I have this json:
body: {
"sort" : queryBody.sort,
"query": {
"bool": {
"must": [
{"query_string": { "query": '"mystring"' } }
],
"filter": {
query_string: { query: '"mystring"' } } search-filter [{"term":{"accessType":1}}]
}
}
}
}
This json seems to be searching inside all the fields in the document. How can I specify the exact fields I want to search into according to current json?
I have seen resources explaining you should add the "fields"-array. But I could not find a structure that lookes like mine, which have the schema
query.bool.must.query_string
So I don't really understand where to place the fields-array.
You are very close. You need to add fields array.Try following query:
{
"query": {
"bool": {
"must": [
{
"query_string": {
"fields": [
"field1" ,
"field2"
],
"query": "this AND that OR thus"
}
}
]
}
}
}
Related
I have already various queries that collect data and show it in the Kibana dashboard.
Now I would like to get unique values from my result data. How can I write the query DSL for that.
Basically I would like to get unique value for the field contextMap.connectionid. Is there a way do achieve that using something similar to this example?
{
"query": {
"bool": {
"must": [
{
"nested": {
"path": "app",
"query": {
"bool": {
"must": [
{
"match": {
"app.key": "contextMap.connectionid"
}
}
]
}
}
}
}
]
}
}
}
You can calculate distinct count with the help of aggregation .
So, your search query is :
Search Query :
{
"query": {
"bool": {
"must": [
{
"nested": {
"path": "app",
"query": {
"bool": {
"must": [
{
"match": {
"app.key": "contextMap.connectionid"
}
}
]
}
}
}
}
]
}
},
"aggs": {
"uniqueconnectionId": {
"terms": {
"field": "contextMap.connectionid.keyword"
}
}
}
}
You can refer here for calculating distinct values of a field https://discuss.elastic.co/t/get-distinct-values-from-a-field-in-elasticsearch/99783
The following documents should be found:
matches query 'my text' AND (has not field OR field with value)
I have tried the following:
GET /myIndex/_search
{
"query": {
"bool": {
"must": [
{
"query_string": {
"query": "my text"
}
},
{
}
],
"filter": {
"bool": {
"must_not": {
"exists": {
"field": "myField"
}
},
"must": {
"terms": {
"myField": [
"myValue"
]
}
}
}
}
}
}
}
It should (but does not) work liek that:
bool combine via OR must and filter parts
first must select by query
filter uses bool which combines by OR must andmust_not`
But this behaves like must combined with must_not via AND clause. E.g. when I removed "must" or "must_not" query works.
How change query to combine "must" with "must_not" via OR clause?
Elasticsearch version is 5.3.2
You need an extra bool filter between the must and must_not terms.
You should also think about your myField field. If it is defined as text or as keyword.
Tested with elasticsearch 5.6.1 the following query works:
{
"query": {
"bool": {
"must": [{
"query_string": {
"query": "this is a text content"
}
}],
"filter": {
"bool": {
"should" : [{
"bool" : {
"must_not": {
"exists": {
"field": "myField"
}
}
}
},
{
"bool" : {
"must": {
"terms": {
"myField.keyword": ["my field exists and has a value"]
}
}
}
}]
}
}
}
}
}
On Elasticsearch 7.X, you can simply do:
{
"query": {
"bool": {
"must": [
{"match": {"field1": {"query": "Hero"}}}
],
"must_not": [
{"terms":{"field3":["Batman"]}},
]
}
}
}
I have data in the following format:
{ "_id":1,
"s_id":121211,
"data_detail":{
"name":"John",
"phone_number":08089320xxx,
"city":"ABC"
}
}
I need to search data through elastic search which will query where s_id=? and any text which is available in data_detail object. Example s_id=121211 AND ABC. I need wildcard on data_detail object.
Keys for the data_detail object is not fixed.
Thanks in advance.
I would consider using a bool query with multi_match and term query like this. I haven't tested this, but something on these lines should work I guess.
GET test_index/_search
{
"query": {
"nested": {
"path": "data_detail",
"query": {
"bool": {
"must": [
{
"multi_match": {
"query": "ABC",
"fields": [
"data_detail.*"
]
}
},
{
"term": {
"s_id": {
"value": "121211"
}
}
}
]
}
}
}
}
}
Solved this by using the following query:
{
"query": {
"bool": {
"must": [
{
"query_string":{
"fields":["data_detail.*"],
"query": "*str*",
"analyze_wildcard":true
}
},
{
"term": {
"s_id": {
"value": "121211"
}
}
}
]
}
}
}
Is there any way to boost search results on same field depending on type?
My basic boosting is something like:
GET _search
{
"query": {
"simple_query_string": {
"query": "mangan",
"fields":["_all", "title^6"]
}
}
}
But for some other documents I want title to be less important, so I tried to prefix it with type:
GET _search
{
"query": {
"simple_query_string": {
"query": "mangan",
"fields":[
"_all",
"DocumentationPage.title^6",
"DocumentationPage.title^6"]
}
}
}
But then it does not boost at all. As a last resort I could use Funcsion/Script Score bu would like to avoid it.
For sake of example, assume that document contains just title field.
A simple way to achieve this is re-writing the query in the OP as a dis-max query.
Example for elasticsearch 5.x:
{
"query": {
"dis_max": {
"queries": [
{
"simple_query_string": {
"fields": [
"_all"
],
"query": "mangan"
}
},
{
"bool": {
"filter": {
"type": {
"value": "DocumentationPage"
}
},
"must": [
{
"simple_query_string": {
"fields": [
"title^6"
],
"query": "mangan"
}
}
]
}
}
]
}
}
}
I have an index with some documents having a field named "access_type" . It can have 2 values, either "faculty" or "students".
For the documents with "faculty" as the value for "access_type", there will be another field called "faculties" which is a list of faculty name.
So an example document would look like below:
{
"access_type": "faculty",
"faculties": [
"facultyId1",
"facultyId2",
"facultyId3"
]
}
Now if we have two inputs say one is for the access_type and another is for the faculties.
If I get the following input "faculty" and "facultyId4" . First I need to filter out all the documents matching the access type "faculty" and then in the resulting results the "facuultyId4" should search against the field "faculties". Since the "facultyId4" is not in the above document,it should not be considered a hit.
How can I implement this as an elasticsearch query?
POST http://your.elastic.host:9200/index/type/_search
{
"query": {
"filtered": {
"query": {
"match_all": {}
},
"filter": {
"bool": {
"must": [
{
"term": {
"access_type": "faculty"
}
},
{
"term": {
"faculties": "facultyId4"
}
}
]
}
}
}
}
}
Hope this will for work.
GET index/type/_search
{
"query": {
"filtered": {
"filter": {
"and": {
"filters": [
{
"query": {
"match": {
"access_type": "faculty"
}
}
},
{
"query": {
"match": {
"faculties": "facultyId4"
}
}
}
]
}
}
}
}
}