SQL Access
文章目录
This functionality is experimental and may be changed or removed completely in a future release. Elastic will take a best effort approach to fix any issues, but experimental features are not subject to the support SLA of official GA features.(此功能是试验性的,在将来的版本中可能会完全更改或删除。Elastic会尽力解决所有问题,但是实验性功能不受官方GA功能的支持SLA约束。)
X-Pack包含一项SQL功能,可对Elasticsearch索引执行SQL并以表格格式返回结果。
- 概述
Elasticsearch SQL及其功能概述。 - 入门
立即在Elasticsearch中开始使用SQL。 - 概念和术语
跨SQL和Elasticsearch的语言约定。 - 安全
保护Elasticsearch SQL和Elasticsearch。 - REST API
接受JSON文档中的SQL,执行它并返回结果。 - 翻译API
接受JSON文档中的SQL,并将其转换为本地Elasticsearch查询并返回。 - 命令行界面
连接到Elasticsearch以执行SQL并打印表格结果的命令行应用程序。 - JDBC
用于Elasticsearch的JDBC驱动程序。 - SQL语言
Elasticsearch SQL语言的概述,例如支持的数据类型,命令和语法。 - 功能和运算符
支持的功能和运算符列表。
概述
Elasticsearch SQL旨在为Elasticsearch提供强大而轻量级的SQL接口
简介
Elasticsearch SQL是一个X-Pack组件,它允许针对Elasticsearch实时执行类似SQL的查询。无论使用REST接口,命令行还是JDBC,任何客户端都可以使用SQL 在Elasticsearch内部本机搜索和聚合数据 。可以将Elasticsearch SQL视为一种翻译器,它可以理解SQL和Elasticsearch,并可以利用Elasticsearch功能轻松地进行大规模实时读取和处理数据。
为什么选择Elasticsearch SQL
本机集成
Elasticsearch SQL是为Elasticsearch从头开始构建的。根据基础存储,针对相关节点有效执行每个查询。
没有外部零件
无需其他硬件,流程,运行时或库即可查询Elasticsearch;Elasticsearch SQL通过在 Elasticsearch集群中运行来消除多余的运动部件。
轻巧高效
Elasticsearch SQL并未抽象化Elasticsearch及其搜索功能-相反,它包含并公开了SQL以允许以相同的声明性,简洁的方式实时进行适当的全文本搜索。
入门
execute SQL using the SQL REST API right away:
POST /_xpack/sql?format=txt
{
"query": "SELECT * FROM library WHERE release_date < '2000-01-01'"
}
use the SQL CLI. There is a script to start it shipped in x-pack’s bin directory:
./bin/elasticsearch-sql-cli
Conventions and Terminology(约定和术语)
因为相同的措词由于不同的读者对SQL和Elasticsearch的熟悉程度不同,可能会将不同的含义传达给不同的读者。所以为了清楚起见,确定某些单词后面的含义是很重要的。
通常,Elasticsearch SQL的名称表示为Elasticsearch提供一个SQL接口。因此,只要可能,它首先遵循sql术语和约定。但是,支持引擎本身是elasticsearch,elasticsearch sql是为其专门创建的,因此,在sql中不可用或无法正确映射的特性或概念出现在elasticsearch sql中。最后但并非最不重要的一点是,尽管世界上所有事物都是相对的,Elasticsearch SQL尝试遵循principle of least suprise原则。
Mapping concepts across SQL and Elasticsearch(SQL和ES的概念映射)
尽管SQL和Elasticsearch对于数据的组织方式(和不同的语义)使用不同的术语,但本质上它们的目的是相同的。
SQL和ES 概念映射
refer to Document
Security
SQL REST API
The SQL REST API accepts SQL in a JSON document, executes it, and returns the results. For example:
POST /_xpack/sql?format=txt
{
"query": "SELECT * FROM library ORDER BY page_count DESC LIMIT 5"
}
While the text/plain format is nice for humans, computers prefer something more structured. You can replace the value of format with: -json aka application/json - yaml aka application/yaml - smile aka application/smile - cbor aka application/cbor - txt aka text/plain - csv aka text/csv - tsv aka text/tab-separated-values
aka: 又名;亦称
Alternatively you can set the Accept HTTP header to the appropriate media format. The GET parameter takes precedence over the header. If neither is specified then the response is returned in the same format as the request.
