Query_string is more straight forward, because most of time I use Kibana to
test my query. But for the DSL, it's kind of hard to fully understand which
query to use. And to test my query is also difficult because too many
brackets...
There is a high level Python API for DSL. I'm learning it.
Tha
query_string is a bit of a trap - if you write an invalid query it just
crashes. So you find yourself working around it with tons of escaping.
Its also really really powerful and shouldn't be exposed directly to end
users unless you want them to be sneaky.
For the most part I'd suggest using the
I am new to use Elasticsearch + Logstash + Kibana for analyzing some logs.
I am about to write some scripts to automate something in
searching/aggregation. Now I only have 10gb data so the performance don't
vary that much when I do searching or visualization. I spent a lot of time
learning ES's
