So I’m using elasticsearch V2.3.1. Below is my elasticsearch query:
GET pibtest1/_search?q=white
{
"size": 1,
"fields": ["U", "UE", "UD", "T"]
}
I get the following result after running the above query:
{
"took": 2,
"timed_out": false,
"_shards": {
"total": 5,
"successful": 5,
"failed": 0
},
"hits": {
"total": 85,
"max_score": 0.15116164,
"hits": [
{
"_index": "pibtest1",
"_type": "SearchTech",
"_id": "1",
"_score": 0.15116164,
"fields": {
"UE": [
"Some value1"
],
"U": [
"Some value2"
],
"T": [
"Some value3"
],
"UD": [
"Some value4"
]
}
}
]
}
}
As you can see in the results, Elasticsearch doesn’t provide any information about the query which is searched. In my case, the query is “white”. So is there any way to get the searched query (“white”) in the result? For example, I would like to get something like this in the result ->
“query”: “white”
I checked the explain API of Elasticsearch. It does provide the details of how the score gets computed but it doesn’t explicitly contain any field for searched query. Thank you everyone.
Related
I have several words in my elastic which shows when I search by 'match' keyword.
{
"took": 3,
"timed_out": false,
"_shards": {
"total": 10,
"successful": 10,
"failed": 0
},
"hits": {
"total": 1,
"max_score": 0.30685282,
"hits": [
{
"_index": "my_words_pack",
"_type": "work_g1",
"_id": "AVetfhx1AM1sow6PcrL0",
"_score": 0.30685282,
"_source": {
"keyword": "morteza"
}
}
]
}
}
but when I want to remove them by '_id' it doesn't work find and shows me this error:
es.delete_by_query(index='my_words_pack', doc_type='work_g1' body={"query": {"match": {"_id": "AVetfhx1AM1sow6PcrL0"}}})
Error:
aioes.exception.NotFoundError: TransportError(404, '{"found":false,"_index":"my_words_pack","_type":"work_g1","_id":"_query","_version":1,"_shards":{"total":2,"successful":1,"failed":0}}')
Elasticsearch removed the delete by query ability in version 2.0 and added it as a plugin that you must install if you would like to use this ability.
Since you already have the document IDs, its better if you delete these documents by id rather than by query. I think the way to do it in the Python extension is
es.delete(index="my_words_pack",doc_type="work_g1",id="AVetfhx1AM1sow6PcrL0")
My index looks like this:
GET pibtest1/_search
{
"took": 5,
"timed_out": false,
"_shards": {
"total": 5,
"successful": 5,
"failed": 0
},
"hits": {
"total": 11,
"max_score": 1,
"hits": [
{
"_index": "pibtest1",
"_type": "SearchTech",
"_id": "_update",
"_score": 1,
"_source": {
"script": "ctx._source.remove(\"wiki_collection\")"
}
},
{
"_index": "pibtest1",
"_type": "SearchTech",
"_id": "http://www.searchtechnologies.com/bundles/jquery?v=gOdOgfykTFJnypePAvGweyMPwl-krhx8ntIhefPKelg1",
"_score": 1,
"_source": {
"extension": {
"X-Parsed-By": "org.apache.tika.parser.DefaultParser",
"Content-Encoding": "ISO-8859-1",
"resourceName": "http://www.searchtechnologies.com/bundles/jquery?v=gOdOgfykTFJnypePAvGweyMPwl-krhx8ntIhefPKelg1"
},
"keywords": "keywords-NOT-PROVIDED",
"default_collection": true,
"wiki_collection": false,
"description": "description-NOT-PROVIDED",
"connectorSpecific": {
"discoveredBy": "http://www.searchtechnologies.com/",
"xslt": "false",
"pathFromSeed": "E",
"md5": "OKTGVLEWTE5V4PWXUBM2RK3KMQ"
},
"title": "Title-NOT-PROVIDED",
"url": "http://www.searchtechnologies.com/bundles/jquery?v=gOdOgfykTFJnypePAvGweyMPwl-krhx8ntIhefPKelg1",
"remove": "wiki_collection",
"UD": "http://www.searchtechnologies.com/bundles/jquery?v=gOdOgfykTFJnypePAvGweyMPwl-krhx8ntIhefPKelg1",
Now I want to use a wildcard query to search for few url which includes some pattern(for eg. http://www.searchtechnologies.com/bundles)
This is my wildcard query:
GET pibtest1/_search
{
"query": {
"wildcard": {
"url": {
"value": "http://www.searchtechnologies.com/bundles*"
}
}
}
}
I am using "*" wildcard which matches any character sequence. But I am not getting any results. My output looks like this:
{
"took": 11,
"timed_out": false,
"_shards": {
"total": 5,
"successful": 5,
"failed": 0
},
"hits": {
"total": 0,
"max_score": null,
"hits": []
}
}
I want my results to include those url which matches this "http://www.searchtechnologies.com/bundles" pattern. Any help would be appreciated.
Based on comments your url field is an analyzed field. So when you insert data the data will be tokenized as ["www.searchtechnologies.com", "v", "jquery", "gOdOgfykTFJnypePAvGweyMPwl", ...]. So your query wont match this field.
You should delete your index.
Insert a mapping and specify url field as not analyzed {"index":"not_analyzed"}
Insert your data.
Run wildcard query.
If you dont want to delete your index because a downtime check: https://www.elastic.co/blog/changing-mapping-with-zero-downtime
stackoverflow won't let me write that much example code so I put it on gist.
