Dev
Générateur de requêtes Elasticsearch
Used by developers, writers, and creators worldwide.
An Elasticsearch query generator gives you a correct query DSL body for a common search pattern so you can stop wrestling with nested JSON. Pick the pattern — a full-text match, a bool query combining must and filter clauses, a range filter, or a terms aggregation — and name the field, and it returns a structured JSON body for the _search endpoint. Search engineers use it to start a query, recall the difference between the scoring must clause and the cached filter clause, or build an aggregation. It runs in your browser and generates instantly. Paste the body into Kibana Dev Tools, replace the placeholder search terms and the example status filter, and adjust size and sort. Each template uses the right context — filters for exact matches and date ranges, must for relevance scoring — so your queries are both correct and fast on a real index.
Read the complete guide — 5 min read
Loading usage…
Free forever — no account required
How to use
- Choose your options above
- Click Generate
- Copy your result
Detailed instructions
- Pick the query pattern you need.
- Enter the field name to query.
- Click Generate to produce the query DSL.
- Paste it into Kibana Dev Tools and replace the placeholders.
Use Cases
- •Starting a full-text search query against an index
- •Combining scoring must clauses with cached filter clauses
- •Filtering documents by a date or numeric range
- •Building a terms aggregation for a facet or report
- •Recalling the Elasticsearch query DSL structure
Tips
- →Keep exact matches in filter context so they get cached.
- →Use date math like now-7d/d for rolling time windows.
- →Set size to 0 when you only want aggregation results.
- →Add explain to debug why a document scored the way it did.
FAQ
when should I use filter vs must
Put exact-match and range conditions in the filter clause — it skips relevance scoring and is cached, so it is faster. Use must for full-text conditions where the match score should influence ranking. Combining both in a bool query is the common pattern.
why does the aggregation set size to 0
Setting size to 0 tells Elasticsearch you only want the aggregation buckets, not the matching documents. That avoids transferring hits you do not need and makes a facet or report query much lighter.
what are the now-7d expressions
They are Elasticsearch date math: now-7d/d means seven days ago rounded to the start of the day, and now/d means the start of today. They let you express rolling time windows without computing timestamps yourself.
You might also like
Popular tools from other categories that share themes with this one.