If you're looking for Elasticsearch Interview Questions for Experienced or Freshers, you are at right place. There are lot of opportunities from many reputed companies in the world. According to research Elasticsearch has a market share of about 0.24%. So, You still have the opportunity to move ahead in your career in Elasticsearch Engineering. Mindmajix offers Advanced Elasticsearch Interview Questions that helps you in cracking your interview & acquire dream career as Elasticsearch Engineer.
Want to Enrich your Career Potential as an ElasticSearch Developer then Enrol in our Elasticsearch Online Training Course
Below mentioned are the most frequently asked Elasticsearch interview questions. Let's have a look into them
Elasticsearch Interview Questions - Frequently Asked [Updated-2021]
Top Elasticsearch Interview Questions And Answers
Q1) What is Elasticsearch?
Ans: Elasticsearch is an open-source distributed search and analysis engine built on Apache Lucene. With time, it has become a popular search engine which is commonly used for security intelligence, business analytics, operational intelligence, log analytics, and full-text search and more.
Q2) What are the important features of Elasticsearch?
Ans: Here are important features of Elasticsearch:
- Full-Text Search
- An open-source search server written using Java
- Used to index all type of heterogeneous data
- Near Real-Time (NRT) search
- Has REST API web-interface with JSON output
- Sharded, replicated searchable, JSON document store.
- Multi-language & Geolocation support
- Schema-free, REST & JSON based distributed document store
Q3) What is a cluster?
Ans: A cluster is a group of nodes with the same cluster.name attribute which together holds data and provides joined indexing and search capabilities.
Q4) What is the ELK stack?
Ans: In Elasticsearch, ELK Stack is a collection of three open-source products — Elasticsearch, Logstash, and Kibana.
E stands for ElasticSearch: used for storing logs.
L means LogStash: used for both shipping, processing and storing logs.
K stands for Kibana: a visualization tool.
Q5) What are the advantages of Elasticsearch?
Ans: Some of the biggest advantages of Elasticsearch are as follows -
- Creates and stores schema-less data
- Manipulates data record by using Multi-document APIs
- Filtering and querying data for insights
- Based on Apache Lucene and provides RESTful API
- Helps you to scale vertically and horizontally
Q6) Explain ELK stack architecture?
Ans: ELK stack allows users to fetch data from heterogeneous data source and analyze, visualize it in real time. ELK architecture consists of following things -
Logs: First of all, user identifies what server logs need to be analyzed
Logstash: Collect logs and events data. It also parses and transforms data.
ElasticSearch: The transformed data is then stored, searched, and indexed.
Kibana: Kibana uses Elasticsearch database to Explore, Visualize, and Share
Q7. What are the primary operations performed in a Document?
Ans: Here, are important operation performed on documents:
- Indexing a document
- Fetching documents
- Updating documents
- Deleting documents
Q8. How can you delete an index in Elasticsearch?
Ans: To delete an index in Elasticsearch, use the below command.
For eg. DELETE/website
Q9. What is a method to add a mapping in an Index?
Ans: Elasticsearch lets you to create the mapping as per the data given by the user in the request body. Its bulk feature can be used to add more than one JSON object in the index.
For example, POST website /_bulk.
[ Related Article:- Nested Type Mapping In Elasticsearch ]
Q10. What are the various ways of searching in Elasticsearch?
Ans: We have different ways of searching in Elasticsearch:
- Multi-index, Multitype search: A user can search APIs that can be applied across several indices through a multi-index support system.
- URI (uniform resource identifier) search: A user can execute a search request using a URI by providing requested parameters.
- Request body search: A search request needs to be executed by a search DSL.
Q11. Where is Elastic search stored?
Ans: Elastic search results are stored in a distributed document in different directories. Also, a user can retrieve complex data structures that are serialized as JSON documents.
Q12. What are some of the configuration management tool supported by Elasticsearch
Ans: Some important configuration management tool supported by Elasticsearch are as follows:
Subscribe to our youtube channel to get new updates..!
Puppet – puppet-elasticsearch
Chef – cookbook-elasticsearch
Ansible – ansible-elastic search
Q13. What is Apache Lucene?
Ans: Apache Lucene is an open-source information retrieval software library written in Java language.
Q14. What is NRT in Elasticsearch?
Ans: NRT stands for Near Real-Time Search. It is a near real-time search platform ie. there will be a slight latency (approx. one second) from indexing a document until it becomes searchable.
Q15. List out different commands available in Elasticsearch cat API?
