Open in app

Sign in

Write

Sign in

Phase 03 — Elasticsearch Term queries — Blog 13

Arun Mohan
elasticsearch
4 min readOct 26, 2019

--

Last blog we have seen a few important and most used full-text queries in the Elasticsearch world. We will have a look at some of the most useful and relevant term level queries in this blog.

What are term level queries?

Term level queries are those queries which are used to find the records/documents based on exact values in organised/structured data.
The examples of structured data are product codes, date ranges, pin codes, IPs etc.

What makes term query different from that of full-text queries is the fact that the search keywords (the text to be searched) will undergo the analyzing process and then gets queried. Where as in the term query execution, the search query keyword will go as it is. (NB: normalisation of the keywords can be done by the normalizer settings, but by default, the search query keyword goes as it is)
For example
If I am searching for “Arun Mohan” using a full text query, the search will be going as “Arun” and “Mohan”.
But when I am using term query for the same keyword as above, the search will be done as a single keyword without splitting as “Arun Mohan” itself.

Sample data set

The data set performed for this operation can be found here . The steps to load this CSV can be found in my previous blog on Kibana. I have indexed the data to an index named “testindexterms”. A sample document in this index is as shown below:

{
        "_index" : "testindexterms",
        "_type" : "_doc",
        "_id" : "-6Ry3m0B5ZMO9aBbs5Sg",
        "_score" : 1.0,
        "_source" : {
          "id" : "1",
          "first_name" : "Jasmina",
          "last_name" : "Crocetto",
          "email" : "jcrocetto0@odnoklassniki.ru",
          "gender" : "Female",
          "ip_address" : "90.139.240.83",
          "socialSecurity" : "896-40-5515",
          "age" : "33"
        }
  }

Basic term query

The basic term query will not analyze the search keyword given to it while searching. Considering an example, let us search for the keyword “Male” on the field “gender” as shown below:

#term query
POST testindexterms/_search
{
  "query": {
    "term": {
      "gender": {
        "value": "Male"
      }
    }
  }
}

The above query would result in returning all the documents with “gender” field having the value “Male”.
Now if we give the same query by changing the case as “male”, the same query will yield no results.

POST testindexterms/_search
{
  "query": {
    "term": {
      "first_name": {
        "value": "jasmina"
      }
    }
  }
}

This shows that no where in the inverted index for the field “gender”, there is a value “male”. There are only two values “Male”and “Female” (note the difference in casing).

terms query

In some cases, we need to fetch multiple search keys from the same field. We can use the terms query for such cases as shown in the below example:

POST testindexterms/_search
{
  "query": {
    "terms": {
      "first_name": [
        "Jasmina",
        "Claresta"
      ]
    }
  }
}

The above query will return the documents matching “Jasmina” and “Claresta” on the field “first_name”

prefix query

The prefix query would return the documents starting with a pattern of words. Suppose we need to get the documents where the “first_name” starts with “Ja”, we can use the prefix query like below:

#prefix query
POST testindexterms/_search
{
    "query": {
        "prefix": {
            "first_name": {
                "value": "Ja"
            }
        }
    }
}

range query

This is one of the most useful and frequent queries which are used in Elasticseaerch. This query would return us the documents which contain terms within a provided range.
Example, to find all the employees falling between the age 20 and 40.
Or to find all the employees, whose salary is above 100,000 etc.

The below query can be used to fetch the documents where the age is falling between 20 and 40 (including 20 and 40)

POST testindexterms/_search
{
    "query": {
        "range" : {
            "age" : {
                "gte" : 20,
                "lte" : 30
            }
        }
    }
}

gte : greater than or equal to
lte: less than or equal to

the options, gt (greater than) and lt (less than) is also available to determine the range.

fuzzy query

Now another common use case is to search for a word and find the results irrespective of minor spell issues. Like if we search for “Jaems” the result should return the document containing “James”.
With the fuzzy query we can handle such situation. In the below query, the query is given as “Mael” against the field “gender”. Since we have used the fuzzy query, it will fetch all the document which contain the word “Male” in the field “gender”

#fuzzy query
POST testindexterms/_search
{
    "query": {
        "fuzzy": {
            "gender": {
                "value": "Mael"
            }
        }
    }
}

Basically the fuzzy query is designed to find out the mispellings for only one character as shown above. If we use the same query and search for “Meal”, it would return no documents. This can be configured using advanced parameters made available in the fuzzy query. We can use the parameter , fuzziness set to two for achieving the same as below:

POST testindexterms/_search
{
    "query": {
        "fuzzy": {
            "gender": {
                "value": "Meal",
                "fuzziness": "2"
            }
        }
    }
}

Conclusion

In this blog, we have seen some of the important term level queries, with examples. In the next blog we can see another section of full text queries which was postponed as it required some background in term level queries.

Elasticsearch
Elk
Elasticsearch Queries

--

--

Arun Mohan
elasticsearch

Written by Arun Mohan

283 Followers
Editor for

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams