elasticsearch-aggregation

问题 I have movies index in which each document has this structure : Document : { "color": "Color", "director_name": "Sam Raimi", "actor_2_name": "James Franco", "movie_title": "Spider-Man 2", "actor_3_name" : "Brad Pitt", "actor_1_name": "J.K. Simmons" } I need to do calculate number of movies corresponding to each actor (actor can be in both actor_1_name or actor_2_name or actor_3_name field) Mapping of these 3 fields is : Mapping "mappings": { "properties": { "actor_1_name": { "type": "text",

问题 I'm trying to query my dataset for two purposes: Match a term (resellable = true) Order the results by their price lowest to highest Data set/doc is: "data" : { "resellable" : true, "startingPrice" : 0, "id" : "4emEe_r_x5DRCc5", "buyNowPrice" : 0.006493, //Changes per object "sub_title" : "test 1", "title" : "test 1", "category" : "Education", } //THREE OBJECTS WITH THE VALUES OF 0.006, 0.7, 1.05 FOR BUYNOWPRICE I have three objects of these with different buyNowPrice Query with agg is: {

问题 A snippet of my elasticsearch data is like below. Status field is nested. status: [ { "updated_at": "2020-08-04 17:18:41", "created_at": "2020-08-04 17:18:39", "sub_stage": "Stage1" }, { "updated_at": "2020-08-04 17:21:15", "created_at": "2020-08-04 17:18:41", "sub_stage": "Stage2" }, { "updated_at": "2020-08-04 17:21:15", "created_at": "2020-08-04 17:21:07", "sub_stage": "Stage3" } ] After aggregating based on some field, I have for each bucket some documents and every document will have

问题 Need help constructing an ES query. Here's an example of the raw JSON of the documents: { "user_uuid": 1234, "keywords": "apple", "@timestamp": "2020-01-15", }, { "uuid": 1234, "keywords": "google", "@timestamp": "2020-01-21", }, { "uuid": 9876, "keywords": "youtube", "@timestamp": "2020-01-25", } Here is an example requirement: { "search_groups":[ { "keywords": [ "google", "microsoft", "tesla" ], "time_range": 2020-01-17 - 2020-01-22 }, { "keywords": [ "apple", "youtube", "spotify" ], "time

问题 I want to get all the buckets available for a particular aggregate. Is there any query or endpoint to get the buckets? Below is my Mapping. If I query with any filter then the related buckets are coming up, but I want all the buckets to show it on the frontend to have or operations. Example: If we have 2 records, one is with category as chair and the other is in the table. If I select a chair it is returning table count is zero but it should show as table count as 1. So user can select both.

问题 I'm trying to get a max and min value of a date. From the documentation I don't see a max option in composite: https://www.elastic.co/guide/en/elasticsearch/reference/current/search-aggregations-bucket-composite-aggregation.html#_value_sources I'd like something like this: { "size":0, "aggs":{ "intervals":{ "composite":{ "size":10000, "sources":[ { "id":{ "terms":{ "field":"id" } } }, { "minTime": { "min": { "script": "doc['createdAt'].value" } } }, { "maxTime": { "max": { "script": "doc[

问题 I have a scenario where I'd like to return the latest de-normalized data from an index in Elasticsearch grouped by a certain key value - in the scenario below => TradeRef. The below paints a better picture of data persisted in the index: {"Row": "1", "TradeRef": "A", "TradeRefDate": "2019-01-01 13:00", "TradeRefId": "FFF", "MessageId": "XXX", "MessageStatus": "S-Open"}, {"Row": "2", "TradeRef": "B", "TradeRefDate": "2019-01-01 13:00", "TradeRefId": "GGG", "MessageId": "YYY", "MessageStatus":

问题 I am trying to aggregate on a field and get the top records using top_ hits but I want to include other fields in the response which are not included in the nested property mapping. Currently if I specify _source:{"include":[]} , I am able to get only the fields which are in the current nested property. Here is my mapping { "my_cart":{ "mappings":{ "properties":{ "store":{ "properties":{ "name":{ "type":"keyword" } } }, "sales":{ "type":"nested", "properties":{ "Price":{ "type":"float" },

问题 I am working on ES recently and I found that I could achieve the almost same result but I have no clear idea as to the DIFFERENCE between these two. "Filter then Aggregation" POST kibana_sample_data_flights/_search { "size": 0, "query": { "constant_score": { "filter": { "term": { "DestCountry": "CA" } } } }, "aggs": { "ca_weathers": { "terms": { "field": "DestWeather" } } } } "Filter Aggregation" POST kibana_sample_data_flights/_search { "size": 0, "aggs": { "ca": { "filter": { "term": {

问题 Here is my query - { "from": 0, "size": 100, "query": { "bool": { "filter": [ { "terms": { "folderId.keyword": [ "ff98505e-cdff-43aa-8b05-197bc3f3265e" ], "boost": 1 } }, { "terms": { "objectType.keyword": [ "File" ], "boost": 1 } }, { "term": { "tenantId": { "value": "34202", "boost": 1 } } } ], "adjust_pure_negative": true, "boost": 1 } }, "aggs":{ "_byformat":{ "terms":{ "field":"format.keyword", "min_doc_count":0, "size":200 } } } } result with min_doc_count = 0 - "took" : 1, "timed_out"