POST /_xpack/sql?format=json
{
"query": "SELECT * FROM library ORDER BY page_count DESC",
"fetch_size": 5
}
You can continue to the next page by sending back the cursor field. In case of text format the cursor is returned as Cursor http header.
POST /_xpack/sql?format=json
{
"cursor": "sDXF1ZXJ5QW5kRmV0Y2gBAAAAAAAAAAEWYUpOYklQMHhRUEtld3RsNnFtYU1hQQ==:BAFmBGRhdGUBZgVsaWtlcwFzB21lc3NhZ2UBZgR1c2Vy9f///w8="
}
当结果中没有返回光标时,您已到达最后一页。像elasticsearch的滚动条一样,sql可以在elasticsearch中保持状态以支持光标。与scroll不同,接收最后一页就足以保证清除elasticsearch状态。
要清除之前的状态,可以使用clear cursor命令:
POST /_xpack/sql/close
{
"cursor": "sDXF1ZXJ5QW5kRmV0Y2gBAAAAAAAAAAEWYUpOYklQMHhRUEtld3RsNnFtYU1hQQ==:BAFmBGRhdGUBZgVsaWtlcwFzB21lc3NhZ2UBZgR1c2Vy9f///w8="
}
You can filter the results that SQL will run on using a standard Elasticsearch query DSL by specifying the query in the filter parameter.
POST /_xpack/sql?format=txt
{
"query": "SELECT * FROM library ORDER BY page_count DESC",
"filter": {
"range": {
"page_count": {
"gte" : 100,
"lte" : 200
}
}
},
"fetch_size": 5
}
等同于
POST /_xpack/sql?format=txt
{
"query": "SELECT * FROM library where page_count >= 100 and page_count <= 200 ORDER BY page_count DESC",
"fetch_size": 5
}
In addition to the query and cursor fields, the request can contain fetch_size and time_zone. fetch_size is a hint for how many results to return in each page. SQL might chose to return more or fewer results though. time_zone is the time zone to use for date functions and date parsing. time_zone defaults to utc and can take any values documented here.
SQL Translate API
The SQL Translate API accepts SQL in a JSON document and translates it into native Elasticsearch queries. For example:
POST /_xpack/sql/translate
{
"query": "SELECT * FROM library ORDER BY page_count DESC",
"fetch_size": 10
}
Which is the request that SQL will run to provide the results. In this case, SQL will use the scroll API. If the result contained an aggregation then SQL would use the normal search API.(这是SQL将运行以提供结果的请求。在这种情况下,sql将使用scroll api。如果结果包含聚合,那么sql将使用普通的搜索api。)
The request body accepts all of the fields that the SQL REST API accepts except cursor.(请求主体接受sql rest api接受的所有字段(游标除外)。)
SQL CLI
Elasticsearch ships with a script to run the SQL CLI in its bin directory:
$ ./bin/elasticsearch-sql-cli
包含SQL CLI的jar是一个独立的Java应用程序,脚本会启动它。您可以将其移动到其他计算机上,而不必在其上安装Elasticsearch。
您可以传递Elasticsearch实例的URL作为第一个参数进行连接特定ES服务器:
$ ./bin/elasticsearch-sql-cli https://some.server:9200
SQL JDBC
Installation
Elasticsearch的SQL jdbc驱动程序是用于Elasticsearch的丰富,功能齐全的JDBC驱动程序。它是Type 4驱动程序,意味着它是独立于平台,独立的,直接到数据库的纯Java驱动程序,可将JDBC调用转换为Elasticsearch SQL。
可以通过从elastic.co网站下载JDBC驱动程序或使用具有以下依赖关系的Maven兼容工具来获得JDBC驱动程序:
maven
<dependency>
<groupId>org.elasticsearch.plugin</groupId>
<artifactId>x-pack-sql-jdbc</artifactId>
<version>6.4.3</version>
</dependency>
仓库配置
<repositories>
<repository>
<id>elastic.co</id>
<url>https://artifacts.elastic.co/maven</url>
</repository>
</repositories>
Setup
驱动主类是org.elasticsearch.xpack.sql.jdbc.jdbc.JdbcDriver。注意,驱动程序实现了JDBC 4.0 Service Provider机制,这意味着只要它在类路径中可用,它就会自动注册。
注册后,驱动程序将以下语法理解为URL:
jdbc:es://[http|https]?[host[:port]]*/[prefix]*[?[option=value]&]*
jdbc:es://
Prefix. Mandatory.
