Elasticsearch Tutorial
Selected Reading
- Elasticsearch - Discussion
- Elasticsearch - Useful Resources
- Elasticsearch - Quick Guide
- Elasticsearch - Logs UI
- Elasticsearch - Canvas
- Elasticsearch - Heat Maps
- Elasticsearch - Tag Clouds
- Elasticsearch - Time Series
- Elasticsearch - Area and Bar Charts
- Elasticsearch - Pie Charts
- Elasticsearch - Region Maps
- Elasticsearch - Data Tables
- Elasticsearch - Filtering by Field
- Elasticsearch - Kibana Dashboard
- Elasticsearch - Testing
- Elasticsearch - Frozen Indices
- Elasticsearch - Rollup Data
- Elasticsearch - Monitoring
- Elasticsearch - SQL Access
- Elasticsearch - Managing Index Lifecycle
- Elasticsearch - Ingest Node
- Elasticsearch - Index Modules
- Elasticsearch - Modules
- Elasticsearch - Analysis
- Elasticsearch - Mapping
- Elasticsearch - Query DSL
- Elasticsearch - Cluster APIs
- Elasticsearch - CAT APIs
- Elasticsearch - Index APIs
- Elasticsearch - Aggregations
- Elasticsearch - Search APIs
- Elasticsearch - Document APIs
- Elasticsearch - API Conventions
- Migration between Versions
- Elasticsearch - Populate
- Elasticsearch - Installation
- Elasticsearch - Basic Concepts
- Elasticsearch - Home
Selected Reading
- Who is Who
- Computer Glossary
- HR Interview Questions
- Effective Resume Writing
- Questions and Answers
- UPSC IAS Exams Notes
Elasticsearch - Query DSL
Elasticsearch - Query DSL
In Elasticsearch, searching is carried out by using query based on JSON. A query is made up of two clauses −
Leaf Query Clauses − These clauses are match, term or range, which look for a specific value in specific field.
Compound Query Clauses − These queries are a combination of leaf query clauses and other compound queries to extract the desired information.
Elasticsearch supports a large number of queries. A query starts with a query key word and then has conditions and filters inside in the form of JSON object. The different types of queries have been described below.
Match All Query
This is the most basic query; it returns all the content and with the score of 1.0 for every object.
POST /schools/_search
{
"query":{
"match_all":{}
}
}
On running the above code, we get the following result −
{
"took" : 7,
"timed_out" : false,
"_shards" : {
"total" : 1,
"successful" : 1,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : {
"value" : 2,
"relation" : "eq"
},
"max_score" : 1.0,
"hits" : [
{
"_index" : "schools",
"_type" : "school",
"_id" : "5",
"_score" : 1.0,
"_source" : {
"name" : "Central School",
"description" : "CBSE Affipation",
"street" : "Nagan",
"city" : "paprola",
"state" : "HP",
"zip" : "176115",
"location" : [
31.8955385,
76.8380405
],
"fees" : 2200,
"tags" : [
"Senior Secondary",
"beautiful campus"
],
"rating" : "3.3"
}
},
{
"_index" : "schools",
"_type" : "school",
"_id" : "4",
"_score" : 1.0,
"_source" : {
"name" : "City Best School",
"description" : "ICSE",
"street" : "West End",
"city" : "Meerut",
"state" : "UP",
"zip" : "250002",
"location" : [
28.9926174,
77.692485
],
"fees" : 3500,
"tags" : [
"fully computerized"
],
"rating" : "4.5"
}
}
]
}
}
Full Text Queries
These queries are used to search a full body of text pke a chapter or a news article. This query works according to the analyser associated with that particular index or document. In this section, we will discuss the different types of full text queries.
Match query
This query matches a text or phrase with the values of one or more fields.
POST /schools*/_search
{
"query":{
"match" : {
"rating":"4.5"
}
}
}
On running the above code, we get the response as shown below −
{
"took" : 44,
"timed_out" : false,
"_shards" : {
"total" : 1,
"successful" : 1,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : {
"value" : 1,
"relation" : "eq"
},
"max_score" : 0.47000363,
"hits" : [
{
"_index" : "schools",
"_type" : "school",
"_id" : "4",
"_score" : 0.47000363,
"_source" : {
"name" : "City Best School",
"description" : "ICSE",
"street" : "West End",
"city" : "Meerut",
"state" : "UP",
"zip" : "250002",
"location" : [
28.9926174,
77.692485
],
"fees" : 3500,
"tags" : [
"fully computerized"
],
"rating" : "4.5"
}
}
]
}
}
Multi Match Query
This query matches a text or phrase with more than one field.
