first take at getting started (elastic#973)

georgewallace · web-flow · commit 8c7375d8af92 · 2025-04-07T15:35:08.000Z
diff --git a/deploy-manage/deploy/_snippets/installation-order.md b/deploy-manage/deploy/_snippets/installation-order.md
@@ -1,7 +1,7 @@
 If you're deploying the {{stack}} in a self-managed cluster, then install the {{stack}} products you want to use in the following order:
 
-* {{es}}
-* {{kib}}
+* [{{es}}](/deploy-manage/deploy/self-managed/installing-elasticsearch.md)
+* [{{kib}}](/deploy-manage/deploy/self-managed/install-kibana.md)
 * [Logstash](logstash://reference/index.md)
 * [{{agent}}](/reference/fleet/index.md) or [Beats](beats://reference/index.md)
 * [APM](/solutions/observability/apps/application-performance-monitoring-apm.md)
diff --git a/get-started/index.md b/get-started/index.md
@@ -7,24 +7,43 @@ mapped_pages:
 ---
 # Get started
 
-## Overview
+## Overview [what-is-es]
+
+[{{es}}](https://github.com/elastic/elasticsearch) is a distributed search and analytics engine, scalable data store, and vector database built on Apache Lucene. It’s optimized for speed and relevance on production-scale workloads. Use {{es}} to search, index, store, and analyze data of all shapes and sizes in near real time. [{{kib}}](https://github.com/elastic/kibana) is the graphical user interface for {{es}}. It’s a powerful tool for visualizing and analyzing your data, and for managing and monitoring the Elastic Stack. 
 
 {{es}} is the heart of the [Elastic Stack](the-stack.md). Combined with {{kib}}, it powers these Elastic solutions and use cases:
 
-* [Observability](/solutions/observability.md)
-* [Security](/solutions/security.md)
-* [Search](/solutions/search.md)
+* **[Elasticsearch](/solutions/search.md)**: Build powerful search and RAG applications using Elasticsearch's vector database, AI toolkit, and advanced retrieval capabilities.
+* **[Observability](/solutions/observability.md)**: Resolve problems with open, flexible, and unified observability powered by advanced machine learning and analytics.
+* **[Security](/solutions/security.md)**: Detect, investigate, and respond to threats with AI-driven security analytics to protect your organization at scale.
 
 :::{tip}
 Refer to our [customer success stories](https://www.elastic.co/customers/success-stories) for concrete examples of how Elastic is used in real-world scenarios.
 :::
 
+## Choose your deployment type
+
+:::{include} /deploy-manage/_snippets/deployment-options-overview.md
+:::
+
+## Explore the solutions
+
+Elasticsearch supports diverse use cases. Select a solution and follow its dedicated getting-started guide:
+
+|     |     |
+| --- | --- |
+|  |  |
+| ![elasticsearch](https://www.elastic.co/docs/assets/images/elasticsearch.png "elasticsearch =50%") | **Elasticsearch**<br> Create seamless search experiences for apps, websites, or workplaces.<br><br>[**Get started →**](../solutions/search/get-started.md)<br> |
+| ![observability](https://www.elastic.co/docs/assets/images/observability.png "observability =50%") | **Observability**<br> Monitor logs, metrics, and traces to gain insight into your systems.<br><br>[**Get started →**](../solutions/observability/get-started.md)<br> |
+| ![security](https://www.elastic.co/docs/assets/images/security.png "security =50%") | **Security**<br> Monitor logs, metrics, and traces to gain insight into your systems.<br><br>[**Get started →**](../solutions/security/get-started.md)<br> |
+
 ## Next steps
 
-Get started by learning about:
+For learn more about our products and solutions, see:
 
 - [{{es}} and {{kib}}](introduction.md), the core components of the {{stack}}.
   - [The stack](/get-started/the-stack.md) to understand the relationship between core and optional components of an Elastic deployment.
 - [The out-of-the-box solutions and use cases](/solutions/index.md) that Elastic supports.
 - [Deploying Elastic](./deployment-options.md) for your use case.
-- [Versioning and availability](./versioning-availability.md) in Elastic deployments.
+- [Versioning and availability](./versioning-availability.md) in Elastic deployments.
+
diff --git a/get-started/introduction.md b/get-started/introduction.md
@@ -3,60 +3,40 @@ mapped_pages:
   - https://www.elastic.co/guide/en/elasticsearch/reference/current/elasticsearch-intro-what-is-es.html
 ---
 
