如何将curl转换为elasticsearch-py查询格式?

时间:2017-08-10 09:34:16

标签: python elasticsearch elasticsearch-py

如何编写elasticsearch-py查询来查询下面的相同数据?

--data-binary '{"query": {"filtered": {"query": {"bool": {"should":[ {"query_string": {"query":"request.action.raw:\"aaa\" AND (loglevel:INFO)"}}, {"query_string": {"query":"request.action.raw:\"bbb\" AND (loglevel:INFO)"}}, {"query_string": {"query":"request.action.raw:\"ccc\" AND (loglevel:INFO)"}}, } }, "filter": {"bool": {"must":[ {"range": {"@timestamp": {"from":111,"to":222}}}, {"fquery": {"query": {"query_string": {"query":"file:(\"ddd")"}}, "_cache":true}}]}}}}}

1 个答案:

答案 0 :(得分:0)

如果您的查询在curl中工作,则以下内容适用于同一查询。 

from elasticsearch import Elasticsearch
ELASTICSEARCH_ENDPOINT = "url_to_your_elasticsearch_node"
es = Elasticsearch([ELASTICSEARCH_ENDPOINT])


request= '{"query": {"filtered": {"query": {"bool": {"should":[ {"query_string": {"query":"request.action.raw:\"aaa\" AND (loglevel:INFO)"}}, {"query_string": {"query":"request.action.raw:\"bbb\" AND (loglevel:INFO)"}}, {"query_string": {"query":"request.action.raw:\"ccc\" AND (loglevel:INFO)"}}, } }, "filter": {"bool": {"must":[ {"range": {"@timestamp": {"from":111,"to":222}}}, {"fquery": {"query": {"query_string": {"query":"file:(\"ddd")"}}, "_cache":true}}]}}}}}' 
results = es.search(index="index_name", doc_type="doctype_name", body=request)

请注意,除了请求之外,您还需要在脚本中配置以下参数:

  • ELASTICSEARCH_ENDPOINT :您的elasticsearch节点或群集的网址
  • index_name :索引名称。
  • doc_type :doctype名称。
相关问题
最新问题