Elasticsearch API Conventions

Web application programming interface (API) is a set of function calls or other programming instructions used to access software components within a specific web application. For example, the Facebook API helps developers create applications by accessing data or other features from Facebook; it can be a birthday or status update.

Elasticsearch provides a REST API that can be accessed via HTTP. Elasticsearch uses some conventions, which we will discuss now.

Multiple indices

Most operations in the API, mainly searches and other operations, are for one or more indices. This helps users to search in multiple locations or all available data with just one query. Many different symbols are used to perform operations across multiple indices. We will discuss some of them in this chapter.

Comma-separated symbols

POST　/index1,index2,index3/_search

Request Body

{
　　　"query":{
　　　　　　
　　　　　　　　　"query":"any_string"
　　　　　　}
　　　}
}

Response

_all keywords of all indices

POST　/_all/_search

Request Body

{
　　　"query":{
　　　　　　
　　　　　　　　　"query":"any_string"
　　　　　　}
　　　}
}

Response

JSON objects from all indices containing 'any_string'.

Wildcards (*,+, –)

POST　/*/_search

Request Body

{
　　　"query":{
　　　　　　
　　　　　　　　　
　　　　　　}
　　　}
}

Response

JSON objects from all indexes that start with schools containing CBSE.

In addition, you can also use the following code-

POST　/*,-schools_gov　/_search

Request Body

{
　　　"query":{
　　　　　　
　　　　　　　　　
　　　　　　}
　　　}
}

Response

JSON objects come from all indices that start with 'school', but not from 'school_gov' and include CBSE indices.

There are still some URL query string parameters-

• ignore_unavailable−If one or more index(es) are not present in the index(es) URL, no error will occur or any operation will stop. For example, the school index exists, but book_shops does not.

POST　/*/_search

Request Body

{
　　　"query":{
　　　　　　
　　　　　　　　　
　　　　　　}
　　　}
}

Request Body

{
　　　
　　　　　　
　　　　　　　　　
　　　　　　　　　
　　　　　　　　　
　　　　　　}],
　　　　　　
　　　　　　
　　　　　　
　　　404
}

Consider the following code-

POST　/*/

Request Body

{
　　　"query":{
　　　　　　
　　　　　　　　　
　　　　　　}
　　　}
}

Response (no error)

JSON objects from all indexes that start with schools containing CBSE.

allow_no_indices

trueIf the URL with wildcards does not have an index, the value of this parameter will prevent errors. For example, there is no index starting with schools_pri-

POST　/*/

Request Body

{
　　　"query":{
　　　　　　"match_all":{}
　　　}
}

Response (no error)

{
　　　1
　　　
}

expand_wildcards

This parameter determines whether wildcards need to be expanded to open or closed indexes, or both. The value of this parameter can be open, closed, or none.

For example, closing the index school-

POST　/schools/

Response

Consider the following code-

POST　/*/

Request Body

{
　　　"query":{
　　　　　　"match_all":{}
　　　}
}

Response

{
　　　
　　　　　　
　　　　　　　　　
　　　　　　}],
　　　　　　
　　　}403
}

Date math support in index names

Elasticsearch provides the functionality to search indexes based on dates and times. We need to specify dates and times in a specific format. For example, accountdetail-2015.12.30, the index will store2015year12month30 day, the bank account details. Mathematical operations can be performed to obtain detailed information for a specific date or date and time range.

The format of the date mathematical index name-

<static_name{date_math_expr{date_format|time_zone}}>
/<accountdetail-{now-2d{YYYY.MM.dd|utc}}>/_search

static_name is part of the expression and remains unchanged in each mathematical index (such as customer details). date_math_expr contains a mathematical expression that acts like now-2d dynamically determines the date and time. date_format contains the format for writing dates into indexes like YYYY.MM.dd. If today is2015year12month30 day, then<accountdetail- {now-2d {YYYY.MM.dd}}>will return accountdetail-2015.12.28.

Now, let's see some common options provided by Elasticsearch that can be used to obtain responses in specified formats.

Beautified results

We can obtain a well-formatted JSON object by adding URL query parameters (i.e., pretty = true) to get the response.

POST　/schools/_search?pretty　=　true

Request Body

{
　　　"query":{
　　　　　　"match_all":{}
　　　}
}

Response

……………………..
{
　　　"_index"　:　"schools",　"_type"　:　"school",　"_id"　:　"1",　"_score"　:　1.0,
　　　"_source":{
　　　　　　"name":"Central　School",　"description":"CBSE　Affiliation",
　　　　　　"street":"Nagan",　"city":"paprola",　"state":"HP",　"zip":"176115",
　　　　　　"location":　[31.8955385,　76.8380405],　"fees":2000,
　　　　　　"tags":["Senior　Secondary",　"beautiful　campus"],　"rating":"3.5"
　　　}
}
………………….

Human-readable output

This option can change the statistical response to a human-readable format (if human = true) or a machine-readable format (if human = false). For example, if human = true, then distance_kilometer = 20KM; if human = false, then distance_meter = 20000, at this time, other computer programs need to use the response.

Response Filtering

By adding them to the field_path parameter, we can filter the response for fewer fields. For example,

POST　/schools/_search?filter_path　=　hits.total

Request Body

{
　　　"query":{
　　　　　　"match_all":{}
　　　}
}

Response

{"hits":{"total":3}}