Search code examples
javaelasticsearchelasticsearch-queryelasticsearch-7

QueryString to search String with colon

i am trying to achieve below condition

orgId = "z2store" and type = "web" and dateTime = "12:17:08"

below query i have written

GET /sample/_search
{
  "bool" : {
    "must" : [
      {
        "term" : {
          "orgId" : {
            "value" : "z2store",
            "boost" : 1.0
          }
        }
      },
      {
        "term" : {
          "type" : {
            "value" : "web",
            "boost" : 1.0
          }
        }
      },
      {
        "query_string" : {
          "query" : "12:17:08",
          "default_field" : "dateTime",
          "fields" : [ ],
          "type" : "best_fields",
          "default_operator" : "or",
          "max_determinized_states" : 10000,
          "enable_position_increments" : true,
          "fuzziness" : "AUTO",
          "fuzzy_prefix_length" : 0,
          "fuzzy_max_expansions" : 50,
          "phrase_slop" : 0,
          "escape" : false,
          "auto_generate_synonyms_phrase_query" : true,
          "fuzzy_transpositions" : true,
          "boost" : 1.0
        }
      }
    ],
    "adjust_pure_negative" : true,
    "boost" : 1.0
  }
}

below is my java code 

BoolQueryBuilder boolQuery = new BoolQueryBuilder().must(QueryBuilders.termQuery("orgId", orgId))
                        .must(QueryBuilders.termQuery("type", "web"));
QueryStringQueryBuilder builder = new QueryStringQueryBuilder("12:17:08");
                        builder.defaultField("dateTime").queryString();
                        boolQuery.must(builder);
SearchSourceBuilder searchSourceBuilder = new SearchSourceBuilder().query(builder)
                        .from((batchNumber - 1) * batchSize).size(batchSize)
                        .sort("@timestamp", SortOrder.DESC);

Above query is not working. Any help will be appreciated. I am using elasticSearch 7.4.

Solution

  • You can create your dateTime field with type as date and giving format as hour_minute_second(which takes format as HH:mm:ss) . You can read more about different date formats here https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-date-format.html.

    Below is the mapping of dateTime field:

    {
    "mappings": {
        "properties": {
            "dateTime": {
                "type" : "date",
                "format" : "hour_minute_second"
            }
        }
    }
}

    Now when you search data with below search query :

    {
    "query" : {
        "bool" : {
    "must" : [
      {
        "term" : {
          "orgId" : {
            "value" : "z2store",
            "boost" : 1.0
          }
        }
      },
      {
        "term" : {
          "type" : {
            "value" : "web",
            "boost" : 1.0
          }
        }
      },
      {
       "term" :{
        "dateTime":"12:17:08"
       }
      }
    ],
    "adjust_pure_negative" : true,
    "boost" : 1.0
  }
    }

}

    You will get your required result :

    "hits": [
            {
                "_index": "datetimeindexf",
                "_type": "_doc",
                "_id": "1",
                "_score": 1.5753641,
                "_source": {
                    "dateTime": "12:17:08",
                    "orgId": "z2store",
                    "type": "web"
                }
            }
        ]