[http|https]
Type of HTTP connection to make. Possible values are http (default) or https. Optional.
[host[:port]]
Host (localhost by default) and port (9200 by default). Optional.
[prefix]
Prefix (empty by default). Typically used when hosting Elasticsearch under a certain path. Optional.
[option=value]
Properties for the JDBC driver. Empty by default. Optional.
The driver recognized the following parameters:
Essential(必要的,重要的)
timezone (default JVM timezone)
Timezone used by the driver per connection indicated by its ID. Highly recommended to set it (to, say, UTC) as the JVM timezone can vary, is global for the entire JVM and can’t be changed easily when running under a security manager.(驱动程序根据其ID指示的每个连接使用的时区。强烈建议将其设置为(例如,设置为UTC),因为JVM时区可以变化,对整个JVM是全局的,并且在安全管理器下运行时不容易更改。)
Network
connect.timeout (default 30s)
Connection timeout (in seconds). That is the maximum amount of time waiting to make a connection to the server.
network.timeout (default 60s)
Network timeout (in seconds). That is the maximum amount of time waiting for the network.
page.timeout (default 45s)
Page timeout (in seconds). That is the maximum amount of time waiting for a page.
page.size (default 1000)
Page size (in entries). The number of results returned per page by the server.
query.timeout (default 90s)
Query timeout (in seconds). That is the maximum amount of time waiting for a query to return.
Basic Authentication
user
Basic Authentication user name
password
Basic Authentication password
SSL
ssl (default false)
Enable SSL
ssl.keystore.location
key store (if used) location
ssl.keystore.pass
key store password
ssl.keystore.type (default JKS)
key store type. PKCS12 is a common, alternative format
ssl.truststore.location
trust store location
ssl.truststore.pass
trust store password
ssl.cert.allow.self.signed (default false)
Whether or not to allow self signed certificates
ssl.protocol(default TLS)
SSL protocol to be used
Proxy
proxy.http
Http proxy host name
proxy.socks
SOCKS proxy host name
To put all of it together, the following URL:
jdbc:es://http://server:3456/?timezone=UTC&page.size=250
API usage
One can use JDBC through the official java.sql and javax.sql packages:
java.sql
The former through java.sql.Driver and DriverManager:
String address = "jdbc:es://" + elasticsearchAddress;
//用于连接到ElasticSearch的属性。对于不安全的ElasticSearch,空属性实例是合适的。
Properties connectionProperties = connectionProperties();
Connection connection = DriverManager.getConnection(address, connectionProperties);
javax.sql
Accessible through the javax.sql.DataSource API:
JdbcDataSource dataSource = new JdbcDataSource();
String address = "jdbc:es://" + elasticsearchAddress;
dataSource.setUrl(address);
//用于连接到ElasticSearch的属性。对于不安全的ElasticSearch,空属性实例是合适的。
Properties connectionProperties = connectionProperties();
dataSource.setProperties(connectionProperties);
Connection connection = dataSource.getConnection();
Which one to use? Typically client applications that provide most configuration parameters in the URL rely on the DriverManager-style while DataSource is preferred when being passed around since it can be configured in one place and the consumer only has to call getConnection without having to worry about any other parameters.
