Use variable in search query

JohnM · September 5, 2019, 12:30am

I am using python elasticsearch client to query.
https://elasticsearch-py.readthedocs.io/en/master/

Everything works fine except using queries string as variable. Sorry if this is more python question.

This works well.

index_name = "logstash-abc-*"
res = es.search(index=index_name, body={"query": {"bool": {"filter": [{"term": {"message": "ssh",}},{"term": {host: "admin01",}},]}}})

I want {"term": {"message": "ssh",}} part as a variable and preset 10+ patterns.
Something like this.

index_name = "logstash-abc-*"
q1 = "{\"term\": {\"message\": \"ssh\",}}"
q2 = "{\"term\": {\"syslog_ip\": \"192.168.0.100\",}}"
res = es.search(index=index_name, body={"query": {"bool": {"filter": [q1,q2,{"term": {host: "admin01",}},]}}})

Looks like q1 and q2 are ignored in search query. Can you use variable in the es search query?
How can you check what a full request query string sent?

Thanks for your help in advance.

system · October 3, 2019, 12:30am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to pass a variable to elasticsearch query javascript Elasticsearch	1	377	March 8, 2021
Use of variables in a query in logstash Logstash	13	3397	June 22, 2020
Using variables inside of API Elasticsearch	1	214	September 30, 2021
Is it possible to use variables in indexed documents in elasticsearch? Elasticsearch	9	488	July 20, 2018
Searching using query string with variable clauses Elasticsearch elastic-stack-monitoring	8	399	June 22, 2023

Use variable in search query

Related topics