Dec 15th, 2020: [EN] Preparing for an Elasticsearch Interview

Elasticsearch is the most popularly used data store for building a Search Engine, Centralized Logging, Observability, or Threat Hunting use cases.

That also means Elasticsearch is omnipresent in many organizations.

In this post, we'll see what are some important topics that you need to prepare for an Elasticsearch interview.

Basically, Elasticsearch is clay that one could mold into different shapes. Due to this, you might notice the different approaches that one takes to build a cluster. So, depending on the role, you might need to prepare or brush up on topics relevant to the Elasticsearch interview.

The Stack

As shown in the mind map, Elastic Stack is the set of building blocks (products) that interact with Elasticsearch and make up the whole experience.


Above Mindmap gives a birds-eye view of most of the Elasticsearch concepts, but it is still not complete.

Topics like Nodes, Indexes, Shards, Replication are important for any role. You also need to learn about managing, using, and designing the cluster using these concepts. Because to build a Search engine, you need to create a cluster that could take more read's or to build an Observability platform, you need to create a write-heavy or hybrid cluster. Reading theory on the above topics helps you to answer questions on scale, reliability questions in the interview.

Queries and Aggregations

There are different types of queries and aggregations as shown in the mind map. Combination of those you can search/analyze data in a lot of ways using QueryDSL. The Term, Match queries are most important as it combines both structured and unstructured querying tactics. On aggregations, Bucket, Min, Max, Avg, Rate, Range are a few to look at.

Administering the cluster

An important part of the role would be managing the cluster at scale. It'd be good to read about monitoring the cluster by using Stack Monitoring, Index Lifecycle Management, Snapshot, and Restore.

On top of it, learning about upgrades, cluster coordination layer, specific feature limits (and why?) would be an added advantage.

As a developer, developing applications by using Elasticsearch as a NoSQL storage engine. It is essential to learn about various language (REST) clients, SQL features.

As a DevOps/Security practitioner, you might be using Kibana as a window to examine but at the end of the day, it is Elasticsearch queries that are initiated from Kibana. Having a grip on Elasticsearch, you would be acing the interview for the most part. However, you could refer to Kibana Lens, Kibana Query Language (KQL), Timeseries Visual Builder topics.

These are a few minimal tips to prepare for a role that will be having a focus on Elasticsearch.

Mindmap PDF


This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.