mirror of
https://github.com/elastic/elasticsearch.git
synced 2025-04-25 23:57:20 -04:00
8ac4ba751e
* Break out 'Limitations' into separate page * Add REST API docs * Restructure commands, functions, and operators refs * Add placeholder for getting started guide * Group 'Syntax', 'Metafields', and 'MV fields' under 'Language' * Add placeholder for Kibana page * Add link from landing page * Apply uniform formatting to ACOS, CASE, and DATE_PARSE function refs * Reword default LIMIT * Add support for COUNT(*) * Move 'Commands' and 'Functions and operators' to individual pages --------- Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
37 lines
839 B
Text
37 lines
839 B
Text
[discrete]
|
|
[[esql-from]]
|
|
=== `FROM`
|
|
|
|
The `FROM` source command returns a table with up to 10,000 documents from a
|
|
data stream, index, or alias. Each row in the resulting table represents a
|
|
document. Each column corresponds to a field, and can be accessed by the name
|
|
of that field.
|
|
|
|
[source,esql]
|
|
----
|
|
FROM employees
|
|
----
|
|
|
|
You can use <<api-date-math-index-names,date math>> to refer to indices, aliases
|
|
and data streams. This can be useful for time series data, for example to access
|
|
today's index:
|
|
|
|
[source,esql]
|
|
----
|
|
FROM <logs-{now/d}>
|
|
----
|
|
|
|
Use comma-separated lists or wildcards to query multiple data streams, indices,
|
|
or aliases:
|
|
|
|
[source,esql]
|
|
----
|
|
FROM employees-00001,other-employees-*
|
|
----
|
|
|
|
Use the `METADATA` directive to enable <<esql-metadata-fields,metadata fields>>:
|
|
|
|
[source,esql]
|
|
----
|
|
FROM employees [METADATA _id]
|
|
----
|