Get in Touch

Course Outline

Open-Source Search and Analytics Sovereignty for Government

  • Elastic license modifications and community-driven forks.
  • Feature parity between OpenSearch and Elasticsearch expected in 2025-2026.
  • Use cases include enterprise search, log analytics, security information and event management (SIEM), and observability for government operations.

Cluster Architecture

  • Node roles: master, data, coordinating, and ingest nodes.
  • Security plugin features: Transport Layer Security (TLS) internode communication, certificate management, and Public Key Infrastructure (PKI).
  • Split-brain prevention mechanisms: configuration of discovery.seed_hosts and minimum master nodes to ensure cluster integrity.

Data Ingestion

  • REST API for indexing, bulk loading, and mapping definition management.
  • Data pipeline tools: Beats, Fluent Bit, and Logstash for efficient data collection and processing.
  • OpenTelemetry Collector for capturing traces and metrics to enhance observability.

Search and Dashboards

  • Query DSL capabilities: match, term, range queries, aggregations, and nested fields support.
  • OpenSearch Dashboards for creating visualizations and interactive dashboards to enhance data analysis.
  • SIEM use cases: implementation of alert rules and anomaly detection to strengthen cybersecurity for government systems.

Index Management

  • Index Lifecycle Management (ILM) features: rollover, shrinking, and deletion policies.
  • Hot-warm-cold architecture to optimize resource utilization and cost efficiency.
  • Mapping optimization techniques and text analysis for improved data retrieval and processing.

Security and Access Control

  • Role-Based Access Control (RBAC) with user, role, and tenant management to ensure secure access.
  • SAML and OpenID Connect authentication methods for robust identity verification.
  • Document-level security measures and field masking to protect sensitive information.

Backup and Recovery

  • Snapshot repositories: storage options include MinIO, Amazon S3, or Network File System (NFS) for reliable data backup.
  • Automated snapshot management using Curator or Index State Management (ISM) to streamline the backup process.
  • Restoration capabilities: restoring specific indices and implementing cluster-wide disaster recovery strategies to ensure business continuity.

Requirements

  • Familiarity with search engines and inverted indexes.
  • Experience working with REST APIs and JSON.
  • Basic Linux administration skills, including systemd, logs, and package management.

Audience

  • Search and log analytics engineers for government agencies.
  • Teams transitioning from managed Elasticsearch or Splunk solutions.
  • Security analysts developing sovereign SIEM backends.
 14 Hours

Number of participants


Price per participant

Runs with a minimum of 4 + people. For 1-to-1 or private group training, request a quote.

Testimonials (1)

the trainer was very good and made the training perfect for my needs

Florentin - EXPERIS
Course - Search and Analytics with Amazon OpenSearch

Upcoming Courses

OpenSearch: Replacing Amazon OpenSearch and Elastic Cloud In-House

2026-05-19 09:30
14 hours
Little Rock, AZ - Regions Center
$ 2703 (Online)
$ 3903 (Classroom)

OpenSearch: Replacing Amazon OpenSearch and Elastic Cloud In-House

2026-06-02 09:30
14 hours
Fayetteville, AR - Pryor Center
$ 2703 (Online)
$ 3903 (Classroom)

OpenSearch: Replacing Amazon OpenSearch and Elastic Cloud In-House

2026-06-16 09:30
14 hours
Shelton, CT – Regus at One Reservoir Corporate Centre
$ 2703 (Online)
$ 3903 (Classroom)

OpenSearch: Replacing Amazon OpenSearch and Elastic Cloud In-House

2026-06-30 09:30
14 hours
Wilmington, DE – Regus at Brandywine Building
$ 2703 (Online)
$ 3903 (Classroom)

OpenSearch: Replacing Amazon OpenSearch and Elastic Cloud In-House

2026-07-14 09:30
14 hours
Indianapolis, IN - Lockerbie Marketplace
$ 2703 (Online)
$ 3903 (Classroom)

OpenSearch: Replacing Amazon OpenSearch and Elastic Cloud In-House

2026-07-28 09:30
14 hours
IA, Johnston - Regus - Foxboro Square
$ 2703 (Online)
$ 3903 (Classroom)

Related Courses

Search and Analytics with Amazon OpenSearch

 21 Hours
This instructor-led, live training in US (online or onsite) is designed for government developers and administrators who wish to utilize OpenSearch to conduct distributed search and data analytics within a unified and secure system. By the end of this training, participants will be able to: - Set up the required development environment to begin building search and analytics solutions with OpenSearch and OpenSearch Dashboards. - Understand the three methods (snapshot, restart, and rolling) for upgrading from Elasticsearch OSS to OpenSearch. - Learn how to index data, create data streams, execute queries, and manage cross-cluster operations in OpenSearch. - Explore and utilize plugins, APIs, clients, and ingestion tools (such as Beats, Logstash, Grafana, etc.) to enhance the search experience while maintaining secure clusters. - Use OpenSearch Dashboards to centralize data management, visualization, logging, monitoring, and maintenance for government applications.
Read more...

OpenSearch Fundamentals

 21 Hours
OpenSearch is an open-source search and analytics suite derived from Elasticsearch 7.10 and Kibana 7.10, developed by AWS to provide a fully open alternative following licensing changes by Elastic NV. This instructor-led, live training (online or onsite) is designed for intermediate-level engineers and architects who aim to deploy, configure, and manage OpenSearch clusters for search, observability, and analytics workloads, while understanding its relationship with AWS OpenSearch Service for government. By the end of this training, participants will be able to: - Understand the architecture, components, and capabilities of OpenSearch and its dashboards. - Deploy and configure OpenSearch clusters on-premises and in the cloud. - Integrate OpenSearch with AWS OpenSearch Service and other enterprise data systems. - Optimize performance, security, and scalability for production-grade deployments. **Format of the Course** - Instructor explanations combined with live demonstrations. - Hands-on labs and real-world configuration exercises. - Collaborative discussions focused on troubleshooting and best practices. **Course Customization Options** - To tailor the content or focus of this OpenSearch training to your organization’s specific needs, please contact us to arrange a customized session.
Read more...

OpenSearch at Scale

 21 Hours
OpenSearch is a scalable, open-source search and analytics suite designed for high-volume data indexing, observability, and real-time analytics across distributed systems. This instructor-led, live training (online or onsite) is aimed at advanced-level engineers and architects who wish to design, deploy, and manage OpenSearch clusters capable of handling large-scale data ingestion and analytics workloads, both on-premises and using AWS OpenSearch Service for government. By the end of this training, participants will be able to: - Design and deploy highly scalable OpenSearch clusters across multiple environments. - Optimize indexing, search, and storage for performance at scale. - Integrate OpenSearch with AWS OpenSearch Service for hybrid and managed deployments. - Implement observability, high availability, and automated recovery strategies. **Format of the Course** - Instructor-led theory sessions with guided discussions. - Extensive hands-on exercises simulating real-world scaling challenges. - Practical lab work on distributed deployment and performance tuning. **Course Customization Options** - This course can be adapted to emphasize your organization’s data size, performance goals, and deployment environment.
Read more...

Related Categories

OpenSearch
OpenSearch