POST /schools*/_search
{
"query":{
"multi_match" : {
"query": "paprola",
"fields": [ "city", "state" ]
}
}
}
On running the above code, we get the response as shown below −
{
"took" : 12,
"timed_out" : false,
"_shards" : {
"total" : 1,
"successful" : 1,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : {
"value" : 1,
"relation" : "eq"
},
"max_score" : 0.9808292,
"hits" : [
{
"_index" : "schools",
"_type" : "school",
"_id" : "5",
"_score" : 0.9808292,
"_source" : {
"name" : "Central School",
"description" : "CBSE Affipation",
"street" : "Nagan",
"city" : "paprola",
"state" : "HP",
"zip" : "176115",
"location" : [
31.8955385,
76.8380405
],
"fees" : 2200,
"tags" : [
"Senior Secondary",
"beautiful campus"
],
"rating" : "3.3"
}
}
]
}
}
Query String Query
This query uses query parser and query_string keyword.
POST /schools*/_search
{
"query":{
"query_string":{
"query":"beautiful"
}
}
}
On running the above code, we get the response as shown below −
{
"took" : 60,
"timed_out" : false,
"_shards" : {
"total" : 1,
"successful" : 1,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : {
"value" : 1,
"relation" : "eq"
},
………………………………….
Term Level Queries
These queries mainly deal with structured data pke numbers, dates and enums.
POST /schools*/_search
{
"query":{
"term":{"zip":"176115"}
}
}
On running the above code, we get the response as shown below −
……………………………..
hits" : [
{
"_index" : "schools",
"_type" : "school",
"_id" : "5",
"_score" : 0.9808292,
"_source" : {
"name" : "Central School",
"description" : "CBSE Affipation",
"street" : "Nagan",
"city" : "paprola",
"state" : "HP",
"zip" : "176115",
"location" : [
31.8955385,
76.8380405
],
}
}
]
…………………………………………..
Range Query
This query is used to find the objects having values between the ranges of values given. For this, we need to use operators such as −
gte − greater than equal to
gt − greater-than
lte − less-than equal to
lt − less-than
For example, observe the code given below −
POST /schools*/_search
{
"query":{
"range":{
"rating":{
"gte":3.5
}
}
}
}
On running the above code, we get the response as shown below −
{
"took" : 24,
"timed_out" : false,
"_shards" : {
"total" : 1,
"successful" : 1,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : {
"value" : 1,
"relation" : "eq"
},
"max_score" : 1.0,
"hits" : [
{
"_index" : "schools",
"_type" : "school",
"_id" : "4",
"_score" : 1.0,
"_source" : {
"name" : "City Best School",
"description" : "ICSE",
"street" : "West End",
"city" : "Meerut",
"state" : "UP",
"zip" : "250002",
"location" : [
28.9926174,
77.692485
],
"fees" : 3500,
"tags" : [
"fully computerized"
],
"rating" : "4.5"
}
}
]
}
}
There exist other types of term level queries also such as −
Exists query − If a certain field has non null value.
Missing query − This is completely opposite to exists query, this query searches for objects without specific fields or fields having null value.
Wildcard or regexp query − This query uses regular expressions to find patterns in the objects.
Compound Queries
These queries are a collection of different queries merged with each other by using Boolean operators pke and, or, not or for different indices or having function calls etc.
POST /schools/_search
{
"query": {
"bool" : {
"must" : {
"term" : { "state" : "UP" }
},
"filter": {
"term" : { "fees" : "2200" }
},
"minimum_should_match" : 1,
"boost" : 1.0
}
}
}
On running the above code, we get the response as shown below −
{
"took" : 6,
"timed_out" : false,
"_shards" : {
"total" : 1,
"successful" : 1,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : {
"value" : 0,
"relation" : "eq"
},
"max_score" : null,
"hits" : [ ]
}
}
Geo Queries
These queries deal with geo locations and geo points. These queries help to find out schools or any other geographical object near to any location. You need to use geo point data type.
PUT /geo_example
{
"mappings": {
"properties": {
"location": {
"type": "geo_shape"
}
}
}
}
On running the above code, we get the response as shown below −
{ "acknowledged" : true,
"shards_acknowledged" : true,
"index" : "geo_example"
}
Now we post the data in the index created above.
POST /geo_example/_doc?refresh
{
"name": "Chapter One, London, UK",
"location": {
"type": "point",
"coordinates": [11.660544, 57.800286]
}
}
On running the above code, we get the response as shown below −
{
"took" : 1,
"timed_out" : false,
"_shards" : {
"total" : 1,
"successful" : 1,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : {
"value" : 2,
"relation" : "eq"
},
"max_score" : 1.0,
"hits" : [
"_index" : "geo_example",
"_type" : "_doc",
"_id" : "hASWZ2oBbkdGzVfiXHKD",
"_score" : 1.0,
"_source" : {
"name" : "Chapter One, London, UK",
"location" : {
"type" : "point",
"coordinates" : [
11.660544,
57.800286
]
}
}
}
}
Advertisements