stackoom
  简体   繁体   中英

Elastic query to search a term and with in a date range

 原文  2019-01-11 09:50:50       elasticsearch

Question

GET _search
{
  "query": {
    "bool":{
      "filter":{
        "and":[
        {
          "term":{
            "Server": "XYZ"
          },
          "range": {
            "DateTime":{
              "from": "2018-12-13T00:20:48.782Z",
              "to":"2018-12-14T00:20:48.782Z"
            }
          }
        }
      ]
    }}
  }
}

Above is my elastic query to fetch all records belongs to XYZ Server and within the time range, I have Server and DateTime columns in my dataset but throws below error:

{ "error": { "root_cause": [ { "type": "parsing_exception", "reason": "[term] malformed query, expected [END_OBJECT] but found [FIELD_NAME]", "line": 9, "col": 11 } ], "type": "parsing_exception", "reason": "[term] malformed query, expected [END_OBJECT] but found [FIELD_NAME]", "line": 9, "col": 11 }, "status": 400 }

What am i missing here!

3 answers

solution1
 1  2019-01-11 10:40:45

Your query is malformed use the following query instead:

GET _search
{
 "query": {
   "bool": {
     "filter": [ 
      {
        "term": { 
          "Server": "XYZ"
        }
      },
      { 
        "range": {
          "DateTime":{
            "from": "2018-12-13T00:20:48.782Z",
            "to": "2018-12-14T00:20:48.782Z"
          }
        }
      }
    ]
  }
 }
}

solution2
 0  2019-01-11 12:10:31

You can't have and in your filter clause. There is no and clause in ES query. Basically, you need to combine filter on term and range clause. Please read combine filters in ES for more information on this.

As your query is using an invalid clause, ES isn't able to parse your query.

Please use the proper query and you should be able to get the results from ES.

Please try below query, which should work fine and let me know if it doesn't work.

{
  "query": {
    "constant_score": {
      "filter": {
        "bool": {
          "must": [
            {
              "term": {
                "Server": "XYZ"
              }
            },
            {
              "bool": {
                "must": [
                  {
                    "range": {
                      "DateTime": {
                        "from": "2018-12-13T00:20:48.782Z",
                        "to": "2018-12-14T00:20:48.782Z"
                      }
                    }
                  }
                ]
              }
            }
          ]
        }
      }
    }
  }
}

solution3
 0  2019-01-11 12:37:56

The error message is clearly saying that the query is not correct.

You can check the official docs for range query and for bool query to se that there is no filter inside bool queries and there is not from, to in range queries.

Please check this query.

GET _search
{
 "query": {
   "bool": {
     "must": [ 
      {
        "term": { 
          "Server": "XYZ"
        }
      },
      { 
        "range": {
          "DateTime":{
            "gt": "2018-12-13T00:20:48.782Z",
            "lte": "2018-12-14T00:20:48.782Z"
          }
        }
      }
    ]
  }
 }
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Elastic search query on two values - term and range? Elastic Search Date Range Query Search by Date range in Elastic search malformed query Elastic Search Interval in Date Range Query Elastic search query on indices with some date range Aggregation, Date range query in Elassandra/Elastic Search Elastic Search PHP Client Date Range Query Elastic Search Date Range Elastic search range query Elastic Search combination of Range and Term filters
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM