use a number of open-source Elasticsearch plug-ins such as language analyzers and suggesters to readily add rich functionality to your applications.


Elasticsearch index updates such as adding a new document to the index usually take one second or less before the updated data is available for search. This lets you use Elasticsearch for near real-time use cases such as application monitoring and anomaly detection.


A variety of open source clients are available for Elasticsearch developers. Supported languages include Java, Python, PHP, JavaScript, Node.js, Ruby, and many others.

  1. Log Analytics - Analyze un-structured and semi-structured logs generated by websites, mobile devices, servers, sensors, and more for a wide variety of applications such as digital marketing, application monitoring, fraud detection, ad tech, gaming, and IoT. Capture, pre-process, and load log data into Elasticsearch using Logstash, Amazon Kinesis Firehose, or Amazon CloudWatch Logs. You can then search, explore, and visualize the data using Kibana and the Elasticsearch query DSL to gain valuable insights about your users and applications.
  2. Full Text Search - Provide your customers with a rich search and navigation experience. Elasticsearch supports faceting, which allows your customers to narrow their search results by value ranges for fields like price, product characteristics, and brands; ability to create advanced search criteria filters; search-as-you-type suggesters; and near real-time index updates.
  3. Distributed Document Store - Power your application with an easy to use JSON document-oriented storage platform. Elasticsearch provides a simple REST API, fast performance, powerful search capabilities, so you can build highly performant applications that can store and retrieve billions of documents.
  4. Real-time Application Monitoring - Capture activity logs across your customer-facing applications and websites. Use Logstash to push these logs to your Elasticsearch cluster. Elasticsearch indexes the data and makes it available for analysis in near real-time (less than one second). You can then use Kibana to visualize the data and perform operational analyses like identifying outages and problems. With Elasticsearch’s geospatial analysis, you can identify the geographical region where the problem is occurring. Troubleshooting teams can then search the index and perform statistical aggregations to identify root cause and fix issues.

Managing and scaling Elasticsearch can be difficult and requires deeper familiarity with Elasticsearch setup and configuration. To make it easy for customers to run Elasticsearch, AWS offers Amazon Elasticsearch Service. It is a fully managed service that delivers Elasticsearch along with the availability, scalability, and security required by production workloads.