Elasticsearch is described by its maker, Elastic, as “an open source, distributed search and analytics engine built for speed, scale, and AI applications.” It exposes a “distributed, RESTful search and analytics engine” that applications query over HTTP, storing structured, unstructured, and vector data and returning results in real time.
Under the hood it is built on Apache Lucene, the Java search library. Elastic credits this directly, describing “millisecond-latency search, powered by Lucene.” Lucene’s own site calls itself “a high-performance, full-featured search engine library written entirely in Java,” supplying the inverted-index machinery, relevance ranking such as Okapi BM25, and full-text capabilities that Elasticsearch distributes across a cluster of nodes.
What Elasticsearch adds on top of Lucene is the distributed layer: data is split into shards spread across machines, replicated for resilience, and queried in parallel, so a single search can run against indexes far larger than one server could hold. That made it a natural fit for searching huge volumes of documents and log data.
It is best known as the engine at the center of the ELK stack, where Elasticsearch stores and searches data, Logstash ingests and transforms it, and Kibana visualizes it. This combination became a standard way to centralize logs, power observability and security analytics, and offer full-text search across large bodies of text.