Elasticsearch cheat sheet
Search
GET <index>/_search
{
...
}Count
GET <index>/_count
{
...
}AND query
{
"query": {
"bool": {
"must": [
{"term": {<term_name>: <term_value>}},
{"term": {<another_term>: <term_value>}},
]
}
}
}OR query
{
"query": {
"bool": {
"should": [
{"term": {<term_name>: <term_value>}},
{"term": {<another_term>: <term_value>}},
]
}
}
}Query with date range
{
"query": {
"bool": {
"must": [
{"term": {<term_name>: <term_value>}},
{"term": {<another_term>: <term_value>}},
{
"range": {
<date_field>: {
"gte": "2024-01-01T00:11:22.333333+00:00",
"lte": "2024-11-11T11:11:11.444444+00:00"
}
}
}
]
}
}
}Sort by a date containing field
{
"sort": [
{
<date_field>: {
"order": "desc"|"asc"
}
}
]
}Query with regex
{
"query": {
"regexp": {
<term_name>: {"value": "petar.[a-z]+@[a-z]*.com"}
}
}
}Point In Time
This generally creates a snapshot of the current data set, so data will be consistent during pagination, thus ensuring changing the data won’t affect the query.
Get PiT
POST <index>*/_pit?keep_alive=<interval>mThis will return an object, containing PiT ID
Initial PiT query
GET _search
{
"size": {size},
"query": {...},
"sort": {...},
"pit": {
"id" : {pit_id},
"keep_alive": "{interval}m"
}
}The keep alive setting determines for how much to prolong the lifespan of the PiT after this query
The last document of the query will contain a property like this:
"sort" : [
"2024-12-12T11:11:11.111Z",
12345678901
]This will be used in subsequent queries:
Subsequent queries
the last “sort” element will be added as “search_after” to any subsequent queries.
GET _search
{
"size": 1000,
"query": {...},
"sort": {...},
"pit": {
"id" : <pit_id>,
"keep_alive": "<interval>m"
},
"search_after" : [
"2024-12-12T11:11:11.111Z",
12345678901
]
}Delete Everything in Index
This is how you delete all document inside an index without deleting the index itself:
POST <index>/_delete_by_query
{
"query": {
"match_all": {}
}
}…to be continued
Similar blog posts
Odroid Sensors
Not long ago I bought an Odroid ARM based mini PC, and among many issues, turned out that the system uses some rather strange scheme for controlling the fan speed....
“Kubernetes network isn’t reliable”
Recently, while trying to figure out an extrelemly annoying problem I was having with Kubernetes – I stumbled upon this marvel of a github issue. So if you ever need...
List VirtualBox VM’s shared folders
In my current job we work heavilly with kubernetes clusters, working on a minikube master. As part of out internal toolkit for managing these, I needed to get a full...