0
0
Elasticsearchquery~10 mins

Runtime fields in Elasticsearch - Step-by-Step Execution

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Concept Flow - Runtime fields
Search Request Received
Check for Runtime Fields
Evaluate Script
Add Runtime Fields to Result
Return Results
When a search request includes runtime fields, Elasticsearch evaluates their scripts on the fly and adds the computed values to the search results.
Execution Sample
Elasticsearch
{
  "runtime_mappings": {
    "day_of_week": {
      "type": "keyword",
      "script": "emit(doc['date'].value.dayOfWeekEnum.getDisplayName(TextStyle.FULL, Locale.ENGLISH))"
    }
  }
}
Defines a runtime field 'day_of_week' that computes the day name from a date field during search.
Execution Table
StepActionInputScript EvaluationResult
1Receive search request{"runtime_mappings": {"day_of_week": {...}}}N/AStart processing
2Check for runtime fieldsruntime_mappings presentN/AProceed to evaluate scripts
3For each documentdoc['date'] valueEvaluate dayOfWeekEnum.getDisplayName()Emit day name string
4Add runtime field to documentEmitted day nameN/ADocument enriched with 'day_of_week'
5Return search resultsAll documents with runtime fieldsN/AResults sent to client
💡 All documents processed; runtime fields evaluated and added to results
Variable Tracker
VariableStartAfter Doc 1After Doc 2Final
doc['date'].valueN/A2024-06-012024-06-02Last document date
day_of_week (emitted)N/ASaturdaySundayLast emitted day
Key Moments - 2 Insights
Why does the runtime field script run for each document?
Because runtime fields are computed on the fly during search, the script runs for every document to produce the field's value, as shown in execution_table step 3.
Does the runtime field change the stored data in Elasticsearch?
No, runtime fields do not modify stored data; they only add computed values at query time, as seen in step 4 where the field is added to the result but not stored.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution_table, at which step does Elasticsearch evaluate the runtime field script?
AStep 2
BStep 3
CStep 4
DStep 5
💡 Hint
Check the 'Script Evaluation' column in execution_table rows
According to variable_tracker, what is the emitted value for the first document's runtime field?
ASaturday
BSunday
CMonday
DFriday
💡 Hint
Look at 'day_of_week (emitted)' after Doc 1 in variable_tracker
If the runtime field script was removed, what would happen to the search results?
ASearch would fail with an error
BResults would include the runtime field with default values
CResults would not include the runtime field
DStored fields would be overwritten
💡 Hint
Refer to concept_flow where runtime fields are checked and evaluated only if present
Concept Snapshot
Runtime fields let you add fields computed at search time.
Define them with scripts in runtime_mappings.
Scripts run for each document during search.
They do not change stored data.
Results include these computed fields dynamically.
Full Transcript
Runtime fields in Elasticsearch are fields computed during search using scripts. When a search request includes runtime fields, Elasticsearch checks for them and evaluates their scripts for each document. For example, a runtime field can compute the day of the week from a date field. The script runs for every document, emitting the computed value, which is then added to the search result. This process does not modify stored data but enriches the results dynamically. The execution table shows the step-by-step flow from receiving the request, checking for runtime fields, evaluating scripts per document, adding the computed fields, and returning results. The variable tracker shows how document dates and emitted day names change during execution. Key moments clarify why scripts run per document and that stored data remains unchanged. The visual quiz tests understanding of when scripts run, emitted values, and effects of removing runtime fields.