yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
93d856d5c56dc6a5b27380fe001d75f16fabcfb6
doc-exports/docs/css/umn/css_01_0007.html
zhengxiu 93d856d5c5 css umn 25.6.0 version 
Reviewed-by: Pruthi, Vineet <vineet.pruthi@t-systems.com>
Co-authored-by: zhengxiu <zhengxiu@huawei.com>
Co-committed-by: zhengxiu <zhengxiu@huawei.com>
2025-11-25 11:34:43 +00:00

80 lines
7.3 KiB
HTML
Raw Blame History

<a name="EN-US_TOPIC_0000001945472646"></a><a name="EN-US_TOPIC_0000001945472646"></a>
<h1 class="topictitle1">Using DSL to Search for Data in Elasticsearch</h1>
<div id="body0000001945472646"><p id="EN-US_TOPIC_0000001945472646__p17394111161812">DSL is the specified query language for Elasticsearch. It is the best language for interaction between Elasticsearch clusters and clients. Elasticsearch DSL is a JSON-based language. Other languages, such as SQL, are translated into Elasticsearch DSL before they can be used for interacting with Elasticsearch clusters.</p>
<p id="EN-US_TOPIC_0000001945472646__p196561415590">This topic lists some of the most commonly used Elasticsearch DSL query statements. For more, see <a href="https://www.elastic.co/guide/en/elasticsearch/reference/7.10/query-dsl.html" target="_blank" rel="noopener noreferrer">Query DSL</a>.</p>
<div class="section" id="EN-US_TOPIC_0000001945472646__section383919455212"><h4 class="sectiontitle">DSL Usage Example</h4><p id="EN-US_TOPIC_0000001945472646__p1059184122211">Compile the request content in JSON format on the Dev Tools page of Kibana and execute the search request.</p>
<p id="EN-US_TOPIC_0000001945472646__p1663415301464">For example, run the following command to retrieve all documents in the <strong id="EN-US_TOPIC_0000001945472646__b241613581863">test</strong> index:</p>
<div class="codecoloring" codetype="Json" id="EN-US_TOPIC_0000001945472646__en-us_topic_0000001268594557_screen158809477411"><div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal">1</span>
<span class="normal">2</span>
<span class="normal">3</span>
<span class="normal">4</span>
<span class="normal">5</span>
<span class="normal">6</span></pre></div></td><td class="code"><div><pre><span></span><span class="err">GET</span><span class="w"> </span><span class="err">/</span><span class="kc">test</span><span class="err">/_search</span>
<span class="p">{</span>
<span class="w"> </span><span class="nt">&quot;query&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nt">&quot;match_all&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{}</span>
<span class="w"> </span><span class="p">}</span>
<span class="p">}</span>
</pre></div></td></tr></table></div>
</div>
<p id="EN-US_TOPIC_0000001945472646__p1678182553119">The search result is also in JSON format.</p>
</div>
<div class="section" id="EN-US_TOPIC_0000001945472646__section4944125615312"><h4 class="sectiontitle">Common DSL Query Statements</h4><ul id="EN-US_TOPIC_0000001945472646__ul186240196385"><li id="EN-US_TOPIC_0000001945472646__li946616485469">Sets the query filters, which is equivalent to <strong id="EN-US_TOPIC_0000001945472646__b12501514493">where</strong> in the SQL language.<p id="EN-US_TOPIC_0000001945472646__p1152724914464">In the command below, there is no index filter in front of <span class="parmvalue" id="EN-US_TOPIC_0000001945472646__parmvalue6305154474618"><b>_search</b></span>, so all indexes are queried. A bool query allows you to combine multiple search queries with boolean conditions. <strong id="EN-US_TOPIC_0000001945472646__b140175018129">filter</strong> forcibly filters documents whose <span class="parmname" id="EN-US_TOPIC_0000001945472646__parmname1430574474617"><b>status</b></span> field is <span