def search_more_term(field1,
query1,
field2,
query2,
index_name,
index_type,
kw=None,
*arg):
must1 = pyes.TermQuery(field1, query1)
must2 = pyes.TermQuery(field2, query2)
must = [must1, must2]
if arg:
must3 = pyes.TermQuery(arg[0], arg[1])
must.append(must3)
query = pyes.BoolQuery(must=must)
if kw:
search = search_add_sort(query, kw["sort_field"], kw["sort_type"])
return [i for i in CONN_ES.search(search, indices=[index_name])]
return [
i for i in CONN_ES.search(
query=query, indices=index_name, doc_types=index_type)
]
def assemble_query(queries, ops, fields, types, **kwargs):
must_haves = kwargs.get('must_haves', [])
should_haves = []
must_not_haves = []
index = 0
for query in queries:
if queries[index] != '':
clause = query_clause(index, queries, ops, fields, types)
if clause:
if ops[index] == 'not':
must_not_haves.append(clause)
elif ops[index] == 'and':
must_haves.append(clause)
else:
should_haves.append(clause)
index = index + 1
q = pyes.BoolQuery(must=must_haves, should=should_haves, must_not=must_not_haves).search()
q.facet.add_term_facet('fileExtension')
q.facet.add_term_facet('sipuuid', size=1000000000)
q.facet.add_term_facet('AIPUUID', size=1000000000)
return q
def make_query():
qrange = pyes.RangeQuery(pyes.ESRange('utctimestamp', start_date, end_date))
qterm = pyes.TermQuery('_type', 'alert')
q = pyes.BoolQuery(must=[qrange, qterm])
results = esconn.search(q, indices=indexname)
ret = []
for x in results:
na = Alert()
if na.parse_result(x): ret.append(na)
return ret
def search_range_time(field, start_date, date_range, index_name, index_type):
if type(date_range) == type(-1) and date_range != -1:
#start_da = datetime.datetime.strptime(start_date, "%Y-%m-%dT%H:%M:%SZ").date()
start_da = datetime.datetime.strptime(start_date, "%Y-%m-%d").date()
end_date = (start_da +
datetime.timedelta(days=date_range)).strftime('%Y-%m-%d')
must = pyes.RangeQuery(
pyes.ESRange(field, from_value=start_date, to_value=end_date))
query = pyes.BoolQuery(must=must)
dd = [
i for i in CONN_ES.search(
query=query, indices=index_name, doc_types=index_type)
]
return dd
else:
raise
def execute(self):
conn = pyes.ES(self.elastic_hosts)
queries = []
filters = []
filters.append(pyes.TermFilter('account', self.account))
for field, val in self.conditions:
if val != '':
queries.append(pyes.TextQuery(field, val))
if self.type not in [None, '']:
queries.append(pyes.TextQuery('type', self.type))
if self.path not in [None, '']:
if self.recursive:
filters.append(pyes.PrefixFilter('path', '%s/' % self.path))
else:
queries.append(pyes.TermQuery('dir', self.path))
if self.marker not in [None, '']:
filters.append(
pyes.RangeFilter(pyes.ESRangeOp('name', 'gt', self.marker)))
q = pyes.MatchAllQuery()
if len(queries) > 0:
q = pyes.BoolQuery(queries)
q = pyes.FilteredQuery(q, pyes.ANDFilter(filters))
self.logger.info("Running query: %s" % q.serialize())
results = conn.search(q, self.search_index_name, start=self.start,
size=self.limit)
if self.sort not in [None, '']:
sort_list = []
for row in self.sort.split(','):
sort_data = row.split(' ')
prefix = ""
if len(sort_data) > 1 and sort_data[1].lower() == 'desc':
prefix = "-"
if sort_data[0] in SORT_WHITELIST:
sort_list.append("{0}{1}".format(prefix, sort_data[0]))
if sort_list:
results.order_by(sort_list)
return results
def search(self, indices, query, *args, **kwargs):
"""Searches in specified model's index.
"""
index_name = get_index_name(indices)
type = get_type(indices)
from mongoengine import Document
if issubclass(indices,
Document) and indices._meta.get('allow_inheritance'):
# We have models with inheritance, need to use _cls! Wrapping around a BoolQuery.
query = pyes.BoolQuery(must=[query])
query.add_must(pyes.PrefixQuery('_cls', indices._class_name))
return ResultProxy(
indices,
self.conn.search(query,
*args,
doc_types=[type],
indices=[self._index_prefix + index_name],
**kwargs))
def march_query_tag(field, query, sub_type):
must = pyes.TermQuery("sub_type", sub_type)
should = pyes.MatchQuery(field, query)
query = pyes.BoolQuery(must=must, should=should)
return [i for i in CONN_ES.search(query=query)]