Elasticsearch ships with a script to run the SQL CLI in its bin directory:

$ ./bin/elasticsearch-sql-cli

The jar containing the SQL CLI is a stand alone Java application and the scripts just launch it. You can move it around to other machines without having to install Elasticsearch on them.

You can pass the URL of the Elasticsearch instance to connect to as the first parameter:

$ ./bin/elasticsearch-sql-cli https://some.server:9200

Once the CLI is running you can use any query that Elasticsearch supports:

sql> SELECT * FROM library WHERE page_count > 500 ORDER BY page_count DESC;
     author      |        name        |  page_count   | release_date
Peter F. Hamilton|Pandora's Star      |768            |1078185600000
Vernor Vinge     |A Fire Upon the Deep|613            |707356800000
Frank Herbert    |Dune                |604            |-144720000000
Alastair Reynolds|Revelation Space    |585            |953078400000
James S.A. Corey |Leviathan Wakes     |561            |1306972800000

If you are using Security you need to add a few permissions to users so they can run SQL. To run SQL using the CLI a user needs read, indices:admin/get, and cluster:monitor/main. The following example configures a role that can run SQL in the CLI for the test and bort indices:

    - "cluster:monitor/main"
    - names: test
      privileges: [read, "indices:admin/get"]
    - names: bort
      privileges: [read, "indices:admin/get"]