I have posted data to elastic search i.e username , resume(type: blob) .
now i want to search a particular world from resume so for that i fire following query in elasticsearch tool :
{"query": {
"bool": {
"must": [
{
"match": {
"filecontent": "Documentation"
}
}
],
"must_not": [],
"should": []
}
},"from": 0,
"size": 10
}
but No results are there: my resume contains "Documentation" word.
so please suggest me the how to construct a query in filecontent.
Help?
here is my data which I posted in elastic search:
{
"took": 112,
"timed_out": false,
"_shards": {
"total": 5,
"successful": 5,
"failed": 0
},
"hits": {
"total": 1,
"max_score": 0.6931472,
"hits": [
{
"_index": "profiles",
"_type": "resume",
"_id": "2013",
"_score": 0.6931472,
"_source": {
"filetype": "doc",
"firstname": "akash",
"filecontent": "PK\u0003\u0004\u0014\u0000\u0006\u0000\b\u0000\u0000\u0000!\u00002oWf\u0001\u0000\u0000¥\u0005\u0000\u0000\u0013\u0000\b\u0002[Content_Types].xml ¢\u0004\u0002( \u0000\u0002\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\"
}
]
}
Related
I am trying to apply pagination to my range query to get full records between the given date range.
Below is the query i tried using
Query:
{
"query":
{
"range":
{
"sys_created_on":
{
"gte":"2022-01-01 01:00:00",
"lte":"2022-03-10 01:00:00"
}
}
},
"sort": [
{"sys_created_on": "asc","u_user_updated": "asc"}
]
}
payload:
{
"took": 62,
"timed_out": false,
"_shards": {
"total": 8,
"successful": 8,
"skipped": 0,
"failed": 0
},
"hits": {
"total": {
"value": 10000,
"relation": "gte"
},
"max_score": null,
"hits": [
{
"_type": "_doc",
"_id": "61c158191bbc89905ad62064604bcb39",
"_score": null,
"_source": {
"key1":"val1",
"key2":"val2",
--------
--------
"keyn":"valn",
}
}
}
In the above query "sys_created_on" and "u_user_updated" are the fields available in my payload response. As said in this documentation, [elastic_search_search_query], I am not getting the payload with "sort" as key. So that I can use the search_after
Try changing
"sort": [
{"sys_created_on": "asc","u_user_updated": "asc"}
]
for
"sort": [
{"sys_created_on": "asc"}, {"u_user_updated": "asc"}
]
I'm trying out a query in elastic search(version 6.0) where I have a base query and on top of that, I have filters applied to narrow down the search. It is as follows:
GET target_index/_search
{
"from": {start},
"size": {offset},
"_source": [
"id",
"name",
"email",
"company",
"created_at",
],
"query": {
"bool": {
"filter": {
"bool": {
"filter": [
{ "terms":{"name.raw": ["test","test2"] }},
{ "terms":{"email.raw": ["test#test.com","test2#test.com"] }}
]
}
},
"must": {
"query_string": {
"query": "test",
}
}
}
},
"highlight": {
"fields": {
"*":{
"type":"plain"
}
}
}
}
Current result -
{
"took": 5,
"timed_out": false,
"_shards": {
"total": 3,
"successful": 3,
"skipped": 0,
"failed": 0
},
"hits": {
"total": 1,
"max_score": 1.90374,
"hits": [
{
"_index": "index_name",
"_id": "my_id",
"_score": 1.90374,
"_source": {
"id": 2,
"name": "test",
"email": "test#test.com",
"company": "test company"
},
"highlight": {
"name.raw": [
"<em>test</em>"
],
"name": [
"<em>test</em>"
],
"company": [
"<em>test</em> company"
]
}
}
]
}
}
Desired result -
{
"took": 5,
"timed_out": false,
"_shards": {
"total": 3,
"successful": 3,
"skipped": 0,
"failed": 0
},
"hits": {
"total": 1,
"max_score": 1.90374,
"hits": [
{
"_index": "index_name",
"_id": "my_id",
"_score": 1.90374,
"_source": {
"id": 2,
"name": "test",
"email": "test#test.com",
"company": "test company"
},
"highlight": {
"company": [
"<em>test</em> company"
]
}
}
]
}
}
Here, in the highlights in the desired result, I don't want the data for "name" and "name.raw". This field should not be searched only for this particular query , so I cannot disable the field entirely from searching.
I have a lot of terms and cannot specify every term to include in the query. Is there a way to exclude only a few fields from query search?
related ES doc -
https://www.elastic.co/guide/en/elasticsearch/reference/6.0/index.html
Instead of excluding certain fields, you could include only those that you need:
{
"query": {
...
