Query Elasticsearch indices directly using SQL
Maintainer(s):
tlinhart
Installing and Loading
INSTALL elasticsearch FROM community;
LOAD elasticsearch;
Example
-- Basic query.
SELECT * FROM elasticsearch_query(
host := 'localhost',
index := 'products'
);
-- Query with authentication.
SELECT * FROM elasticsearch_query(
host := 'localhost',
index := 'logs-*',
username := 'elastic',
password := 'secret',
use_ssl := true
);
-- Filter pushdown – WHERE clauses are translated to Elasticsearch Query DSL.
SELECT name, price FROM elasticsearch_query(
host := 'localhost',
index := 'products'
)
WHERE category = 'electronics' AND price > 100;
-- Combine with a base Elasticsearch query.
SELECT title, author FROM elasticsearch_query(
host := 'localhost',
index := 'books',
query := '{"match": {"description": "science fiction"}}'
)
WHERE in_stock = true
LIMIT 10;
About elasticsearch
The DuckDB Elasticsearch extension enables querying Elasticsearch indices directly using SQL. It supports filter, projection and limit pushdown for optimized queries, automatic schema inference from index mappings and handles complex types like nested objects, arrays and geospatial types.
Key features:
- Filter pushdown –
WHEREclauses are translated to Elasticsearch Query DSL. - Projection pushdown – only requested columns are fetched via
_sourcefiltering. - Limit pushdown –
LIMIT/OFFSETclauses are pushed to Elasticsearch. - Automatic schema inference from index mappings with array detection.
- Support for multi-index queries (e.g.
logs-*). - Geospatial types (
geo_point,geo_shape) converted to GeoJSON format. - SSL/TLS support with configurable certificate verification.
- Automatic retry with exponential backoff for transient errors.
For detailed documentation, visit the extension repository.
Added Functions
| function_name | function_type | description | comment | examples |
|---|---|---|---|---|
| elasticsearch_query | table | NULL | NULL |