Elasticsearch Query DSL

Query DSL stands for Domain Specific Language. In elasticsearch, searching is performed using the search query, which is based on JSON. Elasticsearch provides full query DSL that helps to define queries. There are two clauses in elasticsearch that make a query, which are -

1. Leaf Query Clauses -

Leaf query clauses are those clauses that search for a specific value in a specific field like term, match, or range queries. These queries are used by themselves.

2. Compound Query Clauses -

Compound Query is a wrapper clause created by combining leaf query clauses and other compound queries. It helps to extract the desired information.

A query begins with a query keyword. It contains conditions and filters inside it in the form of JSON objects. A list of several queries with examples are described below -

Match All Query

It is a basic query that returns all the documents present in the specified index. It returns all data of the document with a max_score 1.0 for every object. See the example given below -

Copy Code

POST http://localhost:9200/book/_doc/
_search
{
   "query": {
      "match_all": { }
   }
}

Response

The above query will fetch all the documents presents in the book index and return back to the user. See the response below -

{ 
"took": 2,
"timed_out": false,
"_shards": {
"total": 1,
   "successful": 1,
   "skipped": 0,
   "failed": 0,
},
"hits": {
                "total": {
        "value": 2,
        "relation": "eq"
},
"max_score": 1,
"hits": [
{
    "index": "books",
     "_type": "_docs",
     "_id": "01",
     "score": 1,
     "_source": {
	 "book_name": "C++",
	 "author_name": "Scott Meyers",
	 "publisher": "Addision Wesley Professional",
	 "publish_date": "November 1987",
	 "price": "837",
      }
},
{
    "index": "books",
     "_type": "_docs",
     "_id": "02",
     "score": 1,
     "_source": {
	 "book_name": "Java Black Book",
	 "author_name": "Steven Holzner",
	 "publisher": "E. Acoma Drive Suite 7 Scottsdale, AZ",
	 "publish_date": "June 2001",
	 "price": "685",
      }
 }
         ]
    }
}

Screenshot

Look at the screenshot below in browser -

Full Text Query

Full text queries are high-level queries. These are responsible for running full text queries on full text fields and understanding how a field being queried is analyzed. Full text query work according to the analyzer associated with the specific document or index. We will discuss a different number of full text queries.

Query	Description
Match	This query performs full text query search.
multi_match	This query allows the users to search the documents by matching a text or phrase in more than one field.
match_phrase	It is responsible for matching the exact phrase matches.
match_phrase_prefix	This query helps to perform a wildcard search on the final word.
comman_terms	This query gives higher preference to uncommon words.
query_string	The query_string allows us to perform a multi-field search within a single query by specifying AND\|OR\|NOT conditions.
simple_query_string	The simple_query_string is a robust version of query_string.

Let's discuss each full text query one by one -

Match Query

This query helps to fetch the documents by matching a text with the value of one or more fields.

In the below example, we will execute a query to fetch the documents that contain Hauston state in state field. Note that it will search these documents in all those indexes that contain student word at the end of index name. For example - student, student1, student2, etc.

Copy Code

POST http://localhost:9200/student*/
_search
{
  "query": {
    "match": {
       "state":"Hauston"
     }
  } 
}

Response

By executing the above query, two documents have returned from index student and student1. See the output given below -

{ 
"took": 2507,
"timed_out": false,
"_shards": {
"total": 2,
   "successful": 2,
   "skipped": 0,
   "failed": 0,
},
"hits": {
                "total": {
        "value": 2,
        "relation": "eq"
},
"max_score": 0.53899646,
"hits": [
{
    "index": "student",
     "_type": "_doc",
     "_id": "03",
     "score": 0.53899646,
     "_source": {
	 "name": "Ammy Jonson",
	 "dob": "09/Feb/1996",
	 "course": "BAMS",
	 "Addmission year": "2017",
	 "email": "amyjon@gmail.com",
	 "street": "874 Monroe Street",
	 "state": "Hauston",
	 "country": "United State",
	 "zip": "76608",
	 "fees": "54900",
      }
},
{
    "index": "student1",
     "_type": "_doc",
     "_id": "02",
     "score": 0.53899646,
     "_source": {
	 "name": "Jimmy Hong",
	 "dob": "24/Aug/1995",
	 "course": "Bsc (Economics)",
	 "Addmission year": "2018",
	 "email": "jimhong@gmail.com",
	 "street": "847 Monroe Street",
	 "state": "Hauston",
	 "country": "United State",
	 "zip": "76608",
	 "fees": "28900",
      }
 }
         ]
    }
}

Screenshot

Multi Match Query

This query allows us to search the documents by matching a text or phrase in more than one field.