To connect to a secured Elasticsearch server the Properties should look like:
Properties properties = new Properties();
properties.put("user", "test_admin");
properties.put("password", "x-pack-test-password");
Once you have the connection you can use it like any other JDBC connection. For example:
try (Statement statement = connection.createStatement();
ResultSet results = statement.executeQuery(
"SELECT name, page_count FROM library ORDER BY page_count DESC LIMIT 1")) {
assertTrue(results.next());
assertEquals("Don Quixote", results.getString(1));
assertEquals(1072, results.getInt(2));
SQLException e = expectThrows(SQLException.class, () -> results.getInt(1));
assertTrue(e.getMessage(), e.getMessage().contains("unable to convert column 1 to an int"));
assertFalse(results.next());
}
SQL Language
Data Types
Most of Elasticsearch data types are available in Elasticsearch SQL, as indicated below:
| Elasticsearch type | SQL type | SQL precision |
|---|---|---|
| null | null | 0 |
| boolean | boolean | 1 |
| byte | tinyint | 3 |
| short | smallint | 5 |
| integer | integer | 10 |
| long | long | 19 |
| double | double | 15 |
| float | real | 7 |
| half_float | float | 16 |
| scaled_float | float | 19 |
| keyword | varchar | based on ignore_above |
| text | varchar | 2,147,483,647 |
| binary | varbinary | 2,147,483,647 |
| date | timestamp | 24 |
| object | struct | 0 |
| nested | struct | 0 |
| types not mentioned above | unsupported | 0 |
显然,并非Elasticsearch中的所有类型在SQL中都具有相同的含义,反之亦然,因此,为什么Elasticsearch SQL使用前者的数据类型特性而不是后者,因为Elasticsearch最终是后备存储。
SQL Commands
This section contains the list of SQL commands supported by Elasticsearch SQL along with their syntax:
- DESCRIBE TABLE
Describe a table. - SELECT
Retrieve rows from zero or more tables. - SHOW COLUMNS
List columns in table. - SHOW FUNCTIONS
List supported functions. - SHOW TABLES
List tables available.
DESCRIBE TABLE
Synopsis.
DESCRIBE table
or
DESC table
SELECT
Synopsis.
SELECT select_expr [, ...]
[ FROM table_name ]
[ WHERE condition ]
[ GROUP BY grouping_element [, ...] ]
[ HAVING condition]
[ ORDER BY expression [ ASC | DESC ] [, ...] ]
[ LIMIT [ count ] ]
SELECT 一般用法:
- FROM列表中的所有元素都将被计算(每个元素可以是基表或别名表)。当前仅FROM支持一个表。但是请注意,表名可以是模式(请参见下面的FROM子句)。
- 如果指定了WHERE子句,将从输出中消除所有不满足条件的行。(请参阅下面的WHERE子句。)
- 如果指定了GROUP BY子句,或者存在聚合函数调用,输出被组合成与一个或多个值匹配的行组,并计算聚合函数的结果。如果HAVING子句存在,它将消除不满足给定条件的组。(请参阅下面的GROUP BY子句和HAVING子句。)
- 使用SELECT每个选定行或行组的输出表达式来计算实际输出行。
- 如果指定了ORDER BY子句,则返回的行将以指定的顺序排序。如果ORDER BY未给出,这些行按系统认为最快生成的顺序返回。(If ORDER BY is not given, the rows are returned in whatever order the system finds fastest to produce. )(请参阅下面的ORDER BY子句。)
- 如果LIMIT指定了,则该SELECT语句仅返回结果行的子集。(请参阅下面的LIMIT条款。)
SELECT List
SELECT列表,即SELECT和FROM之间的表达式,代表的SELECT声明的输出行。
与表一样,SELECT的每个输出列都有一个名称,可以通过AS关键字为每列指定该名称:
SELECT 1 + 1 AS result
result
---------------
2
注意:AS是可选关键字,但是它有助于提高查询的可读性,在某些情况下还可以避免查询的歧义,因此建议您指定它。
如果未给出名称,则由Elasticsearch SQL分配:
SELECT 1 + 1;
(1 + 1)
---------------
2
或者,如果它是简单的列引用,则使用其名称作为列名称:
SELECT emp_no FROM emp LIMIT 1;
emp_no
---------------
10001
Wildcard
要选择源中的所有列,可以使用*:
它实际上返回所有(找到的顶级字段,子字段(例如多字段)被忽略的列)。
SELECT * FROM emp LIMIT 1;
which essentially returns all(top-level fields, sub-fields, such as multi-fields are ignored] columns found.
