Python DSL syntax

rugenl · July 18, 2017, 12:48pm

I have a working search consisting of the first 3 lines of this:
= Search(using=client, index="exchange-*")
.query("match", type="iis")
.filter("range", ** {'@timestamp': {'gte': 'now-1440m', 'lt': 'now'}})
.exclude("match", geoip.country_name="United States")

Adding the 4th line, causes this syntax error.

.exclude("match", geoip.country_name="United States")
                 ^

SyntaxError: keyword can't be an expression

I can't find an example of the proper syntax, I guess geoip.xxx is called a composite field?

Be gentile, I'm fairly new to elasticsearch, I've used python a lot, but for pretty simple things. I try to make all problem simple....

Thanks

danielmitterdorfer · July 21, 2017, 7:24am

Hi,

the problem is that "." is not valid as part of an identifier in Python.

After having read the docs, I have seen that this is actually short-hand for creating a corresponding instance of Q.

I played around a bit with it in the shell:

> from elasticsearch_dsl import query
> query.Q({"match": { "geoip.country_name": "United States"}})
Match(geoip__country_name='United States')

So I think, that the following should work:

.exclude({"match": { "geoip.country_name": "United States"}})

Daniel

rugenl · July 21, 2017, 6:30pm

This works:
.exclude("match", ** { "geoip.country_name": "United States"})

Thanks.

system · August 18, 2017, 6:30pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.