-# {{es}} and {{kib}} [introduction]
+# Use cases [introduction]
+$$$what-is-kib$$$
+$$$what-is-es$$$
 
-## What is {{es}}?
-
-[{{es}}](https://github.com/elastic/elasticsearch) is a distributed search and analytics engine, scalable data store, and vector database built on Apache Lucene. It’s optimized for speed and relevance on production-scale workloads. Use {{es}} to search, index, store, and analyze data of all shapes and sizes in near real time.
-
-You can deploy {{es}} as a standalone service to build custom search and analytics solutions or deploy it together with other Elastic products, using various [deployment options](./deployment-options.md).
-
-Explore the full list of [{{es}} features](https://www.elastic.co/elasticsearch/features) on the product webpage.
-
-To learn more about the internals of the data store, refer to [](/manage-data/data-store.md).
-
-::::{tip}
-Want to get started quickly with the {{es}} API? Check out our hands-on [quick start tutorials](/solutions/search/api-quickstarts.md) and [Python notebooks](https://github.com/elastic/elasticsearch-labs/tree/main/notebooks#readme).
-::::
-
-## What is {{kib}}?
-
-[{{kib}}](https://github.com/elastic/kibana) is the graphical user interface for {{es}}. It’s a powerful tool for visualizing and analyzing your data, and for managing and monitoring the Elastic Stack.
-
-Together, {{es}} and {{kib}} form the core of the [Elastic Stack](the-stack.md).
-
-They power all Elastic solutions and use cases:
+The {{stack}} is used for a wide and growing range of use cases. Here are a few examples:
 
-- [Observability](/solutions/observability.md)
-- [Security](/solutions/security.md)
-- [Search](/solutions/search.md)
+## Elasticsearch
 
-## Use cases
+- **Full-text search**: Build a fast, relevant full-text search solution using inverted indexes, tokenization, and text analysis.
+- **Vector database**: Store and search vectorized data, and create vector embeddings with built-in and third-party natural language processing (NLP) models.
+- **Semantic search**: Understand the intent and contextual meaning behind search queries using tools like synonyms, dense vector embeddings, and learned sparse query-document expansion.
+- **Hybrid search**: Combine full-text search with vector search using state-of-the-art ranking algorithms.
+- **Build search experiences**: Add hybrid search capabilities to apps or websites, or build enterprise search engines over your organization’s internal data sources.
+- **Retrieval augmented generation (RAG)**: Use {{ecloud}} as a retrieval engine to supplement generative AI models with more relevant, up-to-date, or proprietary data for a range of use cases.
+- **Geospatial search**: Search for locations and calculate spatial relationships using geospatial queries.
 
-The {{stack}} is used for a wide and growing range of use cases. Here are a few examples:
+[**Get started with {{es}} →**](../solutions/search/get-started.md)
 
-**Observability**
+## Observability
 
 - **Logs, metrics, and traces**: Collect, store, and analyze logs, metrics, and traces from applications, systems, and services.
 - **Application performance monitoring (APM)**: Monitor and analyze the performance of business-critical software applications.
 - **Real user monitoring (RUM)**: Monitor, quantify, and analyze user interactions with web applications.
 - **OpenTelemetry**: Reuse your existing instrumentation to send telemetry data to the Elastic Stack using the OpenTelemetry standard.
 
-**Security**
+[**Get started with {{observability}} →**](../solutions/observability/get-started.md)
+
+## Security
 
 - **Security information and event management (SIEM)**: Collect, store, and analyze security data from applications, systems, and services.
 - **Endpoint security**: Monitor and analyze endpoint security data.
 - **Threat hunting**: Search and analyze data to detect and respond to security threats.
 
