I want to filter the elastic search aggregation results in Kibana (v6.2). For example, I want to show only sum of hours those that are more than 100 (like HAVING command in SQL). I know that we can filter the results in filter section over other fields, but I don't know how to apply the filter on aggregation functions. I tried to use post_filter in filter section in Kibana, but it didn't work.
Any ideas?
You can augment aggregation query within advanced field
It will be added to request as shown on picture
Another question is what to put into this field. You can check script values for sum aggregation
Related
I want to apply aggregation in elastic on field count
Example:
domain:["config","test"] <----- field
I want to check that how many times this domain is present in docs.
you can use the terms aggregation on the domain field, but you need to make sure that domain field or its subfield is of the keyword type.
Im tring to understand the DSL query i needed if i want to make a search from a result set i got. means i have an initial term search, then i want make another query upon the previous result.
lets say i a have 10 documents with a sharing identifier between them, each document has a description field. i want to search first all the documents containing the value 'Hello' in the description and then take their id's, and search the document containing the value 'good by'.
thanks.
No need to execute two queries, you can use filter context that will filter out the results.filter parameter will filter out documents that do not match, and will also not affect the score for matching documents.
Filter context is in effect whenever a query clause is passed to a
filter parameter, such as the filter or must_not parameters in the
bool query, the filter parameter in the constant_score query, or the
filter aggregation.
Refer this to know more about Query and Filter contexts
For example I have two docs such as: doc1={"ename":"pop2 up3 donw1"}, doc2={"ename":"up3 pop2"}. Because they looks similar, I wanna they can be aggregated to one item by field ename. So I called it Fuzzy Aggregation.Does ES have the above feature please.
I am trying to perform aggregation on a term and then perform sub aggregation on the result test to filter the results on a date range. But sub aggregation filter has no affect on the search response. The search response is always returning all the documents without applying filter.
For example:
TermsBuilder aggregationBuilders = AggregationBuilders.terms("form.id").field("form.id").size(0);
aggregationBuilders.subAggregation(AggregationBuilders.filter("indexDate").filter(QueryBuilders.rangeQuery("indexDate").lte(date)));
You need to use filter aggregations the other way around, i.e. as a top aggregation and then you add the terms aggregation as a sub-aggregation.
TermsBuilder formBuckets = AggregationBuilders.terms("form.id")
.field("form.id")
.size(0);
FilterBuilder dateFilter = AggregationBuilders.filter("indexDate")
.filter(QueryBuilders.rangeQuery("indexDate").lte(date))
.subAggregation(formBuckets);
I see in your other question, you have somehow "solved" this issue by moving the filter on indexDate to the query section. That will also work in your case.
I want to use "custom filters score" query and use filters to control the score of resulting documents.
I want a way to use the document's original score as computed by ElasticSearch, and then use that score to calculate the final score of the document, which matches the given filters.
Something like "_docScore * 50/100" as a script for a filter, where "_docScore" is the original score of a document that matches the filter.
How to achieve this in ElasticSearch?
Any help is greatly appreciated.
Regards & Thanks,
Aditya.
Documents in a filtered query would be unranked and have the same score.
http://www.elasticsearch.org/guide/reference/query-dsl/custom-score-query/
But you can use a custom score query together with a filtered query and use a script to calculate a score based on the document values. This was added in 0.90, I believe.