In the below example, we will search for the documents that contain Rodney either in street, state or in both.

Copy Code

POST http://localhost:9200/student*/_doc/
_search
{
   "query": {
      "multi_match": {
         "query": "Rodney",
         "fields": [ "street", "state" ]
      }
   }
}

Response

By executing the above query, we get three documents, two from student index and another one from the student1 index. See the output given below -

{ 
"took": 1874,
"timed_out": false,
"_shards": {
"total": 2,
   "successful": 2,
   "skipped": 0,
   "failed": 0,
},
"hits": {
                "total": {
        "value": 3,
        "relation": "eq"
},
"max_score": 1.6739764,
"hits": [
{
    "index": "student",
     "_type": "_doc",
     "_id": "02",
     "score": 1.6739764,
     "_source": {
	 "name": "Jass Fernandiz",
	 "dob": "05/April/1995",
	 "course": "Bcom (H)",
	 "Addmission year": "2018",
	 "email": "jassf@gmail.com",
	 "street": "4225 Ersel Street",
	 "state": "Rodney",
	 "country": "United State",
	 "zip": "75003",
	 "fees": "22900",
      }
},
{
    "index": "student1",
     "_type": "_doc",
     "_id": "01",
     "score": 0.9808291,
     "_source": {
	 "name": "Denial Parygen",
	 "dob": "07/Aug/1998",
	 "course": "Mass Communication",
	 "Addmission year": "2018",
	 "email": "denial@gmail.com",
	 "street": "3511 Rodney Street",
	 "state": "Missouri",
	 "country": "United State",
	 "zip": "62208",
	 "fees": "24800",
      }
 },
{
    "index": "student",
     "_type": "_doc",
     "_id": "01",
     "score": 0.4.384826,
     "_source": {
	 "name": "Kelvin Lewis",
	 "dob": "19/July/1996",
	 "course": "Msc (Music)",
	 "Addmission year": "2018",
	 "email": "kelvinlewis@gmail.com",
	 "street": "Rodney Valley",
	 "state": "Minnesota",
	 "country": "United State",
	 "zip": "55427",
	 "fees": "24900",
      }
 }
         ]
    }
}

Screenshot

Query String Query

This query allows us to fetch the documents whose any of the field contains the text passed to query string.

In the below example, we will pass a string "Horse riding" to search the documents in the student* indexes and display all the documents matched.

Copy Code

POST http://localhost:9200/student*/_doc/
_search
{
   "query": {
      "query_string": {
         "query": "Horse Riding"
      }
   }
}

Response

By executing the above query, we get two documents, one from student index and another from the student1 index. See the output given below -

{ 
"took": 249,
"timed_out": false,
"_shards": {
"total": 2,
   "successful": 2,
   "skipped": 0,
   "failed": 0,
},
"hits": {
                "total": {
        "value": 2,
        "relation": "eq"
},
"max_score": 1.7563686,
"hits": [
{
    "index": "student1",
     "_type": "_doc",
     "_id": "02",
     "score": 1.7563686,
     "_source": {
	 "name": "Jimmy Hong",
	 "dob": "24/Aug/1995",
	 "course": "Bsc (Economics)",
	 "Addmission year": "2018",
	 "fees": "22900",
	 "email": "jimmhong@gmail.com",
	 "hobbies": "Horse Riding, dancing",
	 "street": "847 Monroe Street",
	 "state": "Hauston",
	 "country": "United State",
	 "zip": "76608"
      }
},
{
    "index": "student",
     "_type": "_doc",
     "_id": "03",
     "score": 1.7262595,
     "_source": {
	 "name": "Ammy Jonson",
	 "dob": "09/Feb/1996",
	 "course": "BAMS",
	 "Addmission year": "2017",
	 "fees": "84900",
	 "email": "amyjon@gmail.com",
	 "hobbies": "Horse Riding, Singing, Drawing",
	 "street": "847 Monroe Street",
	 "state": "NewYork",
	 "country": "United State",
	 "zip": "76608"
      }
 }
{
    "index": "student",
     "_type": "_doc",
     "_id": "01",
     "score": 0.4.384826,
     "_source": {
	 "name": "Kelvin Lewis",
	 "dob": "19/July/1996",
	 "course": "Msc (Music)",
	 "Addmission year": "2018",
	 "email": "kelvinlewis@gmail.com",
	 "street": "Rodney Valley",
	 "state": "Minnesota",
	 "country": "United State",
	 "zip": "55427",
	 "fees": "24900",
      }
 }
         ]
    }
}

Screenshot

Look in the below screenshot, two documents are fetched from the database that contains Horse Riding string in the Hobbies field.

