Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Elasticsearch with python: query specific field

Tags:

python

elasticsearch

I'm using python's elasticsearch module to connect and search through my elasticsearch cluster.

In the cluster, one of the fields in my index is 'message' - I want to query my elastic, from python, for a specific value in this 'message' field.

Here is my basic search which simply returns all logs of a specific index. 

    es = elasticsearch.Elasticsearch(source_cluster)
    doc = {
        'size' : 10000,
        'query': {
            'match_all' : {}
        }
    }
res = es.search(index='test-index', body=doc, scroll='1m')

How should I change this query in order to find all results with the word 'moved' in their 'message' field?

The equivalent query that does it from Kibana is:

_index:test-index && message: moved

Thanks,

Noam

like image 341
Noam Avatar asked Jun 27 '26 09:06

Noam

1 Answers

You need to use the match query. Try this:

doc = {
    'size' : 10000,
    'query': {
        'match' : {
            'message': 'moved'
        }
    }
}
like image 102
Val Avatar answered Jun 29 '26 00:06

Val
Sign in to Comment

Related questions

Count frequency of values in pandas DataFrame
Improve performance of index search and removal

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!