FROM子句
FROM子句为SELECT操作指定了一个操作对象。语法如下:
/***table_name:表示现有表的名称,具体名称或基本名称(实际索引)或别名**/
FROM table_name [ [ AS ] alias ]
如果表名称包含特殊SQL字符(如. -)用双引号逃脱他们:
SELECT * FROM "emp" LIMIT 1 ;
table_name可以是指向多个索引的模式(可能需要如上所述的双引号),但有一个限制,即所有解析的具体表都具有精确的映射。
SELECT emp_no FROM "e*p" LIMIT 1 ;
alias:
FROM包含别名的项目的替代名称。别名是为了简洁起见或消除歧义。提供别名后,它将完全隐藏表的实际名称,必须在其位置使用它。
SELECT e.emp_no FROM emp AS e LIMIT 1;
emp_no
-------------
10001
WHERE子句
WHERE子句用于过滤查询中的行,语法如下:
WHERE condition
where:
condition
Represents an expression that evaluates to a boolean. Only the rows that match the condition (to true) are returned.
SELECT last_name FROM emp WHERE emp_no = 10001;
last_name
---------------
Facello
GROUP BY子句
GROUP BY子句用于将结果分为指定列中匹配值的行组。它具有以下语法:
GROUP BY grouping_element [, ...]
grouping_element:
表示将行分组于其上的表达式。它可以是列名,列的别名或序号或列值的任意表达式。
A common, group by column name:
SELECT gender AS g FROM emp GROUP BY gender;
g
---------------
F
M
Grouping by output ordinal:
SELECT gender FROM emp GROUP BY 1;
gender
---------------
F
M
Grouping by alias:
SELECT gender AS g FROM emp GROUP BY g;
g
---------------
F
M
And grouping by column expression (typically used along-side an alias):
SELECT languages + 1 AS l FROM emp GROUP BY l;
l
---------------
2
3
a mixture of the above:
SELECT gender g, languages l, COUNT(*) c FROM "emp" GROUP BY g, l ORDER BY languages ASC, gender DESC;
g | l | c
---------------+---------------+---------------
F |2 |4
F |3 |8
F |4 |7
当使用GROUP BY子句时,所有输出表达式必须是聚合函数或用于列的分组或派生的表达式(否则,对于每个未分组的列,可能会返回多个值)。
SELECT gender AS g, COUNT(*) AS c FROM emp GROUP BY gender;
g | c
---------------+---------------
F |37
M |63
Expressions over aggregates used in output:
SELECT gender AS g, ROUND(MIN(salary) / 100) AS salary FROM emp GROUP BY gender;
g | salary
---------------+---------------
F |260
M |253
Multiple aggregates used:
SELECT gender AS g, KURTOSIS(salary) AS k, SKEWNESS(salary) AS s FROM emp GROUP BY gender;
g | k | s
---------------+------------------+-------------------
F |1.8427808415250482|0.04517149340491813
M |2.259327644285826 |0.40268950715550333
Implicit Grouping(隐式分组)
当使用一个没有关联GROUP BY的aggregation函数 ,将应用隐式分组,这意味着所有选定的行均被视为形成单个默认或隐式组。这样,查询仅发出单个行(因为只有单个组)。
一个常见的示例是对记录数进行计数:
SELECT COUNT(*) AS count FROM emp;
count
---------------
100
Of course, multiple aggregations can be applied:
SELECT MIN(salary) AS min, MAX(salary) AS max, AVG(salary) AS avg, COUNT(*) AS count FROM emp;
min | max | avg | count
---------------+---------------+---------------+---------------
25324 |74999 |48248 |100
HAVING子句
HAVING子句只能与集合函数一起使用(GROUP BY),以过滤保留或不保留哪些组,并且具有以下语法:
GROUP BY condition
condition:
表示计算结果为布尔值的表达式。仅返回条件为true的组。
WHERE和HAVING用于过滤但是它们之间有几个显著的差异:
- WHERE适用于各行的,HAVING工作于分组的
GROUP BY - WHERE在GROUP BY之前执行,HAVING在GROUP BY之后执行
SELECT languages AS l, COUNT(*) AS c FROM emp GROUP BY l HAVING c BETWEEN 15 AND 20;
l | c
---------------+---------------
1 |16
2 |20
此外,可以在内部使用多个聚合表达式,其中甚至有一个不在输出中使用:
SELECT MIN(salary) AS min, MAX(salary) AS max, MAX(salary) - MIN(salary) AS diff FROM emp GROUP BY languages HAVING diff - max % min > 0 AND AVG(salary) > 30000;
min | max | diff
---------------+---------------+---------------
25976 |73717 |47741
29175 |73578 |44403
26436 |74999 |48563
Implicit Grouping(隐式分组)
如上所述,可以有一个HAVING不带``GROUP BY’’ 的子句。在这种情况下,将应用所谓的隐式分组,这意味着所有选定的行均被视为形成单个组,并且HAVING可以应用于在该组上指定的任何聚合函数。如此,查询仅发出单行(因为只有一个组),HAVING如果条件失败,条件将返回一行(该组)或零。
在此示例中,HAVING匹配:
SELECT MIN(salary) AS min, MAX(salary) AS max FROM emp HAVING min > 25000;
min | max
---------------+---------------
25324 |74999
ORDER BY子句
ORDER BY子句用于SELECT按一个或多个表达式对结果进行排序:
ORDER BY 表达式[ ASC | DESC ] [,...]
