SearchBlox for Amazon OpenSearch Service

SearchBlox for Amazon OpenSearch Service is an enterprise search platform for the AWS Cloud thats uses the Amazon OpenSearch Service, the fully managed and scalable Elasticsearch service available on Amazon Web Services (AWS). SearchBlox for Amazon OpenSearch Service can crawl, index and search content across multiple datasources including file systems, websites, databases and applications.


This service consists of two types of SearchBlox servers that are available through the AWS marketplace. The first is SearchBlox IndexServer. The SearchBlox IndexServer can crawl and index content in over 40 document formats including PDFs, HTML and Microsoft Word, Excel, Powerpoint directly into Amazon OpenSearch Service. The second type of server is the SearchBlox SearchServer. The SearchBlox SearchServer provides ready-to-use, fully customizable search front-ends including faceted search for the indices created by the SearchBlox IndexServer in the Amazon OpenSearch Service.




AWS Region

Please make sure to select the same AWS Region in all the following steps mentioned. For example, we have chosen "us-east-1" for creating elasticsearch, SearchBlox IndexServer , SearchBlox SearchServer, etc.

1. Create VPC

Create a VPC, which needs to be mentioned while creating a SearchBlox IndexServer at AWS Marketplace.

1003 1336

2. Create KeyPair

Create a Key Pair, and store it safely to access your AWS instance.




Use the key pair to SSH to the AWS instance. If you are using Windows, use puttygen to convert the pem file to ppk file. Use this ppk file to connect to the instance using putty.

3. Create IAM Role

Create an IAM role called SearchBlox_AmazonES with an AmazonESFullAccess Policy, as shown in the screenshot. This role has to be configured after creating the SearchBlox IndexServer (and search server, if available) instance.

1339 1068 996 765 1338

4. Create AWS Elasticsearch Domain

  1. Select the Deployment Type and Elastic Search Version 7.17, then click Next.


Elasticsearch Version

SearchBlox recommends the latest Elasticsearch 7.17 on Amazon OpenSearch Service.

  1. Enter the domain name.
  1. Select the Availability Zones, Instance Type and Number of Nodes.
  1. Select the Storage Type, Size and also select the master node instance type and Number of Master Nodes.
  1. Select the access and Security Type: VPC or Public access.



If you need any authentication type select below Option

944 913
  1. Click Next to create Elasticsearch domain.
927 945
  1. Elasticsearch Service Dashboard will have the domains created after 10 to 15 minutes.
  1. Go to EC2 Service, click Launch Option, search for SearchBlox Enterprise Search AMI,
    and then click Create Instance.

5. Start SearchBlox IndexServer via Amazon Marketplace.

Go to the AWS Marketplace:
Search for SearchBlox and select IndexServer. For cluster setup, create SearchBlox SearchServer after creating SearchBlox IndexServer.

845 894

Check and click continue, which will take you to the following page:

1342 1348 1349 1347 1350 1339 747

Go to EC2 Dashboard.


Integrate with IAM Role

This is an important step where we integrate IAM role with SearchBlox IndexServer.
Right-click the Server Instance, then go to Instance Settings -> Attach Replace IAM Role.


Select and save the role to the instance.

689 855

SSH into SearchBlox IndexServer

  • SSH into the SearchBlox IndexServer instance using the user ec2-user and the pem or ppk file.
    • Change user to SearchBlox.
sudo su - SearchBlox
  • To update the Elasticsearch Domain Details on awssettings.yml file open the /opt/searchblox/webapps/ROOT/WEB-INF/awssettings.yml file and update the values and save the changes

The aws.region is the region selected while creating SearchBlox IndexServer and the Elasticsearch instance, which will also be available in the AWS URL in Elasticsearch. The aws.url is the endpoint specified in the Elasticsearch instance.

  • To Update searchblox.yml
    /opt/searchblox/webapps/ROOT/WEB-INF/ searchblox.yml and update the deployment type and
    save the changes.
    searchblox.deployment.type: aws
  • Restart SearchBlox as follows:

  • Access the SearchBlox Admin Console at https://xxxx:8443/console where xxxx is the Public DNS of the SearchBlox IndexServer instance.

  • Access the SearchBlox Search URL as follows:

SearchBlox Search url : https://xxxx:8443/search

where xxxx is is the Public DNS of the SearchBlox SearchServer instance.

Increase RAM memory for SearchBlox in AWS.

After logging on as a jetty user using the following command:
sudo su - jetty
Go to edit /etc/default/jetty file and give the memory parameters in JAVA_OPTIONS. The content of the jetty file is given in the following:
12G refers 12 GB memory has been allocated to SearchBlox

JAVA_OPTIONS="-server -Xms12G -Xmx12G -XX:+UseCMSInitiatingOccupancyOnly -XX:CMSInitiatingOccupancyFraction=70"
676 667

Kibana and Amazon OpenSearch Service

  • Data indexed, as well as logs, are stored in the Elasticsearch domain. To view the logs, you can map the Elasticsearch index named sbindexlog in Kibana and search for the entries.
    The Kibana link will be available in the Domain dashboard. Refer to the following screenshot:
  • Click the link and access Kibana.
  • Adding log indices in Kibana.
    The two logs that can be added in Kibana are sbindexlog and sbstatuslog. You can add both logs in one index pattern.

Alternatively, you can create a separate index pattern for each log.

1301 1342

You can also query the logs based on URL, timestamp, etc.

  • It is also possible to delete indices via Kibana. Go to Dev Tools in the left-hand menu. * To delete the Elasticsearch indices, click Get to Work .
1191 1135

What’s Next