0

I'm trying the following aggregate query using elasticsearch-py version 2.1.0 to query an elasticsearch instance of version 2.1.1.

{
  "query": {
    "filtered": {
      "filter": { "term": {"applicationType":"myapptype"} }      
    }
  },
  "aggs":{ "client_id": { "terms": { "field": "client_id" } } }
}

It gives an exception saying:

Traceback (most recent call last):
  File "searchES2.py", line 52, in <module>
    for item in res:
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/helpers/__init__.py", line 271, in scan
    resp = client.search(body=query, scroll=scroll, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/client/utils.py", line 69, in _wrapped
    return func(*args, params=params, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/client/__init__.py", line 530, in search
    doc_type, '_search'), params=params, body=body)
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/transport.py", line 307, in perform_request
    status, headers, data = connection.perform_request(method, url, params, body, ignore=ignore, timeout=timeout)
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/connection/http_urllib3.py", line 93, in perform_request
    self._raise_error(response.status, raw_data)
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/connection/base.py", line 105, in _raise_error
    raise HTTP_EXCEPTIONS.get(status_code, TransportError)(status_code, error_message, additional_info)
elasticsearch.exceptions.RequestError: TransportError(400, u'search_phase_execution_exception')

How to fix this?

Note: the same query works fine when I use cURL.

user3760679
  • 41
  • 3
  • can you post the full trace from ES logs? – ChintanShah25 Feb 02 '16 at 00:42
  • @ChintanShah25 I updated the post with the error logs – user3760679 Feb 02 '16 at 15:38
  • Okay, it looks like the issue was from the scan() I was using. ES logs say that the aggregation queries are not allowed in scan(). When I use search(), it works fine. – user3760679 Feb 02 '16 at 16:02
  • great you figured it out!! normally `scan()` is used when you want to retrieve large documents e.g for reindexing. If you are doing normal search then `search()` is the way to go. [More](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-request-search-type.html) on that – ChintanShah25 Feb 02 '16 at 16:07
  • Yes, thanks. I was using the same code I used for querying large documents and didn't realize the difference when doing aggregate queries. – user3760679 Feb 02 '16 at 20:17

0 Answers0