malformed query, expected "END_OBJECT" but found "FIELD_NAME"

malformed query, expected "END_OBJECT" but found "FIELD_NAME" - elasticsearch

Hello while running a term query in Kibana console, I am getting a parsing_exception
Query
GET /products/_search
{
"query": {
"terms": {
"tags.keyword": [ "Soup", "Cake" ]
},
"range": {
"in_stock": {
"gte": 10,
"lte": 20
}
}
}
}
Response/Exception
{
"error" : {
"root_cause" : [
{
"type" : "parsing_exception",
"reason" : "[terms] malformed query, expected [END_OBJECT] but found [FIELD_NAME]",
"line" : 6,
"col" : 5
}
],
"type" : "parsing_exception",
"reason" : "[terms] malformed query, expected [END_OBJECT] but found [FIELD_NAME]",
"line" : 6,
"col" : 5
},
"status" : 400
}
Can anyone tell me why I got this exception and how to solve it?

You need to use boolean query to combine terms and range query. Modify your search query as shown below -
{
"query": {
"bool": {
"must": [
{
"terms": {
"tags.keyword": [
"Soup",
"Cake"
]
}
},
{
"range": {
"in_stock": {
"gte": 10,
"lte": 20
}
}
}
]
}
}
}

Related

Elasticsearch filter results by field

I'm new to dsl and this seems simple. The code should count total entries by the hour, within the date range specified. I added a bool such that the results should have a field called 'message' which should contain '[success'
GET sample_index/_search
{
"size": 0,
"query": {
"bool": {
"must": [
{
"match": {
"message": "[sucess"
}
}
]
},
"range": {
"timestamp": {
"gte": "2021-01-01",
"lte": "2021-01-10"
}
}
},
"aggs": {
"hit_count_per_day": {
"date_histogram": {
"field": "timestamp",
"calendar_interval": "hour"
}
}
}
}
The error returned is
{
"error" : {
"root_cause" : [
{
"type" : "parsing_exception",
"reason" : "[bool] malformed query, expected [END_OBJECT] but found [FIELD_NAME]",
"line" : 13,
"col" : 5
}
],
"type" : "parsing_exception",
"reason" : "[bool] malformed query, expected [END_OBJECT] but found [FIELD_NAME]",
"line" : 13,
"col" : 5
},
"status" : 400
}

You need to include the range query also in the must clause. Modify your query as shown below
{
"size": 0,
"query": {
"bool": {
"must": [
{
"match": {
"message": "[sucess"
}
},
{
"range": {
"timestamp": {
"gte": "2021-01-01",
"lte": "2021-01-10"
}
}
}
]
}
},
"aggs": {
"hit_count_per_day": {
"date_histogram": {
"field": "timestamp",
"calendar_interval": "hour"
}
}
}
}

unknown query [filtered] when doing search against ES

I am new to ES, and I am using ES 7.10.1, I have following simple search request:
GET /megacorp/_doc/_search
{
"query":{
"filtered":{
"filter":{
"range":{
"age":{
"gt":30
}
}
},
"query":{
"match":{
"last_name":"smith"
}
}
}
}
}
When I run the above query(using query and filter) in the Kibana Dev Tools, an exception occurs as follows, I would ask how to fix this,thank.
{
"error" : {
"root_cause" : [
{
"type" : "parsing_exception",
"reason" : "unknown query [filtered]",
"line" : 3,
"col" : 14
}
],
"type" : "parsing_exception",
"reason" : "unknown query [filtered]",
"line" : 3,
"col" : 14,
"caused_by" : {
"type" : "named_object_not_found_exception",
"reason" : "[3:14] unknown field [filtered]"
}
},
"status" : 400
}

The filtered query has been deprecated. You should now use the boolean query. Modify your search query as -
{
"query": {
"bool": {
"must": {
"match": {
"last_name": "smith"
}
},
"filter": {
"range": {
"age": {
"gt": 30
}
}
}
}
}
}

"[geo_distance] malformed query, expected [END_OBJECT] but found [FIELD_NAME]"

I am tried to create search query with a values in 15m radios and between 3 weeks. I tried to execute this query:
"query": {
"bool": {
"must": {
"match_all": {}
}
, "filter": [
{
"geo_distance": {
"distance": "1000km",
"geoLocation": {
"lat": 31.966467334184614,
"lon": 35.83242623178664
}
}
,
"range": {
"map_date": {
"gte": "now-3w/w",
"lte": "now/w"
}
}
}
]
}}
My date filed is: map_date and my geo point filed is geoLocation
I get this response :
{
"error" : {
"root_cause" : [
{
"type" : "parsing_exception",
"reason" : "[geo_distance] malformed query, expected [END_OBJECT] but found [FIELD_NAME]",
"line" : 18,
"col" : 8
}
],
"type" : "x_content_parse_exception",
"reason" : "[18:8] [bool] failed to parse field [filter]",
"caused_by" : {
"type" : "parsing_exception",
"reason" : "[geo_distance] malformed query, expected [END_OBJECT] but found [FIELD_NAME]",
"line" : 18,
"col" : 8
}
},
"status" : 400
}
Help me please to figure out what I am doing wrong