expression:
表示输入列,输出列或输出列位置的序号(从一个开始)。此外,可以根据结果得分进行排序。如果未指定方向,则默认情况下为ASC升序。`不管指定的顺序如何,空值都最后(最后)排序。
Order By Score
在WHERE子句中进行全文查询时,可以根据结果的分数或与给定查询的相关性返回结果 。
要基于进行排序score,请使用特殊功能SCORE():
SELECT SCORE(), * FROM library WHERE match(name, 'dune') ORDER BY SCORE() DESC;
SCORE() | author | name | page_count | release_date
---------------+---------------+-------------------+---------------+--------------------
2.288635 |Frank Herbert |Dune |604 |1965-06-01T00:00:00Z
LIMIT子句
The LIMIT clause restricts (limits) the number of rows returns using the format:
LIMIT ( count | ALL )
where
count:
is a positive integer or zero indicating the maximum possible number of results being returned (as there might be less matches than the limit). If 0 is specified, no results are returned.
ALL:
indicates there is no limit and thus all results are being returned.
To return
SHOW COLUMNS
Synopsis.
SHOW COLUMNS [ FROM | IN ] ? table
Description. List the columns in table and their data type (and other attributes).
SHOW FUNCTIONS
Synopsis.
/**SQL match pattern**/
SHOW FUNCTIONS [ LIKE? pattern? ]?
Description. List all the SQL functions and their type. The LIKE clause can be used to restrict the list of names to the given pattern.
The list of functions returned can be customized based on the pattern.
It can be an exact match:
SHOW FUNCTIONS LIKE 'ABS';
return:
name | type
---------------+---------------
ABS |SCALAR
A wildcard for exactly one character:
SHOW FUNCTIONS LIKE 'A__';
return:
name | type
---------------+---------------
AVG |AGGREGATE
ABS |SCALAR
A wildcard matching zero or more characters:
SHOW FUNCTIONS LIKE 'A%';
return:
name | type
---------------+---------------
AVG |AGGREGATE
ABS |SCALAR
ACOS |SCALAR
ASIN |SCALAR
ATAN |SCALAR
ATAN2 |SCALAR
ASCII |SCALAR
Or of course, a variation of the above:
SHOW FUNCTIONS '%DAY%';
return:
name | type
---------------+---------------
DAY_OF_MONTH |SCALAR
DAY |SCALAR
DAY_OF_WEEK |SCALAR
DAY_OF_YEAR |SCALAR
HOUR_OF_DAY |SCALAR
MINUTE_OF_DAY |SCALAR
SHOW TABLES
Synopsis.
/**SQL match pattern**/
SHOW TABLES [ LIKE? pattern? ]?
The LIKE clause can be used to restrict the list of names to the given pattern.
