I'm trying to return only content that do match with a specific field value and not return the rest data of document... I mean, I try to realize a filter over data of document... but I can't yet. In sql is so easy, but in ES I still don't understand xD
So this is a image of the query and the document to explain better:
image here
Query code:
{
"query": {
"bool": {
"must": [
{
"match": {
"params.show": true
}
},
{
"nested": {
"path": "childs",
"query": {
"nested": {
"path": "childs.params",
"query": {
"bool": {
"must": {
"match": {
"childs.params.show": true
}
}
}
}
}
}
}
}
]
}
}
}
Related
I am trying to return all documents that match a specific keyword property in a collection.
The image below represents the document hierarchy.
The AggregateRoot has a collection of GUID Id's in the property DomainElements.
I am trying write a query that returns all documents where the Id matches a specific Guid value.
the following image shows the nested path in the index schema;
When I attempt this query I do not return any results...
{
"query": {
"nested": {
"path": "boundedContexts",
"query": {
"nested": {
"path": "boundedContexts.aggregateRoots",
"query": {
"nested": {
"path": "boundedContexts.aggregateRoots.domainElements",
"query": {
"bool": {
"must": [
{ "match": { "domainelements.id": "48be3bb4-838d-44a5-85e3-c5ea4fa8ee36" } }
]
}
}
}
}
}
}
}
}
}
Here is the index documents which shows the data I am trying to query does exist ...
What am I missing?
Is there a more simplified way to query these results?
You almost got it -- just make sure the complete nested path is included in the field name you're targeting:
{
"query": {
"nested": {
"path": "boundedContexts",
"query": {
"nested": {
"path": "boundedContexts.aggregateRoots",
"query": {
"nested": {
"path": "boundedContexts.aggregateRoots.domainElements",
"query": {
"bool": {
"must": [
{
"match": {
"boundedContexts.aggregateRoots.domainElements.id": "48be3bb4-838d-44a5-85e3-c5ea4fa8ee36"
}
}
]
}
}
}
}
}
}
}
}
}
BTW there's no need for so many (sub)nested queries. The inner-most nested path is enough:
{
"query": {
"nested": {
"path": "boundedContexts.aggregateRoots.domainElements",
"query": {
"bool": {
"must": [
{
"match": {
"boundedContexts.aggregateRoots.domainElements.id": "48be3bb4-838d-44a5-85e3-c5ea4fa8ee36"
}
}
]
}
}
}
}
}
I have already various queries that collect data and show it in the Kibana dashboard.
Now I would like to get unique values from my result data. How can I write the query DSL for that.
Basically I would like to get unique value for the field contextMap.connectionid. Is there a way do achieve that using something similar to this example?
{
"query": {
"bool": {
"must": [
{
"nested": {
"path": "app",
"query": {
"bool": {
"must": [
{
"match": {
"app.key": "contextMap.connectionid"
}
}
]
}
}
}
}
]
}
}
}
You can calculate distinct count with the help of aggregation .
So, your search query is :
Search Query :
{
"query": {
"bool": {
"must": [
{
"nested": {
"path": "app",
"query": {
"bool": {
"must": [
{
"match": {
"app.key": "contextMap.connectionid"
}
}
]
}
}
}
}
]
}
},
"aggs": {
"uniqueconnectionId": {
"terms": {
"field": "contextMap.connectionid.keyword"
}
}
}
}
You can refer here for calculating distinct values of a field https://discuss.elastic.co/t/get-distinct-values-from-a-field-in-elasticsearch/99783
I'm trying to search in multiple indexes, but the fields and mapping for each index are different. Like one index is having nested path.
When I'm trying to query on index's I'm getting error for the index which are not having the nested path.
{
"query": {
"bool": {
"should": [
{
"term": {
"a": "good"
}
},
{
"term": {
"a.b": "sample"
}
},
{
"nested": {
"path": "x.y.z",
"query": {
"bool": {
"should": [
{
"term": {
"x.y.z.id.keyword": "test#gamil.com"
}
}
]
}
}
}
}
]
}
}
}
in above the nested path x.y.z is only present for one index.
I tried finding a solution, found ignore_unavailable. But it will ignore the index not having nested path, but I need the document's in that index which matches other condition in the query.
Try the following query by replacing your-index with the name of the index that contains the nested field.
{
"query": {
"bool": {
"should": [
{
"term": {
"a": "good"
}
},
{
"term": {
"a.b": "sample"
}
},
{
"bool": {
"must": [
{
"term": {
"_index": "your-index"
}
},
{
"nested": {
"path": "x.y.z",
"query": {
"bool": {
"should": [
{
"term": {
"x.y.z.id.keyword": "test#gamil.com"
}
}
]
}
}
}
}
]
}
}
]
}
}
}
I have a nested object named 'bundles', that usually contains more than one object. Using this query I can succesfully query on the id of an object in bundles, but I fail to write a query that can query on multiple id's. Suggestions?
{
"query": {
"nested": {
"path": "bundles",
"query": {
"bool": {
"must": [
{
"match": {
"bundles.id": 43273
}
}
]
}
},
"inner_hits": {}
}
}
}
Perhaps you want "should" instead of "must" in the boolean filter. For example:
{
"query": {
"nested": {
"path": "bundles",
"query": {
"bool": {
"should": [
{
"match": {
"bundles.id": 43273
},
{
"match": {
"bundles.id": 433373
}
}
]
}
}
}
}
}
You could also use terms query if the field can be matched exactly. For example:
{
"query": {
"nested": {
"path": "bundles",
"query": {
"bool": {
"must": [
{
"terms": {
"bundles.id": [1140000000, 114]
}
}
]
}
}
}
}
}'
I'm trying to add a complex filter on a wildcard query with elastic search. The filter seems to be working, however, the results don't talk into account the wildcard. Is this possible or is there an alternative to the wildcard filter? Query is as follows:
{
"query": {
"filtered": {
"query": {
"wildcard": {
"name": "*frog*"
},
"filter": {
"bool": {
"must": {
"term": {
"is_animal": false
}
}
},
"or": [
{
"terms": {
"reptiles.codes": [
27
]
}
},
{
"nested": {
"path": "owners",
"query": {
"bool": {
"should": {
"term": {
"pets": "cat"
}
}
}
}
}
},
{
"nested": {
"path": "locations",
"query": {
"bool": {
"should": {
"term": {
"home": true
}
}
}
}
}
}
]
}
}
}
}
}
Alternatively, can I add the wildcard as a filter inside my "bool": { "must": .... }} ?
You should definitely use ngram token filter in your analyzer instead of running a wildcard which is really slow, especially if it starts with a star which is the case here.
That being said, I don't understand why the wildcard part is not applied here. Any chance you could reproduce your case with a full example? May be you have specific analyzer?