Elasticsearch Start searching

Red丶哞2025-03-25 11:04

Once you have ingested some data into an Elasticsearch index, you can search it by sending requests to the _search endpoint. To access the full suite of search capabilities, you use the Elasticsearch Query DSL to specify the search criteria in the request body. You specify the name of the index you want to search in the request URI.

For example, the following request retrieves all documents in the bank index sorted by account number:

复制代码 
GET /bank/_search
{
  "query": { "match_all": {} },
  "sort": [
    { "account_number": "asc" }
  ]
}

By default, the hits section of the response includes the first 10 documents that match the search criteria:

复制代码 
{
  "took" : 63,
  "timed_out" : false,
  "_shards" : {
    "total" : 5,
    "successful" : 5,
    "skipped" : 0,
    "failed" : 0
  },
  "hits" : {
    "total" : {
        "value": 1000,
        "relation": "eq"
    },
    "max_score" : null,
    "hits" : [ {
      "_index" : "bank",
      "_type" : "_doc",
      "_id" : "0",
      "sort": [0],
      "_score" : null,
      "_source" : {"account_number":0,"balance":16623,"firstname":"Bradshaw","lastname":"Mckenzie","age":29,"gender":"F","address":"244 Columbus Place","employer":"Euron","email":"bradshawmckenzie@euron.com","city":"Hobucken","state":"CO"}
    }, {
      "_index" : "bank",
      "_type" : "_doc",
      "_id" : "1",
      "sort": [1],
      "_score" : null,
      "_source" : {"account_number":1,"balance":39225,"firstname":"Amber","lastname":"Duke","age":32,"gender":"M","address":"880 Holmes Lane","employer":"Pyrami","email":"amberduke@pyrami.com","city":"Brogan","state":"IL"}
    }, ...
    ]
  }
}

The response also provides the following information about the search request:

  • took -- how long it took Elasticsearch to run the query, in milliseconds
  • timed_out -- whether or not the search request timed out
  • _shards -- how many shards were searched and a breakdown of how many shards succeeded, failed, or were skipped.
  • max_score -- the score of the most relevant document found
  • hits.total.value - how many matching documents were found
  • hits.sort - the document's sort position (when not sorting by relevance score)
  • hits._score - the document's relevance score (not applicable when using match_all)

Each search request is self-contained: Elasticsearch does not maintain any state information across requests. To page through the search hits, specify the from and size parameters in your request.

For example, the following request gets hits 10 through 19:

复制代码 
GET /bank/_search
{
  "query": { "match_all": {} },
  "sort": [
    { "account_number": "asc" }
  ],
  "from": 10,
  "size": 10
}

Now that you've seen how to submit a basic search request, you can start to construct queries that are a bit more interesting than match_all.

To search for specific terms within a field, you can use a match query. For example, the following request searches the address field to find customers whose addresses contain mill or lane:

复制代码 
GET /bank/_search
{
  "query": { "match": { "address": "mill lane" } }
}

To perform a phrase search rather than matching individual terms, you use match_phrase instead of match. For example, the following request only matches addresses that contain the phrase mill lane:

复制代码 
GET /bank/_search
{
  "query": { "match_phrase": { "address": "mill lane" } }
}

To construct more complex queries, you can use a bool query to combine multiple query criteria. You can designate criteria as required (must match), desirable (should match), or undesirable (must not match).

For example, the following request searches the bank index for accounts that belong to customers who are 40 years old, but excludes anyone who lives in Idaho (ID):

复制代码 
GET /bank/_search
{
  "query": {
    "bool": {
      "must": [
        { "match": { "age": "40" } }
      ],
      "must_not": [
        { "match": { "state": "ID" } }
      ]
    }
  }
}

Each must, should, and must_not element in a Boolean query is referred to as a query clause. How well a document meets the criteria in each must or should clause contributes to the document's relevance score. The higher the score, the better the document matches your search criteria. By default, Elasticsearch returns documents ranked by these relevance scores.

The criteria in a must_not clause is treated as a filter. It affects whether or not the document is included in the results, but does not contribute to how documents are scored. You can also explicitly specify arbitrary filters to include or exclude documents based on structured data.

For example, the following request uses a range filter to limit the results to accounts with a balance between 20,000 and 30,000 (inclusive).

复制代码 
GET /bank/_search
{
  "query": {
    "bool": {
      "must": { "match_all": {} },
      "filter": {
        "range": {
          "balance": {
            "gte": 20000,
            "lte": 30000
          }
        }
      }
    }
  }
}
相关推荐
老蒋新思维24 分钟前
创客匠人视角:智能体重构创始人 IP,知识变现从 “内容售卖” 到 “能力复制” 的革命
大数据·网络·人工智能·tcp/ip·创始人ip·创客匠人·知识变现
笨蛋少年派1 小时前
Flume数据采集工具简介
大数据
梦里不知身是客111 小时前
spark中如何调节Executor的堆外内存
大数据·javascript·spark
小C8062 小时前
【Starrocks + Hive 】BitMap + 物化视图 实战记录
大数据
西格电力科技4 小时前
面向工业用户的绿电直连架构适配技术:高可靠与高弹性的双重设计
大数据·服务器·人工智能·架构·能源
beijingliushao5 小时前
105-Spark之Standalone HA环境搭建过程
大数据·spark
五阿哥永琪6 小时前
Git 开发常用命令速查手册
大数据·git·elasticsearch
数字会议深科技6 小时前
深科技 | 高端会议室效率升级指南:无纸化会议系统的演进与价值
大数据·人工智能·会议系统·无纸化·会议系统品牌·综合型系统集成商·会议室
热门推荐
01GitHub 镜像站点02UV安装并设置国内源03Linux下V2Ray安装配置指南04【AutoGLM部署】本地私有化部署AI手机Agent05在VSCode配置Java开发环境的保姆级教程(适配各类AI编程IDE)06Open-AutoGLM Windows 安装部署教程07Cursor 又偷偷更新,这个功能太实用:Visual Editor for Cursor Browser08BongoCat - 跨平台键盘猫动画工具09安娜的档案(Anna’s Archive) 镜像网站/国内最新可访问入口(持续更新)10Labelme从安装到标注:零基础完整指南