This is a far as I have gotten (even though it still wouldnt solve my problem since I would have to and the filter term manually). I would like to divide the index into alias indices based on the different casenumbers...How do I modify the code below to accomplish this with variables so it loops through and does it automatically?
POST /_aliases?pretty
{
"actions": [
{
"add": {
"index": "job_name_new",
"alias": "20-41308",
"filter": {
"term": {
"casenumber.keyword": "20-41308"
}
}
}
}
]
}
I have tried the following and gotten nowhere:
POST /_aliases?pretty
{
"actions": [
{
"add": {
"index": "job_name_new",
"alias": "_source":["casenumber"]",
"filter": {
"term": {
"casenumber.keyword": "20-41308"
}
}
}
}
]
}
Related
I have a index 'product' in elasticsearch,I want to add some tags like 'environmental','energy-saving','recyclable','medical-grade' to item.I collected some ways after google:array,nested,bit.
1.Use array.
{
"mappings": {
"properties": {
"tags": {
"type": "keyword"
}
}
}
}
It can store tag's name directly.
Query that contains 'environmental' and 'medical-grade':
{
"query": {
"bool": {
"must": {
"terms": {
"tags": [
"environmental",
"medical-grade"
]
}
}
}
}
}
2.Use nested.
{
"mappings": {
"properties": {
"tags": {
"type": "nested",
"properties": {
"code": {
"type": "text"
}
}
}
}
}
}
It can store tag's name directly too even id or others.
Query that contains 'environmental' and 'medical-grade':
{
"query": {
"bool": {
"must": {
"terms": {
"tags.name": [
"environmental",
"medical-grade"
]
}
}
}
}
}
3.Use bit.
{
"mappings": {
"properties": {
"tags": {
"type": "long"
}
}
}
}
It can store tags indirectly and need to specify a bit as a tag.
Suppose the n-th bit represents n-th tag(binary):0->'environmental',1->'energy-saving',2->'recyclable',3->'medical-grade'.So 1001(binary,equal to 9 in decimal) means it contains 'environmental' and 'medical-grade'.
Query that contains 'environmental' and 'medical-grade':
{
"query": {
"bool": {
"must": {
"script": {
"script": "doc['tags'].size() != 0 && (doc['tags'].value&9)==9"
}
}
}
}
}
I don't know how them performs,but I likes third way actually.Please give me some advice or better way.
My suggestion will be go with option 1 and use array. it will easy to query data and also used in aggregation.
Option 2, you can use but i dont think so its best for your case because you dont have nested or paent-child data so it is unneccessary to store as nested.
Option 3, I will not suggest as you need to use script at query time and it will impact the performance.
I want to access the flights array as in the image and get records 10 by 10. I tried different ways by mapping the flights array.
Here is what i tried in postman
PUT http://12.234.17.134:9200/index-flights
{
"mappings": {
"properties": {
"flights": {
"type": "nested"
}
}
}
}
GET http://12.234.17.134:9200/index-flights/_search
{
"query": {
"match": {
"result.id": "2erfc096-3db0-4817-88fc-69db286e95b8"
},
"query": {
"nested": {
"path": "flights"
}
}
}
}
Image of the structure of my data
https://i.stack.imgur.com/K378p.png
Go with an _id query -- no need for the nested one (which if malformed anyways):
{
"query": {
"terms": {
"_id": [
"2erfc096-3db0-4817-88fc-69db286e95b8"
]
}
}
}
or
{
"query": {
"ids": {
"values": [
"2erfc096-3db0-4817-88fc-69db286e95b8"
]
}
}
}
Tip: never share public cluster IPs in online forums.
I'm having trouble figuring out how to filter on nested sets. I have this in my index:
PUT /testing
PUT /testing/_mapping/product
{
"product": {
"properties": {
"features": { "type": "nested" }
}
}
}
POST /testing/product
{
"productid": 123,
"features": [
{
"name": "Weight",
"nameslug": "weight",
"value": "10",
"valueslug": "10-kg"
},
{
"name": "Weight",
"nameslug": "weight",
"value": "12",
"valueslug": "12-kg"
}
]
}
I need to filter on value but I get the valueslug from the url. So far I have the following code:
POST _search
{
"query": {
"bool": {
"filter": [
{
"nested": {
"path": "features",
"query": {
"bool": {
"filter": [
{
"range": {
"features.value": { "gte": ??? }
}
}
]
}
}
}
}
]
}
}
}
The difficult part is resolving the valueslug to the actual value. I have looked into Script Query using doc_value, but the problem with that is that it is executed within the current nested document. It would be possible by execution two queries, but I am trying to avoid that (if possible).
