如何将curl转换为elasticsearch-py查询格式? [英] How to turn a curl into elasticsearch-py query format?

查看:60
本文介绍了如何将curl转换为elasticsearch-py查询格式?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

如何编写elasticsearch-py查询以查询与以下相同的数据?

How to write elasticsearch-py query to query the same data as below?

--data-binary '{"query": {"filtered": {"query": {"bool": {"should":[ {"query_string": {"query":"request.action.raw:\"aaa\" AND (loglevel:INFO)"}}, {"query_string": {"query":"request.action.raw:\"bbb\" AND (loglevel:INFO)"}}, {"query_string": {"query":"request.action.raw:\"ccc\" AND (loglevel:INFO)"}}, } }, "filter": {"bool": {"must":[ {"range": {"@timestamp": {"from":111,"to":222}}}, {"fquery": {"query": {"query_string": {"query":"file:(\"ddd")"}}, "_cache":true}}]}}}}}

推荐答案

如果您的查询在curl中工作,则以下内容适用于同一查询.

If your query is working in curl, the following works with the same query. 

from elasticsearch import Elasticsearch
ELASTICSEARCH_ENDPOINT = "url_to_your_elasticsearch_node"
es = Elasticsearch([ELASTICSEARCH_ENDPOINT])


request= '{"query": {"filtered": {"query": {"bool": {"should":[ {"query_string": {"query":"request.action.raw:\"aaa\" AND (loglevel:INFO)"}}, {"query_string": {"query":"request.action.raw:\"bbb\" AND (loglevel:INFO)"}}, {"query_string": {"query":"request.action.raw:\"ccc\" AND (loglevel:INFO)"}}, } }, "filter": {"bool": {"must":[ {"range": {"@timestamp": {"from":111,"to":222}}}, {"fquery": {"query": {"query_string": {"query":"file:(\"ddd")"}}, "_cache":true}}]}}}}}' 
results = es.search(index="index_name", doc_type="doctype_name", body=request)

请注意,除了请求外,您还需要在脚本中配置以下参数:

Notice that, besides the request, you need to configure the following parameters in the script:

  • ELASTICSEARCH_ENDPOINT :您的Elasticsearch节点或集群的URL
  • 索引名称:索引名称.
  • doc_type :文档类型名称.
  • ELASTICSEARCH_ENDPOINT : URL of your elasticsearch node or cluster
  • index_name: the index name.
  • doc_type: the doctype name.

这篇关于如何将curl转换为elasticsearch-py查询格式?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
Python最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