So I have this index
with this mapping
here is a sample document I insert into newly created mapping
this is my query
GET products/paramSuggestions/_search
{
"size": 10,
"query": {
"filtered": {
"query": {
"match": {
"paramName": {
"query": "col",
"operator": "and"
}
}
}
}
}
}
this is the unwanted result I get from previous query
{
"took": 2,
"timed_out": false,
"_shards": {
"total": 5,
"successful": 5,
"failed": 0
},
"hits": {
"total": 1,
"max_score": 0.33217794,
"hits": [
{
"_index": "products",
"_type": "paramSuggestions",
"_id": "1",
"_score": 0.33217794,
"_source": {
"productName": "iphone 6",
"params": [
{
"paramName": "color",
"value": "white"
},
{
"paramName": "capacity",
"value": "32GB"
}
]
}
}
]
}
}
and finally the wanted result, how I want the query result to look like
{
"took": 2,
"timed_out": false,
"_shards": {
"total": 5,
"successful": 5,
"failed": 0
},
"hits": {
"total": 1,
"max_score": 0.33217794,
"hits": [
{
"_index": "products",
"_type": "paramSuggestions",
"_id": "1",
"_score": 0.33217794,
"_source": {
"productName": "iphone 6",
"params": [
{
"paramName": "color",
"value": "white"
},
]
}
}
]
}
}
How should the query look like to achieve the wanted result with filtered array field which matches the query? In other words, all other non-matching array items should not appear in the final result.
The final result is the _source document that you indexed. There is no feature that lets you mask field elements of your document out of the Elasticsearch response.
That said, depending on your goal, you can look into how Highlighters and Suggesters identify result terms matching the query, or possibly, roll-your-own client-side masking using info returned from setting "explain": true in your query.
I have document {customerID: 111, name: bob, approved: yes}
The field "approved" is not indexed. I have a mapping set as "approved": { "type" : "string", "index" : "no" }
So only the fields "customerID" and "name" are indexed.
How can I update just the approved field in the _source without re-indexing the entire document? I can pass the partial document to update such as {approved: no}
Is this possible?
What you're looking for is partial update. The problem is this will actually perform delete+put+index implicitly, but you just leave this hustle for ES and will not lose time for network roundtrip. Probably ES will optimize such query (in case of unindexed fields, but AFAIK it doesn't do such for now)
POST so/t3/1
{
"name": "Bob",
"id": 1,
"approved": "no"
}
GET so/t3/_search
POST so/t3/1/_update
{
"doc": {
"approved": "yes"
}
}
{
"took": 2,
"timed_out": false,
"_shards": {
"total": 5,
"successful": 5,
"failed": 0
},
"hits": {
"total": 1,
"max_score": 1,
"hits": [
{
"_index": "so",
"_type": "t3",
"_id": "1",
"_score": 1,
"_source": {
"name": "Bob",
"id": 1,
"approved": "yes"
}
}
]
}
}
I am trying to understand what the difference is between:
a "plain" elasticsearch query that is going to match a terms query and return a certain number of hits.
and a filtered query (therefore using a filter) that is going to return the same number of hits.
Here is the terms query:
GET _search
{
"query": {
"terms": {
"childcareTypes": [
"SOLE_CHARGE",
"OUT_OF_SCHOOL",
"BABY_SITTING"
],
"minimum_match": 3
}
}
}
Here is the filtered version:
GET _search
{
"query": {
"filtered": {
"filter": {
"terms": {
"childcareTypes": [
"SOLE_CHARGE",
"OUT_OF_SCHOOL",
"BABY_SITTING"
],
"execution": "and"
}
}
}
}
}
Both return a total hits of 8000 (against my index).
Here is the result from the "plain" terms query:
{
"took": 7,
"timed_out": false,
"_shards": {
"total": 5,
"successful": 5,
"failed": 0
},
"hits": {
"total": 8000,
"max_score": 5.134171,
"hits": [
{
"_index": "bignibou",
"_type": "advertisement",
"_id": "AUs2T2lt3L5LNr7nkot2",
"_score": 5.134171,
"_source": {
"childcareWorkerType": "AUXILIAIRE_PARENTALE",
"childcareTypes": [
"SOLE_CHARGE",
"OUT_OF_SCHOOL",
"BABY_SITTING"
],
"address": {
"latitude": 48.8532558,
"longitude": 2.36584
},
"giveBath": "EMPTY"
}
},
...
Here is the result from the "filtered" query:
{
"took": 3,
"timed_out": false,
"_shards": {
"total": 5,
"successful": 5,
"failed": 0
},
"hits": {
"total": 8000,
"max_score": 1,
"hits": [
{
"_index": "bignibou",
"_type": "advertisement",
"_id": "AUs2T2lt3L5LNr7nkot2",
"_score": 1,
"_source": {
"childcareWorkerType": "AUXILIAIRE_PARENTALE",
"childcareTypes": [
"SOLE_CHARGE",
"OUT_OF_SCHOOL",
"BABY_SITTING"
],
"address": {
"latitude": 48.8532558,
"longitude": 2.36584
},
"giveBath": "EMPTY"
}
},
....
Then what are the differences between the two?
This is related to the differences between queries and filters (more information here).
In your case, unlike terms query, terms filter :
is cached
doesn't compute the score : all matching documents have the same _score of 1 (look at your results)
Consequently, the biggest difference is that the filtered query will be faster than a 'plain' terms query.