-**Search**
-
-- **Full-text search**: Build a fast, relevant full-text search solution using inverted indexes, tokenization, and text analysis.
-- **Vector database**: Store and search vectorized data, and create vector embeddings with built-in and third-party natural language processing (NLP) models.
-- **Semantic search**: Understand the intent and contextual meaning behind search queries using tools like synonyms, dense vector embeddings, and learned sparse query-document expansion.
-- **Hybrid search**: Combine full-text search with vector search using state-of-the-art ranking algorithms.
-- **Build search experiences**: Add hybrid search capabilities to apps or websites, or build enterprise search engines over your organization’s internal data sources.
-- **Retrieval augmented generation (RAG)**: Use {{ecloud}} as a retrieval engine to supplement generative AI models with more relevant, up-to-date, or proprietary data for a range of use cases.
-- **Geospatial search**: Search for locations and calculate spatial relationships using geospatial queries.
+[**Get started with {{elastic-sec}} →**](../solutions/security/get-started.md)
 
 This is just a sample of search, observability, and security use cases enabled by {{ecloud}}. Refer to Elastic [customer success stories](https://www.elastic.co/customers/success-stories) for concrete examples across a range of industries.
 
diff --git a/get-started/the-stack.md b/get-started/the-stack.md
@@ -35,58 +35,49 @@ If you want to transform or enrich data before it’s stored, you can use {{es}}
 
 Trying to decide which ingest component to use? Refer to [Adding data to {{es}}](/manage-data/ingest.md) to help you decide.
 
-$$$stack-components-agent$$$
+#### {{fleet}} and {{agent}} [stack-components-agent]
 
-{{fleet}} and {{agent}}
-:   {{agent}} is a single, unified way to add monitoring for logs, metrics, and other types of data to a host. It can also protect hosts from security threats, query data from operating systems, forward data from remote services or hardware, and more. Each agent has a single policy to which you can add integrations for new data sources, security protections, and more.
+{{agent}} is a single, unified way to add monitoring for logs, metrics, and other types of data to a host. It can also protect hosts from security threats, query data from operating systems, forward data from remote services or hardware, and more. Each agent has a single policy to which you can add integrations for new data sources, security protections, and more.
 
-    {{fleet}} enables you to centrally manage {{agents}} and their policies. Use {{fleet}} to monitor the state of all your {{agents}}, manage agent policies, and upgrade {{agent}} binaries or integrations.
+{{fleet}} enables you to centrally manage {{agents}} and their policies. Use {{fleet}} to monitor the state of all your {{agents}}, manage agent policies, and upgrade {{agent}} binaries or integrations.
 
-    [Learn more about {{fleet}} and {{agent}}](/reference/fleet/index.md).
+[Learn more about {{fleet}} and {{agent}}](/reference/fleet/index.md).
 
+#### APM [stack-components-apm]
 
-$$$stack-components-apm$$$
+Elastic APM is an application performance monitoring system built on the {{stack}}. It allows you to monitor software services and applications in real-time, by collecting detailed performance information on response time for incoming requests, database queries, calls to caches, external HTTP requests, and more. This makes it easy to pinpoint and fix performance problems quickly. [Learn more about APM](/solutions/observability/apps/application-performance-monitoring-apm.md).
 
-APM
-:   Elastic APM is an application performance monitoring system built on the {{stack}}. It allows you to monitor software services and applications in real-time, by collecting detailed performance information on response time for incoming requests, database queries, calls to caches, external HTTP requests, and more. This makes it easy to pinpoint and fix performance problems quickly. [Learn more about APM](/solutions/observability/apps/application-performance-monitoring-apm.md).
+#### {{beats}} [stack-components-beats]
 
-$$$stack-components-beats$$$
+{{beats}} are data shippers that you install as agents on your servers to send operational data to {{es}}. {{beats}} are available for many standard observability data scenarios, including audit data, log files and journals, cloud data, availability, metrics, network traffic, and Windows event logs. [Learn more about {{beats}}](beats://reference/index.md).
 
-{{beats}}
-:   {{beats}} are data shippers that you install as agents on your servers to send operational data to {{es}}. {{beats}} are available for many standard observability data scenarios, including audit data, log files and journals, cloud data, availability, metrics, network traffic, and Windows event logs. [Learn more about {{beats}}](beats://reference/index.md).
+#### {{es}} ingest pipelines [stack-components-ingest-pipelines]
 
-$$$stack-components-ingest-pipelines$$$
+Ingest pipelines let you perform common transformations on your data before indexing them into {{es}}. You can configure one or more "processor" tasks to run sequentially, making specific changes to your documents before storing them in {{es}}. [Learn more about ingest pipelines](/manage-data/ingest/transform-enrich/ingest-pipelines.md).
 