Term Level Query

The term level query deals with structured data rather than full text field search. Structure data like number, dates, and enums, etc. See the given example of term level query -

Copy Code

POST http://localhost:9200/student*/_doc/
_search
{
   "query": {
      "term": {
         "zip":"76011"
      }
   }
}

Response

By executing the above query, we will get all the documents that have zip code 76011.

{ 
"took": 4185,
"timed_out": false,
"_shards": {
"total": 2,
   "successful": 2,
   "skipped": 0,
   "failed": 0,
},
"hits": {
                "total": {
        "value": 1,
        "relation": "eq"
},
"max_score": 0.9808291,
"hits": [
{
    "index": "student1",
     "_type": "_doc",
     "_id": "03",
     "score": 0.9808291,
     "_source": {
	 "name": "Maria Lee",
	 "dob": "12/Dec/1997",
	 "course": "BFA",
	 "Addmission year": "2015",
	 "fees": "18900",
	 "email": "marial@gmail.com",
	 "hobbies": "Dancing, Photography",
	 "street": "4225 Ersel Street",
	 "state": "Texas",
	 "country": "United State",
	 "zip": "76001"
      }
 }
         ]
    }
}

Screenshot

Range Query

The range query allows us to search the documents that have values between the specified range. To perform the range query, we need to use some operators, such as -

lt - Less than
lte - Less than equal
gt - Greater than
gte - Greater than equal

By putting any of this condition, we can classify the data for the given range in that condition. See the example given below -

Copy Code

POST http://localhost:9200/student*/_doc/
_search
{
   "query": {
      "range": {
         "fees": {
            "gt":50000
         }
      }
   }
}

Response

By executing the above query, two documents are fetched from the student index where fees is greater than 50000 as we used gt condition. See the response given below -

{ 
"took": 7,
"timed_out": false,
"_shards": {
"total": 1,
   "successful": 1,
   "skipped": 0,
   "failed": 0,
},
"hits": {
                "total": {
        "value": 2,
        "relation": "eq"
},
"max_score": 1,
"hits": [
{
    "index": "student",
     "_type": "_doc",
     "_id": "01",
     "score": 1,
     "_source": {
	 "name": "Kelvin Lewis",
	 "dob": "19/July/1996",
	 "course": "Msc (Music)",
	 "Addmission year": "2018",
	 "fees": "54900",
	 "email": "kelvinlewis@gmail.com",
	 "hobbies": "Travelling, Cooking, Painting",
	 "street": "Rodney Valley",
	 "state": "Minnesota",
	 "country": "United State",
	 "zip": "55427"
      }
 },
{
    "index": "student",
     "_type": "_doc",
     "_id": "03",
     "score": 1,
     "_source": {
	 "name": "Ammy Jonson",
	 "dob": "09/Feb/1996",
	 "course": "Msc (Music)",
	 "Addmission year": "2017",
	 "fees": "84900",
	 "email": "amyjon@gmail.com",
	 "hobbies": "Horse Riding, Singing, Drawing",
	 "street": "847 Monroe Street",
	 "state": "NewYork",
	 "country": "United State",
	 "zip": "76608"
      }
 }
         ]
    }
}

Similarly, we can use other conditions gte, lt, or lte as needed to classify document and fetch them.

Screenshot

Other types of term level queries

Below some term level queries are as follows -

Query	DESCRIPTION
Term	The term query helps to search the documents that contain the exact term specified in the query.
Terms	This query is bit different to term query. It helps to find the documents that contain any of the exact terms specified in query.
Range	It helps to search the documents which contain the given range for the particular field specified in query.
Exists	The exits query helps to find the documents where a field specified by a query has any non-null value.
missing query	A missing query is just opposite to exists query. Unlike exists query, it finds the document without specific field or fields having null values.
Prefix	It searches the documents that contain the terms begin with the exact prefix specified in query.
Wildcard	It helps to search the documents that contain the terms matching with the pattern specified by query.
Regexp	It uses regular expressions in query to find some pattern in an object.
Fuzzy	It allows us to find the document that has the terms fuzzily similar to specified term.
Type	The type query helps to find the document of specified type.
Ids	This query is responsible for finding the document of specified type and IDs as well.