Ans: Command using with cat API are:
Cat aliases, cat fielddata, cat allocation, cat count
Cat health, pending tasks, cat plugins, cat indices, cat master, cat recovery
cat repositories, cat templates, cat snapshots
Q16. What do you mean by ingest node?
Ans: Ingest node is used to pre-process the documents before the actual document indexing is done. It intercepts bulk and index requests and applies transformations to pass the documents back to the bulk API and index.
Q17. What is Single document APIs in Elasticsearch?
- Get API
- Index API
- Delete API
- Update API
Q18. What do you mean by fuzzy query Elasticsearch?
Ans: Fuzzy query returns the document that contains terms similar to the search terms. To find the similar terms, fuzzy query creates a set of possible variations of search terms within a specified edit distance. When a user searches for some terms using fuzzy query, the system returns the most resembling terms for each expansion.
Q19. What is dynamic mapping in Elasticsearch?
Ans: The process of automatic detection and addition of new fields is called dynamic mapping. Also, a user can customize the dynamic mapping rules to suit the requirement.
Q20. What is the explore API in Elasticsearch?
Ans: The explore API helps in extracting and summarizing information about the documents and terms in the elastic search index. You can understand the behavior of this API by using the Graph UI to explore connections.
[ Related Article:- Learn Elasticsearch Update API ]
Q21. What software is prerquired to install Elasticsearch?
Ans: Latest JDK or Java version 1.8.0 is a prerequisite to install Elasticsearch.
Q22. What is the step by step procedure to start an Elasticsearch server?
Ans: Follow the given steps to start an elasticsearch server
First of all open the command prompt from the windows start menu
Change the directory to the bin folder of the elasticsearch folder which was created after its installation
Type/Elasticsearch.bat and press enter to start the Elasticsearch server
By following these steps, Elasticsearch will start in CMD in the background. Further, open browser and type http://localhost:9200 and press enter. This will show you the elasticsearch cluster name and meta value related to the database.
Q23. Can you name five companies that have an elasticsearch as their search engine and database for their application?
- Stack Overflow
Q24. Can you explain SHARDS in Elasticsearch?
Ans: When the number of documents increases, processing power goes down and as a result responding to client requests get delayed. In situations, indexed data is divided into small chunks called Shards, in order to improve the fetching of results during data search.
Q25. What is the syntax or code to add a Mapping in an Index?
Ans: You can add a mapping in an index using the below syntax:
Syntax: POST /_
Q26. What is the syntax/code to retrieve a document by ID in Elasticsearch?
Ans: GET API fetches the specified JSON document from an index.
Q27. What are the various types of queries that Elasticsearch supports?
Ans: Queries are categorized into two types: Full Text/Match Queries and Term based Queries.
Text Queries include basic match, match phrase, common terms, query-string, multi-match, match phrase prefix, simple query string.
Term Queries include term exists, type, wildcard, regexp term set, range, prefix, ids, and fuzzy.
Q28. What is the difference between Term-based queries and Full-text queries?
Ans: Full text queries analyze the query string before executing it whereas term-level queries operate on the exact terms stored in the inverted index without analyzing.
The full text queries are commonly used to run queries on full text fields like the body of an email wheras term level queries are used for structured data like numbers, dates, and enums, rather than full text fields.
Q29. What is aggregation in Elasticsearch?
Ans: Aggregations help in collecting data through queries used in the search. Different types of aggregations are Sum and stats, Metrics, Average, Minimum, Maximum based on different purposes.
[ Related Article:- Learn ABout Elasticsearch Post Filter Aggregation ]
Q30. What is the difference between Master node and Master eligible no4de?
Ans: Master node functionality includes creation of index/indices, monitor an account of nodes forming a cluster, deletion of index/indices. Whereas, Master eligible nodes are those nodes that get elected to become Master Node.
Q31. List out X-Pack commands?
Ans: X-Pack commands are listed below:
Q32. How Migration API can be used as an Elasticsearch?
Ans: Migration API is applied after the Elasticsearch version is upgraded with a newer version. With migration API, X-Pack indices get updated into a newer version of the Elasticsearch cluster.
Q33. Where and how Kibana will be useful in Elasticsearch?
Ans: Kibana is part of ELK Stack – log analysis solution. It is an open-source visualizations tool used to analyze data available in graph formats such as pie bar, coordinate map, line, etc.
Q34. List out the use cases related to ELK log analytics?
