I'm using an Elasticsearch filter aggregation with a nested top_hits aggregation to retrieve top matching documents based on different filters, but I can't seem to change the scores of results in each bucket via boosting or a nested function_score query. Is this just not possible? I haven't found any explicit documentation saying it won't work, and the query executes just fine, however the resulting scores aren't impacted.
Example query (note the huge boost in the first aggregation):
GET _search
{
"size":0,
"query":{
"bool":{
"should":[
{
"multi_match":{
"type":"phrase",
"query":"TV",
"fields":[
"categories^4"
]
}
}
]
}
},
"aggs":{
"1":{
"filter":{
"bool":{
"must":[
{
"multi_match":{
"type":"phrase",
"query":"Music",
"fields":[
"categories^10"
]
}
}
]
}
},
"aggs":{
"1_hits":{
"top_hits":{
"size":10,
"sort":[
{
"_score":{
"order":"desc"
}
}
]
}
}
}
},
"2":{
"filter":{
"bool":{
"must":[
{
"multi_match":{
"type":"phrase",
"query":"Music",
"fields":[
"categories"
]
}
}
]
}
},
"aggs":{
"2_hits":{
"top_hits":{
"size":10,
"sort":[
{
"_score":{
"order":"desc"
}
}
]
}
}
}
}
}
}
Related
I'm trying to run a query which filters according to date range and should meet either of two criteria.
"query":{
"bool":{
"must":[
{
"nested":{
"query":{
"bool":{
"must":[
{
"range":{
"segment_status.updated_at":{
"from":"2021-08-30",
"to":null,
"include_lower":true,
"include_upper":true,
"boost":1.0
}
}
}
],
"should":[
{
"terms":{
"segment_status.bo_status":[
2,
3,
4
]
}
},
{
"terms":{
"segment_status.fo_status":[
2,
3,
4
]
}
}
],
"adjust_pure_negative":false,
"boost":1.0
}
},
"path":"segment_status",
"ignore_unmapped":false,
"score_mode":"avg",
"boost":1.0
}
}
]
}
}
It's filtering according to the date correctly but I'm getting records that don't match any of the mentioned conditions in should clause.
I am running following elasticsearch query from groovy script. There are thousands of records which meet this criteria, but I get only 10 records in return.
{
"query":{
"bool":{
"must":[
{
"match_all":{
}
},
{
"range":{
"#Timestamp":{
"gte":1417511269270,
"lte":1575277669270,
"format":"epoch_millis"
}
}
},
{
"match_phrase":{
"field1.keyword":{
"query":"value1"
}
}
},
{
"match_phrase":{
"field2.keyword":{
"query":"value2"
}
}
},
{
"range":{
"#Timestamp":{
"gte":"2001-03-01",
"lt":"2019-10-30"
}
}
}
],
"filter":[
],
"should":[
],
"must_not":[
]
}
}
}
What am I missing in my query?
You are missing a size parameter, which means it defaults to 10 results.
e.g. add this to your query object:
"size": 100
I'm trying to create a query with elasticsearch to filter the records of the same city and price.
But the city filter is not working.
POST diadeturista/services/_search
{
"query":{
"bool":{
"must":[
],
"filter":{
"bool":{
"must":{
"terms":{
"city":[
"Contagem"
]
},
"range":{
"price_adult":{
"lte":"300",
"gte":"150"
}
}
}
}
}
}
}
}
SHow me this error:
[terms] malformed query, expected [END_OBJECT] but found [FIELD_NAME]
I think what you want todo is
{
"query":{
"bool":{
"must": [
{
"terms":{
"city":[
"Contagem"
]
}
},
{
"range":{
"price_adult":{
"lte":"300",
"gte":"150"
}
}
}
]
}
}
}
I have some problem with the elasticsearch query. when I use the query code it feedback the messages [bool] malformed query, expected [END_OBJECT] but found [FIELD_NAME].
{
"from":0,
"size":15,
"query":{
"bool":{
"must":[
{
"multi_match":{
"query":"books",
"fields":[
"title^20",
"lead^10",
"content"
],
"type":"phrase"
}
}
]
},
"must":{
"match":{
"groupid":"599e4b49239cfa0a5a5f189d"
}
}
},
"sort":[
{
"times":{
"order":"desc"
}
}
]
}
Your second must clause is not properly located, it must be inside the existing bool/must query. You need to rewrite your query to this:
{
"from":0,
"size":15,
"query":{
"bool":{
"must":[
{
"multi_match":{
"query":"books",
"fields":[
"title^20",
"lead^10",
"content"
],
"type":"phrase"
}
},
{
"match":{
"groupid": "599e4b49239cfa0a5a5f189d"
}
}
]
}
},
"sort":[
{
"times":{
"order":"desc"
}
}
]
}
We are sending the IIS Logs from Log Stash to Elastic Search. But the date histogram search is not returning the correct result. Below is the Query
{
"size":0,
"query":{
"filtered":{
"filter":{
"bool":{
"must":[
{
"query":{
"terms":{
"request":[
"/hotel/getrates.aspx",
"/planner/travelplan.aspx"
]
}
}
},
{
"query":{
"match":{
"method":"GET"
}
}
},
{
"range":{
"EventTime":{
"gte":"now-22h",
"lte":"now-16h"
}
}
}
]
}
}
}
},
"aggs":{
"timevalue":{
"date_histogram":{
"field":"EventTime",
"interval":"hour",
"format":"yyyy-MM-dd hh:mm:ss"
},
"aggs":{
"request":{
"terms":{
"field":"request"
},
"aggs":{
"status":{
"terms":{
"field":"status"
}
}
}
}
}
}
}
}
Results are only for hour window 00-12, not for the 13-23.
Can someone please explain the reason.