The pattern can be an exact match:
SHOW TABLES LIKE 'emp';
return:
name | type
---------------+---------------
emp |BASE TABLE
Multiple chars:
SHOW TABLES LIKE 'emp%';
return:
name | type
---------------+---------------
emp |BASE TABLE
employees |ALIAS
A single char:
SHOW TABLES LIKE 'em_';
return:
name | type
---------------+---------------
emp |BASE TABLE
Or a mixture of single and multiple chars:
SHOW TABLES LIKE '%em_';
return:
name | type
---------------+---------------
emp |BASE TABLE
Functions and Operators
Elasticsearch SQL provides a number of built-in operators and functions。(内置函数和运算)
Comparison Operators(比较运算符)
Elasticsearch SQL supports the following comparison operators:
- Equality (=)(等于)
SELECT last_name l FROM "test_emp" WHERE emp_no = 10000 LIMIT 5;
- Inequality (<> or != or <=>)(不等于)
SELECT last_name l FROM "test_emp" WHERE emp_no <> 10000 ORDER BY emp_no LIMIT 5;
- Comparison (<, <=, >, >=)
SELECT last_name l FROM "test_emp" WHERE emp_no < 10003 ORDER BY emp_no LIMIT 5;
- BETWEEN
SELECT last_name l FROM "test_emp" WHERE emp_no BETWEEN 9990 AND 10003 ORDER BY emp_no;
- IS NULL/IS NOT NULL
SELECT last_name l FROM "test_emp" WHERE emp_no IS NOT NULL AND gender IS NULL;
Logical Operators(逻辑运算符)
Elasticsearch SQL supports the following logical operators:
- AND
SELECT last_name l FROM "test_emp" WHERE emp_no > 10000 AND emp_no < 10005 ORDER BY emp_no LIMIT 5;
- OR
SELECT last_name l FROM "test_emp" WHERE emp_no < 10003 OR emp_no = 10005 ORDER BY emp_no LIMIT 5;
- NOT
SELECT last_name l FROM "test_emp" WHERE NOT emp_no = 10000 LIMIT 5;
Math Operators(数学运算符)
Elasticsearch SQL supports the following math operators:
- Add (+)(加)
SELECT 1 + 1 AS x;
- Subtract (infix -)(减)
SELECT 1 - 1 AS x;
- Negate (unary -)(取反)
SELECT - 1 AS x;
- Multiply (*)(乘)
SELECT 2 * 3 AS x;
- Divide (/)(除)
SELECT 6 / 3 AS x;
- Modulo or Reminder(%)(取余)
SELECT 5 % 2 AS x;
Math Functions(数学函数)
所有数学和三角函数都要求其输入为数值。
Generic
- ABS(Absolute value/绝对值)
- CBRT(立方根)
- CEIL/CEILING (朝正无穷大方向取整)
SELECT CEIL(8.1);
CEIL(8.1)
---------------
9
或
SELECT CEIL(8.5);
CEIL(8.5)
---------------
9
或
SELECT CEIL(8.6);
CEIL(8.6)
---------------
9
或
SELECT CEIL(-1);
CEIL(-1)
---------------
-1
或
SELECT CEIL(-1.1);
CEIL(-1.1)
---------------
-1
或
SELECT CEIL(-1.6);
CEIL(-1.6)
---------------
-1
- E(尚不清楚具体用法)
Euler’s number, returns 2.7182818284590452354
- Round (ROUND)(四舍五入)
sql> select round(2.4);
ROUND(2.4)
---------------
2
sql> select round(2.5);
ROUND(2.5)
---------------
3
sql> select round(-2.5);
ROUND(-2.5)
---------------
-2
sql> select round(-2.4);
ROUND(-2.4)
---------------
-2
sql> select round(-2.51);
ROUND(-2.51)
---------------
-3
- Floor (FLOOR)(超负无穷大方向取整)
sql> select floor(1.3);
FLOOR(1.3)
---------------
1
sql> select floor(1.5);
FLOOR(1.5)
---------------
1
sql> select floor(1.7);
FLOOR(1.7)
---------------
1
sql> select floor(-1.7);
FLOOR(-1.7)
---------------
-2
sql> select floor(-1.5);
FLOOR(-1.5)
---------------
-2
sql> select floor(-1.4);
FLOOR(-1.4)
---------------
-2
-
Natural logarithm (LOG)(LOG对数,e的对数)
-
Logarithm base 10 (LOG10)(10的对数)