Type Query

The type query us allows to find the document of a specific type (default is _doc) specified by the user in the query. In elasticsearch, the default document type is _doc, but document type can also be user-defined.

If the documents are present of the particular type specified in query, it returns those documents list, otherwise it will return a null value.

For example -

Copy Code

POST http://localhost:9200/
_search
{
   "query": {
      "type": {
         "value": "_doc"
     }
   }
}

Response

By executing the above query, several documents of _docs type from the multiple indexes such as - book, student, new_student, and student1 (which we have created) have returned. See the output below -

. . . . . . . . . . . . . . . . . . . . . . . . . . .
"hits": {
                "total": {
        "value": 13,
        "relation": "eq"
},
"max_score": 1,
"hits": [
{
    "index": "book",
     "_type": "_doc",
     "_id": "01",
     "score": 1,
     "_source": {
	 "book_name": "C++",
	 "author_name": "Scott Meyers",
	 "publisher": "Addision Wesley Professional",
	 "publish_date": "November 1987",
	 "price": "837",
      }
 },
{
    "index": "new_student",
     "_type": "_doc",
     "_id": "02",
     "score": 1,
     "_source": {
	 "name": "Jass Fernandiz",
	 "dob": "07/Aug/1996",
	 "course": "Bcom (H)",
	 "Addmission year": "2019",
	 "fees": "24900",
	 "email": "jassf@gmail.com",
	 "hobbies": "Horse Riding, Singing, Crafting",
	 "street": "4225 Ersel Street",
	 "state": "Texas",
	 "country": "United State",
	 "zip": "76011"
      }
 },
. . . . . . . . . . . . . . . . . . . . . . . . . .

Screenshot

In the below screenshot, you can see that the documents returned from the book and student indexes are _doc type, as mentioned in query for search.

Now, turn to the compound queries, which we discussed in brief earlier. Here, we will elaborate compound queries in detail with example.

Compound Query

As the name defines, compound query is a collection of different queries. These queries are merged together using the Boolean operator such as AND, OR, NOT, or for several indices or having function calls.

It is responsible for wrapping leaf queries and other queries together. Basically, these queries are used for either combining their results, changing their behaviors, or switching from query to filter context. Let's take an example to understand the compound query given below -

Copy Code

POST http://localhost:9200/student/_doc/
_search
{
   "query": {
      "bool": {
         "must": {
            "term": {
               "state": "NewYork"
            }
         },		
         "filter": {
            "term": {
               "fees": "24900"
            },
            "minimum_should_match": 1,
            "boost": 1.0
        }
     }
  }
}

Response

The above query has returned 0 document and have max_socre null and total value as zero. See the response given below -

{ 
"took": 7,
"timed_out": false,
"_shards": {
"total": 1,
   "successful": 1,
   "skipped": 0,
   "failed": 0,
},
"hits": {
                "total": {
        "value": 0,
        "relation": "eq"
},
"max_score": null,
"hits": [
       }
}

Screenshot

Geo Query

The Geo queries deal with geo point and geo location. It helps to find the school or any geographical object near to any location. For this, we need to use the geo point data type like the location of a place. Remember that, there are two types of geo data (geo_point and geo_shape) supported by elasticsearch that are -

geo_point - geo_points are the field that supports lon/lat pairs.

geo_shape - Similar to geo_points, geo_shape are also fields that support points, lines, circles, polygons, and multi-polygons, etc.

Look at the example given below -

Copy Code

Execute the below query to create an index named geo_query_example with mapping and location.

PUT http://localhost:9200/geo_query_example/
{
   "mapping": {
       "properties": {
          "location": {
             "type": "geo_shape"
         }
      }
   }
}

Response

By executing the above code, an index with a geo_query_example name has created. See the response given below -

{ 
"acknowledged": true,
"shard_acknowledged": false,
"index": "geo_query_example"
       }
}

Screenshot

Add data to index

Now, add the following data into the geo_query_example index created above.

POST http://localhost:9200/geo_query_example/
_doc?refresh
{
   "name": "NewYork, Paris, London",
   "location": {
      "type": "point",
      "coordinates": [10.650477, 47.901276]
   }
}

Response

By executing the above code, data is added successfully in the geo_query_example index. See the response given below -

{ 
"index": "geo_query_example",
"_type": "_doc",
"_id": "UEcpoHMBPRkyw7wOJtn-",
"_version": 1,
"result": "created",
"forced_refresh": true,
"_shard": {
     "total": 2,
     "successful": 1,
     "failed": 0
},
"_seq_no": 1,
"_primary_term": 1
       }
}

Screenshot