mirror of
https://github.com/GreptimeTeam/greptimedb.git
synced 2026-01-03 20:02:54 +00:00
200 lines
3.4 KiB
Markdown
200 lines
3.4 KiB
Markdown
# Query URL and payload for Elastic Search
|
|
## Count
|
|
URL: `http://127.0.0.1:9200/_count`
|
|
|
|
## Query by timerange
|
|
URL: `http://127.0.0.1:9200/_search`
|
|
|
|
You can use the following payload to get the full timerange first.
|
|
```JSON
|
|
{"size":0,"aggs":{"max_timestamp":{"max":{"field":"timestamp"}},"min_timestamp":{"min":{"field":"timestamp"}}}}
|
|
```
|
|
|
|
And then use this payload to query by timerange.
|
|
```JSON
|
|
{
|
|
"from": 0,
|
|
"size": 1000,
|
|
"query": {
|
|
"range": {
|
|
"timestamp": {
|
|
"gte": "2024-08-16T04:30:44.000Z",
|
|
"lte": "2024-08-16T04:51:52.000Z"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
```
|
|
|
|
## Query by condition
|
|
URL: `http://127.0.0.1:9200/_search`
|
|
### Structured payload
|
|
```JSON
|
|
{
|
|
"from": 0,
|
|
"size": 10000,
|
|
"query": {
|
|
"bool": {
|
|
"must": [
|
|
{
|
|
"term": {
|
|
"user.keyword": "CrucifiX"
|
|
}
|
|
},
|
|
{
|
|
"term": {
|
|
"method.keyword": "OPTION"
|
|
}
|
|
},
|
|
{
|
|
"term": {
|
|
"path.keyword": "/user/booperbot124"
|
|
}
|
|
},
|
|
{
|
|
"term": {
|
|
"http_version.keyword": "HTTP/1.1"
|
|
}
|
|
},
|
|
{
|
|
"term": {
|
|
"status": "401"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
}
|
|
```
|
|
### Unstructured payload
|
|
```JSON
|
|
{
|
|
"from": 0,
|
|
"size": 10000,
|
|
"query": {
|
|
"bool": {
|
|
"must": [
|
|
{
|
|
"match_phrase": {
|
|
"message": "CrucifiX"
|
|
}
|
|
},
|
|
{
|
|
"match_phrase": {
|
|
"message": "OPTION"
|
|
}
|
|
},
|
|
{
|
|
"match_phrase": {
|
|
"message": "/user/booperbot124"
|
|
}
|
|
},
|
|
{
|
|
"match_phrase": {
|
|
"message": "HTTP/1.1"
|
|
}
|
|
},
|
|
{
|
|
"match_phrase": {
|
|
"message": "401"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
}
|
|
```
|
|
|
|
## Query by condition and timerange
|
|
URL: `http://127.0.0.1:9200/_search`
|
|
### Structured payload
|
|
```JSON
|
|
{
|
|
"size": 10000,
|
|
"query": {
|
|
"bool": {
|
|
"must": [
|
|
{
|
|
"term": {
|
|
"user.keyword": "CrucifiX"
|
|
}
|
|
},
|
|
{
|
|
"term": {
|
|
"method.keyword": "OPTION"
|
|
}
|
|
},
|
|
{
|
|
"term": {
|
|
"path.keyword": "/user/booperbot124"
|
|
}
|
|
},
|
|
{
|
|
"term": {
|
|
"http_version.keyword": "HTTP/1.1"
|
|
}
|
|
},
|
|
{
|
|
"term": {
|
|
"status": "401"
|
|
}
|
|
},
|
|
{
|
|
"range": {
|
|
"timestamp": {
|
|
"gte": "2024-08-19T07:03:37.383Z",
|
|
"lte": "2024-08-19T07:24:58.883Z"
|
|
}
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
}
|
|
```
|
|
### Unstructured payload
|
|
```JSON
|
|
{
|
|
"size": 10000,
|
|
"query": {
|
|
"bool": {
|
|
"must": [
|
|
{
|
|
"match_phrase": {
|
|
"message": "CrucifiX"
|
|
}
|
|
},
|
|
{
|
|
"match_phrase": {
|
|
"message": "OPTION"
|
|
}
|
|
},
|
|
{
|
|
"match_phrase": {
|
|
"message": "/user/booperbot124"
|
|
}
|
|
},
|
|
{
|
|
"match_phrase": {
|
|
"message": "HTTP/1.1"
|
|
}
|
|
},
|
|
{
|
|
"match_phrase": {
|
|
"message": "401"
|
|
}
|
|
},
|
|
{
|
|
"range": {
|
|
"timestamp": {
|
|
"gte": "2024-08-19T05:16:17.099Z",
|
|
"lte": "2024-08-19T05:46:02.722Z"
|
|
}
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
}
|
|
```
|