-{{es}} ingest pipelines
-:   Ingest pipelines let you perform common transformations on your data before indexing them into {{es}}. You can configure one or more "processor" tasks to run sequentially, making specific changes to your documents before storing them in {{es}}. [Learn more about ingest pipelines](/manage-data/ingest/transform-enrich/ingest-pipelines.md).
+#### {{ls}} [stack-components-logstash]
 
-$$$stack-components-logstash$$$
-
-{{ls}}
-:   {{ls}} is a data collection engine with real-time pipelining capabilities. It can dynamically unify data from disparate sources and normalize the data into destinations of your choice. {{ls}} supports a broad array of input, filter, and output plugins, with many native codecs further simplifying the ingestion process. [Learn more about {{ls}}](logstash://reference/index.md).
+{{ls}} is a data collection engine with real-time pipelining capabilities. It can dynamically unify data from disparate sources and normalize the data into destinations of your choice. {{ls}} supports a broad array of input, filter, and output plugins, with many native codecs further simplifying the ingestion process. [Learn more about {{ls}}](logstash://reference/index.md).
 
 
 ### Store [_store]
 
-$$$stack-components-elasticsearch$$$
+#### {{es}} [stack-components-elasticsearch]
 
-{{es}}
-:   {{es}} is the distributed search and analytics engine at the heart of the {{stack}}. It provides near real-time search and analytics for all types of data. Whether you have structured or unstructured text, numerical data, or geospatial data, {{es}} can efficiently store and index it in a way that supports fast searches. {{es}} provides a REST API that enables you to store data in {{es}} and retrieve it. The REST API also provides access to {{es}}'s search and analytics capabilities. [Learn more about {{es}}](/get-started/index.md).
+{{es}} is the distributed search and analytics engine at the heart of the {{stack}}. It provides near real-time search and analytics for all types of data. Whether you have structured or unstructured text, numerical data, or geospatial data, {{es}} can efficiently store and index it in a way that supports fast searches. {{es}} provides a REST API that enables you to store data in {{es}} and retrieve it. The REST API also provides access to {{es}}'s search and analytics capabilities. [Learn more about {{es}}](/get-started/index.md).
 
 
 ### Consume [_consume]
 
 Use {{kib}} to query and visualize the data that’s stored in {{es}}. Or, use the {{es}} clients to access data in {{es}} directly from common programming languages.
 
-$$$stack-components-kibana$$$
+#### {{kib}} [stack-components-kibana]
 
-{{kib}}
-:   {{kib}} is the tool to harness your {{es}} data and to manage the {{stack}}. Use it to analyze and visualize the data that’s stored in {{es}}. {{kib}} is also the home for the Search, Observability and Security solutions. [Learn more about {{kib}}](/explore-analyze/index.md).
+{{kib}} is the tool to harness your {{es}} data and to manage the {{stack}}. Use it to analyze and visualize the data that’s stored in {{es}}. {{kib}} is also the home for the Search, Observability and Security solutions. [Learn more about {{kib}}](/explore-analyze/index.md).
 
-$$$stack-components-elasticsearch-clients$$$
+#### {{es}} clients [stack-components-elasticsearch-clients]
 
-{{es}} clients
-:   The clients provide a convenient mechanism to manage API requests and responses to and from {{es}} from popular languages such as Java, Ruby, Go, Python, and others. Both official and community contributed clients are available. [Learn more about the {{es}} clients](https://www.elastic.co/guide/en/elasticsearch/client/index.html).
+The clients provide a convenient mechanism to manage API requests and responses to and from {{es}} from popular languages such as Java, Ruby, Go, Python, and others. Both official and community contributed clients are available. [Learn more about the {{es}} clients](https://www.elastic.co/guide/en/elasticsearch/client/index.html).
 
 ## Version compatibility
 ```{applies_to}
diff --git a/manage-data/index.md b/manage-data/index.md
@@ -6,7 +6,7 @@ applies_to:
 
 # Manage data
 
-Whether you're looking to build a fast and relevant search solution, monitor business-critical applications and infrastructure, monitor endpoint security data, or one of the [many other use cases Elastic supports](/get-started/introduction.md#use-cases), you'll need to understand how to ingest and manage data stored in {{es}}.
+Whether you're looking to build a fast and relevant search solution, monitor business-critical applications and infrastructure, monitor endpoint security data, or one of the [many other use cases Elastic supports](/get-started/introduction.md), you'll need to understand how to ingest and manage data stored in {{es}}.
 
 ## Learn how data is stored
 
