Es常用Elasticsearch SQL查询语句

Es常用Elasticsearch SQL查询语句

# 多条件查询
GET /event*/_search
{
  "query": {
    "bool": {
      "must": [
        {
          "term": {
            "dataFrom": "其他"
          }
        }
      ],
      "must_not": [
        {
          "term": {
            "eventFrom": "情报"
          }
        },
        {
          "term": {
            "eventFrom": "otherDiscover"
          }
        }
      ]
    }
  }
}

# 多条件查询
GET /event*/_search
{
  "query": {
    "bool": {
      "must": [
        {
          "term": {
            "dataFrom": "其他"
          }
        },
        {
          "term": {
            "eventFrom": "otherDiscover"
          }
        }
      ]
    }
  }
}


# 条件删除
POST /event*/_doc/_delete_by_query
{
  "query": {
    "bool": {
      "must": [
        {
          "term": {
            "dataFrom": "其他"
          }
        },
        {
          "term": {
            "eventFrom": "otherDiscover"
          }
        }
      ]
    }
  }
}

# 多条件时间范围查询
GET /event*/_search
{
  "query": {
    "bool": {
      "must": [
        {
          "term": {
            "dataFrom": "其他"
          }
        },
        {
          "range": {
            "endTime": {
              "gte": "2021-9-01 00:00:00",
              "lte": "2021-10-01 00:00:00"
            }
          }
        }
      ]
    }
  }
}
原文地址:https://www.cnblogs.com/aric2016/p/15305417.html