Friday, August 17, 2018

Elasticsearch term vs query_string speed

I was curios to see what kind of query was faster for elasticsearch: a term query or a query_string. I performed 5 tests doing a simple term query and a simple query_string query for the same values. My example searches looked similar to the ones below with various different fields for each of the 5 searches.

TERM QUERY
curl -XGET -H "Content-Type: application/json" "http://localhost:9200/logstash-2018.08.16/_search?format=yaml" -d '{
  "query": {
    "term": { "src_geo.region": "California" }
  }
}'

QUERY_STRING QUERY

curl -XGET -H "Content-Type: application/json" "http://localhost:9200/logstash-2018.08.16/_search?format=yaml" -d '{
  "query": {
    "query_string" : {
      "query" : "src_geo.region: California"
    }
  }
}'

TERM RESULTS in milliseconds
1. took: 3594
2. took: 2730
3. took: 10553
4. took: 4108
5. took: 1461

QUERY_STRING RESULTS in milliseconds
1. took: 5039
2. took: 5442
3. took: 11294
4. took: 5048
5. took: 1961

WINNER = TERM QUERY