-
Square root(SQRT)(平方根)
-
e^x (EXP)
-
e^x - 1 (EXPM1)
Trigonometric(三角函数)
- Convert from radians to degrees (DEGREES)(从弧度转换为度(度))
SELECT DEGREES(emp_no);
- Convert from degrees to radians (RADIANS)(从度转换为弧度(弧度))
- Sine (SIN)
- Cosine (COS)
- Tangent (TAN)
- Arc sine (ASIN)
- Arc cosine (ACOS)
- Arc tangent (ATAN)
- Hyperbolic sine (SINH)
- Hyperbolic cosine (COSH)
Date and Time Functions(日期和时间功能)
- Extract the year from a date (YEAR)
SELECT YEAR(CAST('2018-02-19T10:23:27Z' AS TIMESTAMP)) AS year;
year
---------------
2018
- Extract the month of the year from a date (MONTH_OF_YEAR or MONTH)
SELECT MONTH_OF_YEAR(CAST('2018-02-19T10:23:27Z' AS TIMESTAMP)) AS month;
month
---------------
2
- Extract the week of the year from a date (WEEK_OF_YEAR or WEEK)
SELECT WEEK_OF_YEAR(CAST('2018-02-19T10:23:27Z' AS TIMESTAMP)) AS week;
week
---------------
8
- Extract the day of the year from a date (DAY_OF_YEAR or DOY)
SELECT DAY_OF_YEAR(CAST('2018-02-19T10:23:27Z' AS TIMESTAMP)) AS day;
day
---------------
50
- Extract the day of the month from a date (DAY_OF_MONTH, DOM, or DAY)
SELECT DAY_OF_MONTH(CAST('2018-02-19T10:23:27Z' AS TIMESTAMP)) AS day;
day
---------------
19
- Extract the day of the week from a date (DAY_OF_WEEK or DOW). Monday is 1, Tuesday is 2, etc.
SELECT DAY_OF_WEEK(CAST('2018-02-19T10:23:27Z' AS TIMESTAMP)) AS day;
day
---------------
1
- Extract the hour of the day from a date (HOUR_OF_DAY or HOUR). Monday is 1, Tuesday is 2, etc.
SELECT HOUR_OF_DAY(CAST('2018-02-19T10:23:27Z' AS TIMESTAMP)) AS hour;
hour
---------------
10
- Extract the minute of the day from a date (MINUTE_OF_DAY).
SELECT MINUTE_OF_DAY(CAST('2018-02-19T10:23:27Z' AS TIMESTAMP)) AS minute;
minute
---------------
623
- Extract the minute of the hour from a date (MINUTE_OF_HOUR, MINUTE).
SELECT MINUTE_OF_HOUR(CAST('2018-02-19T10:23:27Z' AS TIMESTAMP)) AS minute;
minute
---------------
23
- Extract the second of the minute from a date (SECOND_OF_MINUTE, SECOND).
SELECT SECOND_OF_MINUTE(CAST('2018-02-19T10:23:27Z' AS TIMESTAMP)) AS second;
second
---------------
27
- Extract
另一种方法是,可以支持extract从datetime中提取字段。您可以使用extract运行任何datetime函数(<datetime_function>from)。所以
SELECT EXTRACT(DAY_OF_YEAR FROM CAST('2018-02-19T10:23:27Z' AS TIMESTAMP)) AS day;
day
---------------
50
is the equivalent to
SELECT DAY_OF_YEAR(CAST('2018-02-19T10:23:27Z' AS TIMESTAMP)) AS day;
day
---------------
50
Aggregate Functions(聚合函数)
- Average (AVG)
SELECT AVG(salary) AS avg FROM test_emp;
- Count the number of matching fields (COUNT)
SELECT COUNT(*) AS count FROM test_emp;
- Count the number of distinct values in matching documents (COUNT(DISTINCT)
SELECT COUNT(DISTINCT hire_date) AS count FROM test_emp;
- Find the maximum value in matching documents (MAX)
SELECT MAX(salary) AS max FROM test_emp;
- Find the minimum value in matching documents (MIN)
SELECT MIN(emp_no) AS min FROM test_emp;
- Sum all values of matching documents (SUM).
SELECT SUM(salary) FROM test_emp;
Reserved keywords(保留关键字)
refer to 文档
243
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
