Module: Elasticsearch::Helpers::ESQLHelper

Defined in:

lib/elasticsearch/helpers/esql_helper.rb

Overview

Elasticsearch Client Helper for the ES|QL API

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/current/esql-query-api.html

Class Method Summary

• .query(client, query, params = {}, parser: {}) ⇒ Object

  Query helper for ES|QL.

Class Method Details

.query(client, query, params = {}, parser: {}) ⇒ Object

Query helper for ES|QL

By default, the ‘esql.query` API returns a Hash response with the following keys:

• ‘columns` with the value being an Array of `{ name: type }` Hashes for each column.

• ‘values` with the value being an Array of Arrays with the values for each row.

This helper function returns an Array of hashes with the columns as keys and the respective values: ‘{ column => value }`.

Examples:

Using the ES|QL helper

require 'elasticsearch/helpers/esql_helper'
query = "          FROM sample_data\n          | EVAL duration_ms = ROUND(event.duration / 1000000.0, 1)\n        ESQL\nresponse = Elasticsearch::Helpers::ESQLHelper.query(client, query)\n"

Using the ES|QL helper with a parser

response = Elasticsearch::Helpers::ESQLHelper.query(
             client,
             query,
             parser: { '@timestamp' => Proc.new { |t| DateTime.parse(t) } }
           )

See Also:

• https://www.elastic.co/guide/en/elasticsearch/client/ruby-api/current/Helpers.html#_esql_helper

# File 'lib/elasticsearch/helpers/esql_helper.rb', line 58

def self.query(client, query, params = {}, parser: {})
  response = client.esql.query({ body: { query: query }, format: 'json' }.merge(params))

  columns = response['columns']
  response['values'].map do |value|
    (value.length - 1).downto(0).map do |index|
      key = columns[index]['name']
      value[index] = parser[key].call(value[index]) if value[index] && parser[key]
      { key => value[index] }
    end.reduce({}, :merge)
  end
end