ONE elastic index that stores visitor data for restaurants in chennai and in New york.
The query must return data for 8-9am in chennai and 8-9am in newyork. Since the data is in one index, is there a way to ignore the timeszone in the timestamp and query elastic data?
or is it possible to solve this problem without multiple query?
The approach I am taking is to convert and store local date time (without timezone info) into a long integer yymmddhhmmss and query it. This will support lte and gte queries too.
it's not possible, no, because they are two totally different timezones/timestamps
Related
I have articles stored in Elasticsearch and I've been wondering if there is a way I can query by date but the result to contain a specific amount of articles from each publisher. More specifically, I have 5 different publishers and I want to get the 10 latest articles, 2 from each publisher. I'm storing the publishers name as a keyword field in elastic.
The only idea I've come up with is to run a query for each publisher separately and limit the result to the first 2 (and then merge the results programmatically), but it will be more efficient I think if there is way I can do this in a single query.
Thanks
This sounds like a case for field collapsing.
You would collapse on the publisher field (as long as it is a keyword or a number) and then request inner_hits, the actual articles.
I have simple data analytics to display in AWS QuickSight: some date fields and amounts. QS aggregates by default all date-fields and the lowest granularity is aggregate by minute. But my need is to display all data without any aggregation at all. I have searched but not found how it could be possible disable aggregation at all? Any ideas?
First contribution to Stack Overflow, feels good man.
I ran into the same problem and the solution is to convert the field selected for the y-axis to a dimension rather than a measure.
Converting fields from measure to dimension
Aggregations will automatically be applied to 'measure' fields and therefore they need to be converted to 'dimension'
I have a few records in my elasticsearch collection and i want to use a GroupBy aggregation in elasticsearch querystring.
I want to know if it is possible, because i tried to google it always give result about this
i want to use this something like this in the query string , which can
give me records in the group.
For i.e.
http://localhost:9200/_all/tweets/_count?q=user:Pu*+user:Kim*
This will give me count of all the records which has name starts from Pu and Kim,
But i want to know that how many records are there has name starting with Pu
and Kim,
aggregations need to be specified in addition in the search request, you cannot specify them as part of a query string query.
You could also just execute two queries to find out this particular requirement...
Is there a way in ES to change a value in a search string to some list of values? For example, if my documents have a field called frequency and the user searches for monthly, it should return any documents with frequency as month, m, monthly, etc. I can roll my own on the client side, but I seem to recall hearing that I can define these myself in ES.
(totally new to ES)
I think what you are looking for is Synonyms functionality. It can expand your monthly query into so-called synonyms which you can preconfigure in advance.
I'm new to elasticsearch, and I have data that have two fields time and received_time. I want to make sure that all records matching the query have the difference within a threshold. How do I achieve that effectively? The official documentation only talks about "now" or literal values. Thanks in advance.
Edit: if it matters, I need both a minimum value and a maximum value. Thanks.