Ans: ELK log analytics use cases are listed below:
- Fraud detection
- Market Intelligence
- Risk management
- Security analysis
- E-commerce Search solution
Q35. How Elastic Stack Reporting is used?
Ans: Reporting API is used to retrieve data in image PNG format, PDF format as well as spreadsheet CSV forma that can be shared or saved as per requirement.
Q36. How Beats can be used with Elasticsearch?
Ans: Beats is an open-source tool used to transfer data to the Elasticsearch where data is processed before being viewed using Kibana. Data such as audit data, log files, window event logs, cloud data, and network traffic is transported.
Q37. What is the functionality of cat API in Elasticsearch?
Ans: Cat API commands provides an overview of Elasticsearch cluster including data related to aliases, allocation, indices, node attributes etc. These cat commands use query string as parameter which returns queried data from the JSON document.
Q38. What is the importance of the installing X-Pack for Elasticsearch?
Ans: X-Pack is an extension that gets installed with Elasticsearch. Some of the functionalities of X-Pack are security (Roles and User security, Role-based access, Privileges/Permissions), monitoring, alerting, reporting, and more.
Q39. What is an index in ElasticSearch?
Ans: An index is similar to a table in relational databases. The difference is that relational databases would store actual values, which is optional in ElasticSearch. An index can store actual and/or analyzed values in an index.
Q40. What is a document in ElasticSearch?
Ans: A document is similar to a row in relational databases. The difference is that each document in an index can have a different structure (fields), but should have same data type for common fields.
Each field can occur multiple times in a document with different data types. Fields can contain other documents too.
Q41. Does ElasticSearch have a schema?
Ans: Yes, ElasticSeach can have mappings which can be used to enforce schema on documents.
Q42. What is a document type in ElasticSearch?
Ans: A document type can be seen as the document schema / dynamic mapping definition, which has the mapping of all the fields in the document along with its data types.
Q43. What is indexing in ElasticSearch?
Ans: The process of storing data in an index is called indexing in ElasticSearch. Data in ElasticSearch can be divided into write-once and read-many segments. Whenever an update is attempted, a new version of the document is written to the index.
Q44. What is a node in ElasticSearch?
Ans: Each instance of ElasticSearch is called a node. Multiple nodes can work in harmony to form an ElasticSearch Cluster.
Q45. What is a shard in ElasticSearch?
Ans: Due to resource limitations like RAM, vCPU etc, for scale-out, applications need to employ multiple instances of ElasticSearch on separate machines. Data in an index can be divided into multiple partitions, each handled by a separate node (instance) of ElasticSearch. Each such partition is called a shard. By default an ElasticSearch index has 5 shards.
Q46. What is a replica in ElasticSearch?
Ans: Each shard in ElasticSearch has 2 copy of the shard. These copies are called replicas. They serve the purpose of high availability and fault-tolerance.
Q47. What is an Analyzer in ElasticSearch?
Ans: While indexing data in ElasticSearch, data is transformed internally by the Analyzer defined for the index, and then indexed. An analyzer is built of tokenizer and filters. Following types of Analyzers are available in ElasticSearch 1.10.
- Standard Analyzer
- Simple Analyzer
- WhiteSpace Analyzer
- Stop Analyzer
- Keyword Analyzer
- Pattern Analyzer
- Language Analyzer
- Snowball Analyzer
- Custom Analyzer
Q48. What is a Tokenizer in ElasticSearch?
Ans: A Tokenizer breakdown fields values of a document into a stream, and inverted indexes are created and updated using these values, and these stream of values are stored in the document.
Q49. What is a Filter in ElasticSearch?
Ans: A Filter is all about implementing some conditions in the query to reduce the matching result set. When we use a query in Elasticsearch, the query computes a relevance score for matching the documents. But in some situations, we don’t need relevance scores when the document falls in the range of two provided timestamps.
So, for this yes/no criteria, we use Filters. We use Filters for matching particular criteria, and they are cacheable to allow faster execution. The Token filters receive a flow of tokens from a tokenizer, and they can change, add, and delete the tokens.
Q50. What is the query language of ElasticSearch?
Ans: Elasticsearch provides a query DSL(Domain Specific Language) on the basis of JSON for defining the queries. Query DSL contains two kinds of clauses:
1) Leaf Query Clauses
Leaf Query Clauses search for a specific value in a specific field, like the term, range, or match queries.
2) Compound Query Clauses
Compound Query Clauses enclose other compound or leaf queries, and we use them for logically combining queries.