I'm trying to fetch data from Elasticsearch into an Eland dataframe partially, because it takes too much time to load the entire index.
The following works, except for the _query_compiler. The official Eland docs contains the parameter, but no description about how it works. I'm not even sure if this is the right approach though.
password = '..'
ip = '..'
es = Elasticsearch(hosts='https://{}:{}@{}'.format(username, password, ip), request_timeout=300, ca_certs='./Security/cert.pem')
index_name = '..'
index = ed.DataFrame(es_client=es, es_index_pattern=index_name, _query_compiler=???).to_pandas()
The following query seems to work, except for the part that it's not an Eland dataframe. (Also, the body parameter is deprecated but w/e.) There is a related question here, but it's not helping towards a solution.
search_body = {
"query": {
"match": {
"some_field": "true"
}
}
}
results = es.search(index=index_name, body=search_body)