ElasticSearch AND query in python

Question

I am trying to query elastic search for logs which have one field with some value and another fields with another value my logs looks like this in Kibana:

{
   "_index": "logstash-2016.08.01",
   "_type": "logstash",
   "_id": "6345634653456",
   "_score": null,
   "_source": {
      "@timestamp": "2016-08-01T09:03:50.372Z",
      "session_id": "value_1",
      "host": "local",
      "message": "some message here with error",
      "exception": null,
      "level": "ERROR",
    },
   "fields": {
      "@timestamp": [
         1470042230372
      ]
    }
}

I would like to receive all logs which have the value of "ERROR" in the level field (inside _source) and the value of value_1 in the session_id field (inside the _sources)

I am managing to query for one of them but not both together:

from elasticsearch import Elasticsearch
host = "localhost"
es =  Elasticsearch([{'host': host, 'port': 9200}])
query = 'session_id:"{}"'.format("value_1")
result = es.search(index=INDEX, q=query)

Answer 1

Since you need to match exact values, I would recommend using filters, not queries. Filter for your case would look somewhat like this:

filter = {
  "filter": {
    "and": [
      {
        "term": {
          "level": "ERROR"
        }
      },
      {
        "term": {
          "session_id": "value_1"
        }
      }
    ]
  }
}

And you can pass it to filter using es.search(index=INDEX, body=filter)

EDIT: reason to use filters instead of queries: "In filter context, a query clause answers the question “Does this document match this query clause?” The answer is a simple Yes or No — no scores are calculated. Filter context is mostly used for filtering structured data, e.g."
Source: https://www.elastic.co/guide/en/elasticsearch/reference/2.0/query-filter-context.html