如何在按时间范围进行Go过滤结果的Elasticsearch中搜索

I am retentively new to programming in Go.

I am trying create a simple program which does only one thing searches string via elasticsearch API. My question is specific to the "gopkg.in/olivere/elastic.v2" package I am using.

Here is a code sample:

package main

import (
    "fmt"
    "gopkg.in/olivere/elastic.v2"
    "log"
    "reflect"
)

type Syslog struct {
    Program   string
    Message   string
    Timestamp string
}


func main() {

    client, err := elastic.NewClient(elastic.SetURL("http://localhost:9200"))
    if err != nil {
        log.Fatal(err)
    }
    info, code, err := client.Ping().Do()
    if err != nil {
        log.Fatal(err)
    }
    fmt.Printf("Elasticsearch returned with code %d and version  %s", code, info.Version.Number)

    termQuery := elastic.NewTermQuery("message", "configuration")

    searchResult, err := client.Search().
        //PostFilter(postFilter).
        Index("logstash-*").     // search in index "logstash-*"
        Query(&termQuery).       // specify the query
        Sort("timestamp", true). // sort by "message" field, ascending
        From(0).Size(10).        // take documents 0-9
        Pretty(true).            // pretty print request and response JSON
        Do()                     // execute
    if err != nil {
        log.Fatal(err)
    }
    fmt.Printf(" Query took %d milliseconds
", searchResult.TookInMillis)

    var ttyp Syslog

    for _, item := range searchResult.Each(reflect.TypeOf(ttyp)) {
        t := item.(Syslog)
        fmt.Printf("Found %s %s %s
", t.Timestamp, t.Program, t.Message)
    }

}

This works, however what I really want is to limit search by time range.

As I understand I need to use FilteredQuery function. But I am lost in attempts to figure out how to create a filtered query.

There is function which created it "FilteredQuery" it requires Query Type as an input parameter but there is no function to create Query itself. I can just create a variable of a required type, still it need to have fields like which filed in elasticsearch to look for and a string to look for.

Same thing goes for the Filter variable in call for func (FilteredQuery) Filter.

May be someone has already got an example or can point me into the right direction.

I have an example of a JSON which if passed to elastcisearch gets me what I want:

"query": {
    "filtered": {
      "query": {
        "query_string": {
          "query": "message:\"configuration\"",
          "analyze_wildcard": true
        }
      },
      "filter": {
        "bool": {
          "must": [
            {
              "range": {
                "@timestamp": {
                  "gte": 1442100154219,
                  "lte": 1442704954219
                }
              }
            }
          ],
          "must_not": []
        }
      }
    }
  },

But I do not know how to implement the same in Go. Thanks.

See RangeFilter and FilteredQuery

Here is an example producing the result you want :

package main

import (
    "encoding/json"
    "fmt"

    elastic "gopkg.in/olivere/elastic.v2"
)

func main() {

    termQuery := elastic.NewTermQuery("message", "configuration")

    timeRangeFilter := elastic.NewRangeFilter("@timestamp").Gte(1442100154219).Lte(1442704954219)

    // Not sure this one is really useful, I just put it here to mimic what you said is the expected result
    boolFilter := elastic.NewBoolFilter().Must(timeRangeFilter)

    query := elastic.NewFilteredQuery(termQuery).Filter(boolFilter)

    queryBytes, err := json.MarshalIndent(query.Source(), "", "\t")
    if err != nil {
        panic(err)
    }

    fmt.Println(string(queryBytes))
}

The output it produces is:

{
    "filtered": {
        "filter": {
            "bool": {
                "must": {
                    "range": {
                        "@timestamp": {
                            "from": 1442100154219,
                            "include_lower": true,
                            "include_upper": true,
                            "to": 1442704954219
                        }
                    }
                }
            }
        },
        "query": {
            "term": {
                "message": "configuration"
            }
        }
    }
}