Elasticsearch JSON Querying: Reference and Examples

Last updated:

WIP Alert This is a work in progress. Current information is correct but more content may be added in the future.

Queries with filters

Say you want to return all documents whose startDate attribute are between two given dates:

{
  "query": {
    "query_string": {
      "query": "*"
    }
  },
  "filter": {
    "range": {
      "startDate": {
        "gte": "2014-09-22T00:56:00",
        "lte": "2014-09-22T01:56:26"
      }
    }
  }
}

Queries with aggregations

Aggregations are a relatively new functionality provided by ES. They allow you to group stuff together (much like you would with GROUP BY in SQL).

For example, if you have many documents of different types, you would need to do the following to know how many documents of each type there are:

POST path.to.cluster/index/
{
  "query": {
    "query_string": {
      "query": "*"
    }
  },
  "aggs": {
    "types_agg": {
      "terms": {
        "field": "type"
      }
    }
  },
  "size": 0
}

Delete by query

Delete by query has been removed on version 2.x

It's available again in version 5.1 but the syntax is not the same anymore.

DELETE path.to.cluster/myIndexName/myTypeName/_query' -d '{
    "query" : {
        "term" : { "user" : "kimchy" }
    }
}

Resources

Dialogue & Discussion