Your filter part was mal formated, try :
{
"query": {
"bool": {
"must": {
"match_all": {}
},
"filter": [
{
"geo_distance": {
"distance": "1000km",
"geoLocation": {
"lat": 31.966467334184614,
"lon": 35.83242623178664
}
}
},
{
"range": {
"map_date": {
"gte": "now-3w/w",
"lte": "now/w"
}
}
}
]
}
}
}
Il your filter array you list a list of {}, take a look at:
https://www.elastic.co/guide/en/elasticsearch/reference/current/query-filter-context.html

elasticsearch query for GCP alpha and beta api's

trying to get this query below to work on GCP. need this to query for beta api's being used every 24 hours. keep getting error in the query. probably a simple syntax error, but im not seeing it.
GET /gcp-%2A/_search
{
"query": {
"range" : {
"timestamp" : {
"gte" : "now-1d/d",
"lt" : "now/d"
}
},
"wildcard": {
"protoPayload.methodName": {
"value": "*beta*",
"boost": 1.0,
"rewrite": "constant_score"
}
}
}
}
{
"error": {
"root_cause": [
{
"type": "parsing_exception",
"reason": "[range] malformed query, expected [END_OBJECT] but found [FIELD_NAME]",
"line": 9,
"col": 13
}
],
"type": "parsing_exception",
"reason": "[range] malformed query, expected [END_OBJECT] but found [FIELD_NAME]",
"line": 9,
"col": 13
},
"status": 400
}

You were almost there:
GET /gcp-%2A/_search
{
"query": {
"bool": {
"must": [
{
"range": {
"timestamp": {
"gte": "now-1d/d",
"lt": "now/d"
}
}
},
{
"wildcard": {
"protoPayload.methodName": {
"value": "*beta*",
"boost": 1,
"rewrite": "constant_score"
}
}
}
]
}
}
}

How i can apply match and range in the query DSL in elasticsearch

I want use the match and range, my body in the query is :
{
"query": {
"match" : {
"netscaler.ipadd" : "192.68.2.39"
},
"range": {
"#timestamp": {
"gte":"2015-08-04T11:00:00",
"lt":"2015-08-04T12:00:00"
}
}
},
"aggs" : {
"avg_grade" : {
"avg" : { "field" : "netscaler.stat.system.memusagepcnt" }
}
}
}
and elsaticsearch responds with:
{
"error": {
"root_cause": [{
"type": "parsing_exception",
"reason": "[match] malformed query, expected [END_OBJECT] but found [FIELD_NAME]",
"line": 6,
"col": 7
}],
"type": "parsing_exception",
"reason": "[match] malformed query, expected [END_OBJECT] but found [FIELD_NAME]",
"line": 6,
"col": 7
},
"status": 400
}
I need know which is the best way or the correct way for do that.

If you have multiple queries you probably should wrap them inside a bool query:
{
"query": {
"bool": {
"must": [
{
"match": {
"netscaler.ipadd": "192.68.2.39"
}
},
{
"range": {
"#timestamp": {
"gte": "2015-08-04T11:00:00",
"lt": "2015-08-04T12:00:00"
}
}
}
]
}
},
"aggs": {
"avg_grade": {
"avg": {
"field": "netscaler.stat.system.memusagepcnt"
}
}
}
}
More info in the docs

Develop Reference

ruby bash windows laravel spring algorithm oracle macos go visual-studio

malformed query, expected "END_OBJECT" but found "FIELD_NAME" - elasticsearch

You need to use boolean query to combine terms and range query. Modify your search query as shown below - { "query": { "bool": { "must": [ { "terms": { "tags.keyword": [ "Soup", "Cake" ] } }, { "range": { "in_stock": { "gte": 10, "lte": 20 } } } ] } } }

Related

Elasticsearch filter results by field

unknown query [filtered] when doing search against ES

"[geo_distance] malformed query, expected [END_OBJECT] but found [FIELD_NAME]"

elasticsearch query for GCP alpha and beta api's

How i can apply match and range in the query DSL in elasticsearch

Categories

Resources