Creating an index in Elasticsearch gives an application, import job, or one-off dataset a dedicated place to store documents with the field types and shard layout it actually needs. Defining those pieces up front avoids cleanup work later when searches, aggregations, or ingest pipelines start depending on the index structure.
An index can be created with settings, mappings, and aliases in the same Create index API request. Current composable templates are still evaluated during creation, but settings and mappings sent in the create request override matching template values for the new index, so explicit field types such as date, keyword, and text should be set here when the data shape is already known.
Current self-managed deployments typically use an authenticated HTTPS endpoint for these API calls. Recent Elastic stacks also ship built-in data stream templates for patterns such as logs-*-*, so use an application-specific plain index name unless the target is intentionally a data stream.
Steps to create an index in Elasticsearch:
- Create the index with explicit settings and field mappings.
$ curl -sS --fail -H "Content-Type: application/json" -X PUT "http://localhost:9200/app-events-2026.04?pretty" -d '{ "settings": { "number_of_shards": 1, "number_of_replicas": 0 }, "mappings": { "properties": { "timestamp": { "type": "date" }, "level": { "type": "keyword" }, "message": { "type": "text" } } } }' { "acknowledged" : true, "shards_acknowledged" : true, "index" : "app-events-2026.04" }Explicit settings and mappings in the create request override values from any matching composable index template for this new index.
Index names matching built-in data stream patterns such as logs-*-* can fail with an error telling you to use the data stream API instead. Use a plain application-specific name for standalone indices.
- Confirm the index exists and the single-node shard layout is green.
$ curl -sS --fail "http://localhost:9200/_cat/indices/app-events-2026.04?v" health status index uuid pri rep docs.count docs.deleted store.size pri.store.size dataset.size green open app-events-2026.04 3WkHUrIgS_GZcNdCISr52A 1 0 0 0 227b 227b 227b
Using number_of_replicas 0 keeps the index green on a one-node validation cluster. Raise the replica count on multi-node clusters.
- Review the mapping returned by Elasticsearch.
$ curl -sS --fail "http://localhost:9200/app-events-2026.04/_mapping?pretty" { "app-events-2026.04" : { "mappings" : { "properties" : { "level" : { "type" : "keyword" }, "message" : { "type" : "text" }, "timestamp" : { "type" : "date" } } } } } - Index a test document into the new index.
$ curl -sS --fail -H "Content-Type: application/json" -X POST "http://localhost:9200/app-events-2026.04/_doc?refresh=wait_for&pretty&filter_path=_index,_id,result,_shards.total,_shards.successful,_shards.failed" -d '{ "timestamp": "2026-04-02T07:40:00Z", "level": "INFO", "message": "index created" }' { "_index" : "app-events-2026.04", "_id" : "Nv3qTJ0B8zdud1aVN219", "result" : "created", "_shards" : { "total" : 1, "successful" : 1, "failed" : 0 } }refresh=wait_for waits for the next refresh cycle so the document is searchable in the verification step without forcing an immediate refresh.
- Search the new index for the test document.
$ curl -sS --fail -H "Content-Type: application/json" -X POST "http://localhost:9200/app-events-2026.04/_search?pretty&filter_path=hits.total,hits.hits._index,hits.hits._id,hits.hits._source.*" -d '{ "query": { "match": { "message": "created" } } }' { "hits" : { "total" : { "value" : 1, "relation" : "eq" }, "hits" : [ { "_index" : "app-events-2026.04", "_id" : "Nv3qTJ0B8zdud1aVN219", "_source" : { "timestamp" : "2026-04-02T07:40:00Z", "level" : "INFO", "message" : "index created" } } ] } }
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.
