Complex Dsl Queries based on client side parameters

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Complex Dsl Queries based on client side parameters

ankitaggarwal158
This post has NOT been accepted by the mailing list yet.
The logs are of this format:

17/03/15-06:29:30 31609 453749 545959 1 4 http://www.somesite.com/index.html - 0
{timestamp} {process_id} {child_id} {device_id} {blocked_id} {filter_id} {url} {log_message}

I have an external ruby client which can query on the following fields:

TimeStamp (Start Date to End Date)
Child Id
Device Id
Blocked Id

The possible combination of parameters passed to query the ES can be:

    Search for:
    Child Id alone
    Child Id + Device Id
    Child Id + Device Id + Blocked Id
    Device Id alone
    Device Id + Blocked Id
    Start Date to End Date
    Start Date to End Date + Blocked Id
    Start Date to End Date + Child Id
    Start Date to End Date + Child Id + Blocked Id
    Start Date to End Date + Device Id
    Start Date to End Date + Device Id + Blocked Id
    Start Date to End Date + Device Id + Child Id
    Start Date to End Date + Device Id + Child Id + Blocked

Since I do not know what all parameters will be sent from the client side, I have to handle all the possibilities using if-else conditions. Each If condition checks for the presence of a parameter and forms the DSL Query accordingly. I am forming too many conditional statements and forming dsl queries for each. I tried a lot to implement combination queries, range and filter queries. But some or the other condition is violated.

Need help in forming DSL query such that I can cover all possible parameters that the client can send with fewer conditions as possible. I know there must be a way to do this. please comment if I am not clear with my question.

Thanks in advance.

I was trying these type of condition and queries:

    if params['child_id']
     q = { match: { child_id: params['child_id'] }}
    if params['device_id']
     q = { match: { device_id: params['device_id'] }}
    if params['child_id'] and params['device_id']
     q = {
       bool: {
         must: [ { match: { child_id: params['child_id'] }},
                 { match: { device_id: params['device_id'] }}
               ]
             }
       }
    if params['start_time'] and params['end_time']
     start_time = Time.parse(params['start_time']).iso8601
     end_time = Time.parse(params['end_time']).iso8601
     q = { filtered:
           { filter:
             { range:
               { "@timestamp" => { "gt" => start_time, "lte" => end_time  } }        
             }
           }
         }
    if !params['child_id'] and !params['device_id'] and !params['start'] and !params['end']
     q = {match_all: {} }

NOTE: Many other conditions to check the incoming parameters and Queries are not shown. These are just for reference.