How to Search Across Multiple Indices in Elasticsearch
Takahiro Iwasa
2 min read
Elasticsearch
This note describes how to search over multiple indices in Elasticsearch.
Launching Elasticsearch
Below is an example docker-compose.yml file to configure and start the cluster.
version: '3'
services: elasticsearch: image: elasticsearch:7.10.1 container_name: elasticsearch environment: - discovery.type=single-node - bootstrap.memory_lock=true ports: - 9200:9200Start the cluster using the following command:
docker-compose up -dPreparing Data
To experiment with multiple indices, index some data into users-2020-11 and users-2020-12 using the curl command:
curl -X POST -H 'Content-Type: application/json' -d '{"name": "hoge"}' localhost:9200/users-2020-11/_doc/curl -X POST -H 'Content-Type: application/json' -d '{"name": "fuga"}' localhost:9200/users-2020-12/_doc/Searching Data
Searching with Wildcards
You can query data from multiple indices using a wildcard expression. For example:
curl localhost:9200/users-2020-*/_search | jq .hits.hitsThe response will contain data from both users-2020-11 and users-2020-12:
[ { "_index": "users-2020-11", "_type": "_doc", "_id": "PNQ3tXYBKT-fwQ71grcz", "_score": 1, "_source": { "name": "hoge" } }, { "_index": "users-2020-12", "_type": "_doc", "_id": "PdQ3tXYBKT-fwQ71p7cy", "_score": 1, "_source": { "name": "fuga" } }]Searching with CSV Format
Another way to search is by specifying multiple indices as a comma-separated list:
🔥
Caution
Ensure that your URL length does not exceed the maximum limit when using this approach.
curl localhost:9200/users-2020-11,users-2020-12/_search | jq .hits.hitsThe response will contain data from both users-2020-11 and users-2020-12:
[ { "_index": "users-2020-11", "_type": "_doc", "_id": "PNQ3tXYBKT-fwQ71grcz", "_score": 1, "_source": { "name": "hoge" } }, { "_index": "users-2020-12", "_type": "_doc", "_id": "PdQ3tXYBKT-fwQ71p7cy", "_score": 1, "_source": { "name": "fuga" } }]