I have some string s that I want to match with at least one of two fields, as a substring (s). So for example, if I have the string 456, I would want to search for any entries where in at least one of two specified fields, there exists the string 456. So if field1 had 1234567, it would match, or if field2 had 34567, it would match. Below is an one of the ways I've tried to do it so far, but no luck.
query: {
bool: {
should: { wildcard: { field1: "*" + input + "*"}},
should: { wildcard: { field1: "*" + input + "*"}}
}
}
I have also tried
query: {
query_string: "*" + input + "*",
fields: ["field1", "field2"]
}
I think what you need is:
{
"query": {
"bool": {
"should": [
{
"wildcard": {
"field1": "*"+"input"+"*"
}
},
{
"wildcard": {
"field2": "*"+"input"+"*"
}
}
]
}
}
}
Related
Let's say I have an array field containing strings in Elasticsearch documents.
Let the array in one of the documents be
mArray1: ["string1", "string2", "string3", "string4"]
mArray2: ["string1", "string7", "string11"]
I want a query to search the document which has both "string1" and "string2", i.e. it should return mArray1. Here is what I am using which uses OR filtering.I am also matching for another field which should be compulsory
query: {
bool: {
filter: [
{
range: {
"math.score": {
gte: 80
}
}
},
{
multi_match: {
query: "name1",
fields: ["name", "full_name"],
type: "phrase_prefix"
}
}
],
must: [
{
terms: {
"arrayField": ["string1", "string2"]
}
}
]
}
}
terms matches any of the values specified, you want to match documents that have both string1 and string2 to, then you need to two term queries in must:
"must" : [
{
"term" : {
"arrayField" : "string1"
}
},
{
"term" : {
"arrayField" : "string2"
}
}
]
I have 3 different search queries coming from different sources, I want to aggregate these queries in to a single query that will return the results that is union of these 3 queries (OR operation on query)
For example:
Query 1:
query: {
bool: {
filter: [
{ terms: { tags.keyword: ['apple', 'banana'] }},
{ terms: { language.keyword: ['en'] }},
]
}
}
Query 2:
query: {
bool: {
filter: [
{ terms: { tags.keyword: ['orange', 'mango'] }},
{ terms: { language.keyword: ['it'] }},
{ terms: { source.keyword: ['Royal Garden'] }},
]
}
}
Query 3:
query: {
bool: {
filter: [
{ terms: { owner.keyword: ['Dan Chunmun'] }},
{ terms: { language.keyword: ['en'] }},
{ terms: { source.keyword: ['Royal Garden'] }},
]
}
}
I what to have the search result that is:
Result = Query 1 OR Query 2 OR Query 3 (Union of all 3 queries)
I was looking at How to combine multiple bool queries in elasticsearch question, but there it is not explained how to merge the query.
I tried using should clause but not able to get the expected result so far.
I tried combining the bool part of the queries above like:
const boolTerms: any = [];
Queries.map(q => {
return boolTerms.push(q.query);
});
// combined query
filter : {
bool: {
should: boolTerms
}
}
There are two ways for combining queries
Query string query is meant for these use cases only. In query string query you can write each and every query in a string format
Let define a clause A=tags.keyword: ['apple', 'banana']
Now way you can combine multiple is this
{
"query": {
"query_string": {
"query": "(A and B) OR (D and E and F) or(G and H and E)"
}
}
}
Here A and B are all clauses of query 1.
But since query string query is a full-text query and analyzers will be applied to query terms, so for your case bool query would be used, in which you can combine tern queries as well
Here is an Example
{
"query": {
"bool": {
"should": [
{
"bool": {
"must": [
{
"terms": {
"tags.keyword": ["apple", "banana"]
}
},
{
"terms": {
"language.keyword": ["en"]
}
}
]
}
},
{
"bool": {
"must": [
{
"terms": {
"tags.keyword": ["orange", "banana"]
}
},
{
"terms": {
"language.keyword": ["it"]
}
}
]
}
}
]
}
}
}
I have a query
GET index/_search
{
"query": {
"bool": {
"should": [
{
"match": {
"key1": "value"
}
},
{
"wildcard": {
"key2": "*match*"
}
}
]
}
}
}
I want to make the same call with elasticsearch_dsl package
I tried with
s = Search(index=index).query({
"bool": {
"should": [
{
"match": {
"key1": "value"
}
},
{
"wildcard": {
"key2": "*match*"
}
}
]
}
})
s.using(self.client).scan()
But the results are not same, am I missing something here
Is there a way to represent my query with elasticsearch_dsl
tried this, no results
s = Search(index=index).query('wildcard', key2='*match*').query('match', key1=value)
s.using(self.client).scan()
it seems to me that you forgot the stars in the query.
s = Search(index=index).query('wildcard', key='*match*').query('match', key=value)
This query worked for me
s = Search(index=index).query('match', key1=value)
.query('wildcard', key2='*match*')
.source(fields)
also, if key has _ like key_1 elastic search behaves differently and query matches results even which do not match your query. So try to choose your key which do not have underscores.
I have problem with full match querying of field value. title and gender - fields of indexed docs
query: {
query_string: {
query: "box AND gender:\"women\"",
default_field: "title"
}
}
I use double quotes to match full query for gender. But if there is gender "men,women" with title 'box' it also will be in results. I know, that elasticsearch does not support regexp characters ^ and $ for beginning and end of the string, so I couldn't make /^women$/.
What do I need to do if I want docs matching only 'women' gender, not 'men,women' ?
Q:
What do I need to do if I want docs matching only 'women' gender, not 'men,women' ?
For exact searches you should use a terms query rather than a fulltext-search query like the query_string. So to get all documents that matches exactly gender == women you should do it like so:
GET your-index/_search
{
"query": {
"bool": {
"must": [
{
"term": {
"gender.keyword": {
"value": "women"
}
}
}
]
}
}
}
Please be aware that this query assumes that the gender-field is also mapped as a keyword.
To complete the query you would add another must-clause to get all documents that have box in the title field women as the value of the gender-field.
GET your-index/_search
{
"query": {
"bool": {
"must": [
{
"term": {
"gender.keyword": {
"value": "women"
}
}
},
{
"match": {
"title": "box"
}
}
]
}
}
}
Thank you apt-get_install_skill. Keyword did the work, but with some addings.
Summary this is solution:
query: {
bool: {
must: {
query_string: {
query: "box",
default_field: "title"
}
},
filter: {
bool: {
should: [
{term: {"gender.keyword": "women"}}
]
}
}
}
}
I need should as array for searching multiple genders if I will need it. For example, some docs have unisex gender, such as 'women,men'
Example with multiple genders:
query: {
bool: {
must: {
query_string: {
query: "box",
default_field: "title"
}
},
filter: {
bool: {
should: [
{term: {"gender.keyword": "women"}},
{term: {"gender.keyword": "kids"}}
#summary it may be gender 'girls'
]
}
}
}
}
When I build an ELK query and specify the criteria like:
'query_string' : {
'query': 'product.name: "' + productName + '"'
+ ' AND cost: xxxx'
}
}
It returns the records with product.name matching the value in variable productName but if I want to specify a list of productNames[], and all records containing product name from that list need to be returned, how do I modify the query above?
You can use product.name:(productA OR productB OR productC). Check out the query string syntax docs.
If you don't need to use a query_string query, you could also use a bool query with a terms query, like this:
{
"query": {
"bool": {
"must": [
{
"terms": {
"product.name": ["productA", "productB", "productC", ...]
}
},
{
"match": {
"cost": "xxxx"
},
{
"match": {
"otherField": "yyyy"
},
...
}
}
}
}