},
"highlight": {
"fields": {
"company":{ <---
"type":"plain"
}
}
}
}
I want to display only the items that contain the word itself when "google" searches
How can I only search for items that have only the word "google"?
Request body
(Request created in postman)
{
"query": {
"bool": {
"must": [
{
"match": {
"body": "google"
}
}
]
}
}
}
Response body
(Request created in postman)
{
"took": 0,
"timed_out": false,
"_shards": {
"total": 1,
"successful": 1,
"skipped": 0,
"failed": 0
},
"hits": {
"total": {
"value": 3,
"relation": "eq"
},
"max_score": 0.6587735,
"hits": [
{
"_index": "s_t",
"_type": "_doc",
"_id": "3",
"_score": 0.6587735,
"_source": {
"body": "google"
}
},
{
"_index": "s_t",
"_type": "_doc",
"_id": "4",
"_score": 0.5155619,
"_source": {
"body": "google map"
}
},
{
"_index": "s_t",
"_type": "_doc",
"_id": "5",
"_score": 0.5155619,
"_source": {
"body": "google-map"
}
}
]
}
}
I need this output
(Request created in postman)
{
"took": 2,
"timed_out": false,
"_shards": {
"total": 1,
"successful": 1,
"skipped": 0,
"failed": 0
},
"hits": {
"total": {
"value": 3,
"relation": "eq"
},
"max_score": 0.69381464,
"hits": [
{
"_index": "s_t",
"_type": "_doc",
"_id": "3",
"_score": 0.69381464,
"_source": {
"body": "google"
}
}
]
}
}
In mysql with this query I reach my goal.
Similar query in mysql:
select * from s_t where body='google'
well i assume you automap or use a text in your mappings.
specify .keyword in your query. Note this is case sensitive.
{
"query": {
"bool": {
"must": [
{
"match": {
"body.keyword": "google"
}
}
]
}
}
}
If you only want to query your body field using exact match. You need to reindex it using keyword. Take a look at: Exact match in elastic search query
The following query is returning an empty result even though there are results matching the query.
GET abc*/_search
{
"query": {
"bool": {
"must": [
{"range": {
"timestamp": {
"gte": "2018-01-01T00:00:00.000",
"lte": "2018-01-02T12:00:00.465"
}
}}
]
}
}
}
When I replace must with must_not I am getting results.The following is my index data
{
"took": 0,
"timed_out": false,
"_shards": {
"total": 6,
"successful": 6,
"skipped": 0,
"failed": 0
},
"hits": {
"total": 1,
"max_score": 1,
"hits": [
{
"_index": "abc",
"_type": "log",
"_id": "abc3423498239048290",
"_score": 1,
"_source": {
"0": {
"test": 289,
"testnested": {
"testnested1": 0,
"testnested2": 0.615,
},
"test1": 46.17,
"test2": 59.4,
"ts": "2018-01-01T00:08:20.396UTC"
},
"1":{
----------
----------
},
........
"10":{
------------------
},
"timestamp": "2018-01-01T00:08:20.396UTC",
}
-----------
}
Is there anything I am doing wrong?.timestamp field is of type "date_hour_minute_second_millis".I am using Elasticsearch version 5+. I have used this same query in another index and it is working there.
I have a query like the following
{
"script_fields": {
"my_script_field": {
"script": "..."
}
},
"query": {
"match": {
"my_script_field":"*"
}
}
}
and it returns empty.
{
"took": 1,
"timed_out": false,
"_shards": {
"total": 10,
"successful": 10,
"failed": 0
},
"hits": {
"total": 0,
"max_score": null,
"hits": []
}
}
I can see that the script is actually working by simply retuning everything
like:
{
"fields": [
"_source"
],
"script_fields": {
"my_script_field": {
"script": "..."
}
},
"query": {
match_all: {}
}
}
Example results:
"hits": {
"total": 1008681,
"max_score": 1,
"hits": [
{
"_index": "logstash-2016.08.27",
"_type": "traffic",
"_id": "AVbLDW8qw2vffjMOfTxb",
"_score": 1,
"_source": {
"#version": "1",
"#timestamp": "2016-08-27T06:11:46.000Z",
.................
}
},
"fields": {
"my_scripted_field": [
"Asia"
]
}
but I cant seem to access it in the query context in any other way.
my question so is:
Where is the script output saved in memory? (_fields?)
How to access it via a query? (without copying the script over to a filter script)
Thanks!