I get the feeling that the solution lies in the way the documents should be structured, but I have no clue how I could structure this any different...
I hope anyone can point me in the right direction.
Thanks in advance!
I have a set of news articles. These have both tags and articleTags.
Our API has a endpoint that returns articles that matches all tags.
E.g. searching for an article that contains both sport and fail:
"bool": {
"must": [
[
{
"term": {
"tags": "sport"
}
},
{
"term": {
"tags": "fail"
}
},
{
"term": {
"articleTags": "sport"
}
},
{
"term": {
"articleTags": "fail"
}
}
]
]
}
This worked when we only had tags, but when we introduced articleTags then it obviously didn't work as expected.
Is there a way we could make Elasticsearch treat tags and articleTags as
one namespace so I could do a query like this?
"bool": {
"must": [
[
{
"term": {
"mergedTags": "sport"
}
},
{
"term": {
"mergedTags": "fail"
}
}
]
]
}
I feel multi match query would be the best solution here.
There is a type of multi match query which is called cross_fields .
And its function as told by the documentation is
Treats fields with the same analyzer as though they were one big field. Looks for each word in any field. See cross_fields.
My suggestion involves using copy_to to create that "merged" field:
"tags": {
"type": "string",
"copy_to": "mergedTags"
},
"articleTags": {
"type": "string",
"copy_to": "mergedTags"
},
"mergedTags": {
"type": "string"
}
And the updated query is a simple as:
"query": {
"bool": {
"must": [
[
{
"term": {
"mergedTags": "sport"
}
},
{
"term": {
"mergedTags": "fail"
}
}
]
]
}
}
Let's say there are some documents in my index which look like this:
{
"category":"2020",
"properties":[
{
"name":"foo",
"value":"2"
},
{
"name":"boo",
"value":"2"
}
]
},
{
"category":"2020",
"properties":[
{
"name":"foo",
"value":"8"
},
{
"name":"boo",
"value":"2"
}
]
}
I'd like to query the index in a way to return only those documents that match "foo":"2"but not "boo":"2".
I tried to write a query that matches both properties.name and properties.value, but then I'm getting false positives. I need a way to tell ElasticSearch that name and value have to be part of the same properties tuple.
How can I do that?
You need to map properties as a nestedtype. So your mapping would look similar to this:
{
"your_type": {
"properties": {
"category": {
"type": "string"
},
"properties": {
"type": "nested",
"properties": {
"name": {
"type": "string"
},
"value": {
"type": "string"
}
}
}
}
}
}
Then, your query to match documents having "foo=2" in the same tuple but not "boo=2" in the same tuple would need to use the nested query accordingly, like the one below.
{
"query": {
"bool": {
"must": [
{
"nested": {
"path": "properties",
"query": {
"bool": {
"must": [
{
"match": {
"properties.name": "foo"
}
},
{
"match": {
"properties.value": "2"
}
}
]
}
}
}
}
],
"must_not": [
{
"nested": {
"path": "properties",
"query": {
"bool": {
"must": [
{
"match": {
"properties.name": "boo"
}
},
{
"match": {
"properties.value": "2"
}
}
]
}
}
}
}
]
}
}
}
#Val's answer is as good as it gets. One thing I would add, though, since it makes the difference between one type of query and others that might benefit from nesteds "opposite" feature.
In Elasticsearch, the default type for "properties":[{"name":"foo","value":"2"},{"name":"boo","value":"2"}] that is used to auto-create such a field is object. The object has the drawback that it doesn't associate one sub-field's value with another sub-field's value, meaning foo is not necessarily associated with 2. name is just an array of values and value is the again another array of values with not association between the two.
If one needs the above association to work then nested is a must.
But, I have encountered situations where both these features were needed. If you need both of these, you can set include_in_parent: true for the mapping so that you can take advantage of both. One of the situations that I have seen is here.
"properties": {
"type": "nested",
"include_in_parent": true,
"properties": {
"name": {
"type": "string"
...