In this talk we will take a deep dive into the Elasticsearch DSL using python and how you can use it to go beyond the simple searches you may have been using in Kibana. We will demonstrate how Elasticsearch can be used to speed up and automate your DFIR investigations by grouping multiple queries of artifacts into a "signature of forensics" format to answer common investigator questions. In addition, this talk will explore the full power of elasticsearch's searching and aggregation capabilities that can be utilized with indexed artifacts as well as the visualization functionality of Kibana. Use cases and code samples from real world investigations will be presented showing how you tap into this functionality already built into your ELK stack!