I am querying elastic through spring boot.
case:- 1
There is some data in my elastic like region = "REGION 1"
I want to get all the data where "REGION 1", but getting an empty result.
case 2:-
There is some data in my elastic like region = "REGION1"
I want to get all the data where "REGION1", I am getting the exact response.
I am querying on elastic as exact field match, I am not getting why this is happening even I have made the field as not_analyzed.
I have changed all the fields to not_analyzed and wrote a term query and it worked for me.
Related
Importing some admittedly large json documents in Elastic search and getting the error Limit of total fields [1000] has been exceeded while adding new fields [447]
When I look at the table in kibana on the index patterns page I see fields that seem to be unnecessary.
My question is it looks like a keyword field and a text field are added for the same value.
In the json it looks similar to the following
{
v300_oeminfo:{
serial_number:'2342',
software_version: '234233'
}
}
Why would two fields be dedicated to serial_number and software_version.
It turns out that the behavior of dynamic mapping was to assign both keyword and text to the same field. Thats why it looked like the fields were doubling up on kibana.
In version 6.7.1 elastic search, I am using the query string to get some documents. After executing the query string, in addition to the actual documents, it gives those documents also which does not have the key against which data is filtered.
This was not the case when I was using 6.4.2 elastic version. The official site does not have any information regarding that.
My query looks like -
"* AND ( properties.foreignKeys.referenceTableId :(file_datatypes) OR properties.primaryKeyMetadata.referenceTables :(file_datatypes) )".
It shows the documents that has properties.foreignKeys: null and properties.primaryKeyMetadata: null, in json
Any update will be helpful.
I have a doc in Elasticsearch with different fieldnames, eg: a,b,c,d...
I want to use templating in Grafana to query a term aggregation in such way that I get the values in a field. eg: i.
I'm trying to use this query:
{"find":"terms","field":"i","size":25}
but it does not return any values.
I know that there are some values as I query the same docs with Sense.
I have Grafana v 4.6.2 and Elasticsearch v 2.3.4
The field I wanted has a "-" in the string. ES sees it as a separator, this was the reason of the error.
Changing the field's mapping to "not analyzed" should help.
I'm currently trying to create a graph on Grafana to monitor the status of my servers, however, I can't seem to find a way to use the value of a field as the value to be displayed on the graph. (Datasource is ElasticSearch)
The following "document" is going to be sent to GrayLog (which saves to Elastic) every 1 minute for an array of regions.
{
"region_key": "some_key",
"region_name": "Some Name",
"region_count": 1610
}
By using the following settings, I can get Grafana to display the count of messages it received for each region, however, I want to display the number on the region_count field instead.
Result:
How can I accomplish this? is this even possible using Elastic as the datasource?
1) Make sure that your document includes a timestamp in ElasticSearch.
2) In the Query box, provide the Lucene query which narrows down the documents to only those related to this metric
3) In the Metric line, press "Count" and change that to one which takes a specific field: for example, "Average"
4) Next to the "Average" box will appear "select field", which is a dropdown of the available fields. If you see unexpected fieldnames here, it's probably because your Lucene query isn't specific enough. (Kibana can be useful for getting this query right)
I need to index documents dynamically, thus I am using schemaless mapping for elasticsearch.
But when i search for an exact match for a value like "ABC XYZ" against a string field, I do not get any hits.
Also I need my search to be case insensitive. Is it possible to acheive this, only by making changes while search like by specifying an analyzer.
I am new to elasticsearch so any help would be appreciated.
I found out the answer
QueryBuilder queryBuilder = QueryBuilders.matchPhraseQuery("fieldName", "ABC XYZ");