Elastic Search

How to Run a Query Within Elasticsearch?

Elasticsearch is a popular distributed, open-source analytics and search engine that is utilized to store, search, and analyze a large amount of raw and complex data. It is a highly scalable, reliable, and fast search engine and database. It uses queries based on JSON format to retrieve data from indexes of Elasticsearch. The queries that are written in JSON format can be executed through Rest APIs and command line utilities such as the “curl” command.

This blog will demonstrate how to run a query within Elasticsearch.

How to Run a Query Within Elasticsearch?

To run the query within Elasticsearch, first start the search engine. Then, define the query you want to execute. The two types of queries are used in Elasticsearch “Query DSL” and “Query String”. Query DSL is based on data stored in JSON format and Query String is a string-based query. After setting the query, utilize the “curl” command along with Rest APIs to execute the query. However, users can use the “Kibana” visualization tool for Elasticsearch to execute the queries.

For the illustration, follow the given instructions.

Step 1: Start Elasticsearch Engine

First, start the Windows terminal such as Command Prompt from the “Startup” menu. Next, navigate to the “bin” directory of Elasticsearch using the “cd” command:

cd C:\Users\Dell\Documents\Elasticsearch\elasticsearch-8.7.0\bin

After that, run the “elasticsearch.bat” file to start the search engine:

elasticsearch.bat

Step 2: Access Elasticsearch From Command Prompt

Next, verify if the Elasticsearch engine is running on the “localhost:9200” or not. For this purpose, use the “curl” command along with Elasticsearch localhost URL. In order to embed the user credentials in the command utilize the “-u” option and provide the “username:password” as shown below:

curl localhost:9200 -u elastic:<user-password>

Step 3: Create an Index

Next, create the new index with the help of the “PUT” API in the “curl” command. For instance, we have created the “user” index:

curl -XPUT "http://localhost:9200/user" -H "kbn-xsrf: reporting" -u elastic:<user-password>

Step 4: Insert Data

Next, insert the data in the newly created index. For this purpose, provide the data using the “–data-binary” option, pass the data along with the fields name, and put the data at the “localhost:9200/index-name/type/id” address:

curl -XPOST -H "Content-type:application/json" --data-binary "{\"add-field\": {\"Name\":\"Rafia\", \"stored\":true}}" http://localhost:9200/user/_doc/1 -u elastic:<user-password>

In the above command, we have inserted the data in the “user” index, type is “_doc” and id is “1”:

Step 5: Access or Search Data

Next, in order to access the data from the index, use the “GET” request in the “curl” command. In the following command, we are accessing the data from the “user” index that has type “_doc” and id “1”:

curl -X GET "localhost:9200/user/_doc/1?pretty" -u elastic:<user-password>

Step 6: Run a Search Query to Search Data

Next, make another “GET” request and define your search query to find data:

curl -X GET "localhost:9200/_search?q=user.id:1&size=0&terminate_after=1&pretty" -u elastic:<user-password>

In the above command, we have defined the Query String to search the data. This query string includes the following parameters:

  • The “q” option specifically defines the query string.
  • user.id” means read the data from the “user” index have id “1
  • The “size” and “terminate_after” options are used to limit the search results.
  • pretty” is used to show the output in easy-to-read format:

Alternatively, you can search all the data of the provided index without giving a specific ID, size, or search limit. For this purpose, check out the given command:

curl -X GET "localhost:9200/user/_search?pretty" -u elastic:<user-password>

That’s how we can execute a query in Elasticsearch.

Bonus Tip: Run a SQL Query Within Elasticsearch

The Elasticsearch X-pack components allow us to use SQL like queries to search the data from the indexes. These types of queries come under the Query DSL.

To execute the SQL like query, go through the following command:

curl -XPOST "http://localhost:9200/_sql?format=txt" -H "kbn-xsrf: reporting" -H "Content-Type: application/json" -d "{\"query\": \"SELECT * FROM employee WHERE Designation = 'Technical Author'\"}" -u elastic:<user-password>

The above command contains following parameters:

  • POST” API request is used to get data from the index.
  • http://localhost:9200/_sql” is the address to access the data in “_sql” format:
  •  “-d” option is used in the curl command to request the body that will contain the SQL query of Elasticsearch.
  • In a query, we are accessing all records from the “employee” index that have the “Designation” value “Technical Author”:

That’s all about running a query within Elasticsearch.

Conclusion

Elasticsearch uses two types of queries “Query DSL” and “Query String”. To run the query within Elasticsearch, first start the search engine. Then, define the query you want to execute. After setting the query, utilize the “curl” command along with Rest APIs to execute the query. This article has illustrated the method to run a query in Elasticsearch.

About the author

Rafia Zafar

I am graduated in computer science. I am a junior technical author here and passionate about Programming and learning new technologies. I have worked in JAVA, HTML 5, CSS3, Bootstrap, and PHP.