Elasticsearch advanced queries

See also ElasticSearch basics.

DQL to filter by non-zero length: Advert.location_query:* (does not work as a filter)

Or in Lucene: Advert.location_query:?*

Results are limited to 10,000 records, unless you use the scroll API which can paginate and also make parallel requests.

Gist:

Elasticsearch basics

Warning: Your Elasticsearch / ELK stack based logging solution may take a huge amount of disk space, and indexing of large amounts of data may also take so long that it can't keep up with the logs being generated.

In short, you need massive/cluster/cloud resources to support Elasticsearch.

Search:

curl '{endpoint}/_search?q=title:jones&size=5&pretty=true'

List indexes:

curl -s '{endpoint}/_cat/indices?v' | sort

Upload a template:

curl -X POST -H "Content-Type: application/json" -d @path/to/template.json 'http://elastic:changeme@localhost:9200/_template/testlog?pretty'

Add a document:

curl -X POST -H "Content-Type: application/json" -d '{ "timestamp": "2019-04-06T14:13:31", "message": "bar baz qux" }' http://elastic:changeme@localhost:9200/testlog/footype?pretty

Range query:

curl -X GET -H "Content-Type: application/json" -d '{ "query": { "range" : { "timestamp" : { "gte" : "2019-04-02T15:13:31", "lte" : "2019-05-09T14:13:31", "boost" : 2.0 } } } }' http://elastic:changeme@localhost:9200/testlog/_search?pretty