Help Center/ Cloud Search Service/ User Guide/ Using OpenSearch for Data Search/ Searching Data in an OpenSearch Cluster/ Using DSL to Search for Data in OpenSearch
Updated on 2024-09-14 GMT+08:00
View PDF
Share

Using DSL to Search for Data in OpenSearch

DSL is the specified query language for Elasticsearch and OpenSearch. It is the best language for interaction between clients and Elasticsearch and OpenSearch clusters. Elasticsearch DSL is a JSON-based language. Other languages, such as SQL, are translated into Elasticsearch DSL before they can interact with Elasticsearch and OpenSearch clusters.

DSL Usage Example

Compile the request content in JSON format on Dev Tools of Kibana and execute the search request.

For example, run the following command to retrieve all documents in the test index:

1
2
3
4
5
6
 
GET /test/_search
{
  "query": {
    "match_all": {}
  }
}

The search result is also in JSON format.

Common DSL Query Statements

The following lists some of the most commonly DSL query statements. For more, see Elasticsearch Guide.

  • Sets the query filters, which is equivalent to where in the SQL language.

    In the command below, there is no index filter in front of _search, so all indexes are queried. A bool query allows you to combine multiple search queries with boolean conditions. filter forcibly filters documents whose status field is published and publish_date is later than 2015-01-01. must specifies that both title and content must include Search.

    The difference between must and filter is that filter is equivalent to where in SQL but its results are not used for scoring. The must field is also a mandatory filter criteria, but the matching documents are scored based on relevance. The most relevant documents are displayed at the top.

    GET /_search
{
  "query": {
    "bool": {
      "must": [
        {
          "match": {
            "title": "Search"
          }
        },
        {
          "match": {
            "content": "search"
          }
        }
      ],
      "filter": [
        {
          "term": {
            "status": "published"
          }
        },
        {
          "range": {
            "publish_date": {
              "gte": "2015-01-01"
            }
          }
        }
      ]
    }
  }
}
  • Aggregations are similar to Group by in SQL.

    An aggregation summarizes your data as metrics, statistics, or other analytics. In the example below, the results are aggregated based on the title field in the test index. If title is of the text (including keyword) type, use title.keyword for aggregation. By default, Elasticsearch and OpenSearch cannot directly aggregate data of the text type. titles is only an example name of the aggregation. You can name the aggregation titleaggs instead.

    GET /test/_search
{
  "aggs": {
    "titles": {
      "terms": {
        "field": "title.keyword"
      }
    }
  }
}

    The example above for query aggregation includes all documents in the test index. That is, match_all is used. You can set search criteria to narrow the scope of the aggregation to specific documents.