class="parmvalue" id="EN-US_TOPIC_0000001945472646__parmvalue830594412464"><b>published</b></span> and <span class="parmname" id="EN-US_TOPIC_0000001945472646__parmname43050446465"><b>publish_date</b></span> is later than <span class="parmvalue" id="EN-US_TOPIC_0000001945472646__parmvalue630510447466"><b>2015-01-01</b></span>. <strong id="EN-US_TOPIC_0000001945472646__b1356974913149">must</strong> specifies that both <span class="parmname" id="EN-US_TOPIC_0000001945472646__parmname1930534412469"><b>title</b></span> and <span class="parmname" id="EN-US_TOPIC_0000001945472646__parmname17306744104611"><b>content</b></span> must include <span class="parmvalue" id="EN-US_TOPIC_0000001945472646__parmvalue2306194410468"><b>Search</b></span>.</p>
<div class="note" id="EN-US_TOPIC_0000001945472646__note196387513488"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="EN-US_TOPIC_0000001945472646__p107541385475">The difference between <strong id="EN-US_TOPIC_0000001945472646__b859423171615">must</strong> and <strong id="EN-US_TOPIC_0000001945472646__b26001369161">filter</strong> is that <strong id="EN-US_TOPIC_0000001945472646__b01054175163">filter</strong> is equivalent to <strong id="EN-US_TOPIC_0000001945472646__b4121203013164">where</strong> in SQL but its results are not used for scoring. The <strong id="EN-US_TOPIC_0000001945472646__b17395121471810">must</strong> field is also a mandatory filter criteria, but the matching documents are scored based on relevance. The most relevant documents are displayed at the top.</p>
</div></div>
<pre class="screen" id="EN-US_TOPIC_0000001945472646__screen12896143643812">GET /_search
{
"query": {
"bool": {
"must": [
{
"match": {
"title": "Search"
}
},
{
"match": {
"content": "search"
}
}
],
"filter": [
{
"term": {
"status": "published"
}
},
{
"range": {
"publish_date": {
"gte": "2015-01-01"
}
}
}
]
}
}
}</pre>
</li><li id="EN-US_TOPIC_0000001945472646__li169821932163813"><strong id="EN-US_TOPIC_0000001945472646__b2820579225">Aggregations</strong> are similar to <strong id="EN-US_TOPIC_0000001945472646__b176144422220">Group by</strong> in SQL.<p id="EN-US_TOPIC_0000001945472646__p1318110279496">An aggregation summarizes your data as metrics, statistics, or other analytics. In the example below, the results are aggregated based on the title field in the <strong id="EN-US_TOPIC_0000001945472646__b08541525102416">test</strong> index. If <strong id="EN-US_TOPIC_0000001945472646__b3520942162416">title</strong> is of the text (including keyword) type, use <span class="parmvalue" id="EN-US_TOPIC_0000001945472646__parmvalue9835747105018"><b>title.keyword</b></span> for aggregation. By default, a cluster cannot directly aggregate data of the text type. <strong id="EN-US_TOPIC_0000001945472646__b814692272516">titles</strong> is only an example name of the aggregation. You can name the aggregation <strong id="EN-US_TOPIC_0000001945472646__b8330101772618">titleaggs</strong> instead.</p>
<pre class="screen" id="EN-US_TOPIC_0000001945472646__screen437744944813">GET /test/_search
{
"aggs": {
"titles": {
"terms": {
"field": "title.keyword"
}
}
}
}</pre>
<p id="EN-US_TOPIC_0000001945472646__p51815276497">The example above for query aggregation includes all documents in the <strong id="EN-US_TOPIC_0000001945472646__b9137259152610">test</strong> index. That is, <strong id="EN-US_TOPIC_0000001945472646__b162584202276">match_all</strong> is used. You can set search criteria to narrow the scope of the aggregation to specific documents.</p>
</li></ul>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="css_01_0006.html">Searching Data in an Elasticsearch Cluster</a></div>
</div>
</div>
View Git Blame Copy Permalink