We have an index named "machines", and have types "auto, bike, car, flight" in ElasticSearch
I want to get the similar brands from my search on an index - from every type
How do I query to get the top 1 document of each type, from a search on an index (having multiple types) via the Elasticsearch REST API?
Try this, using top_hits aggregation:
GET /machines/_search?search_type=count
{
"query": {
"match_all": {} //your query here
},
"aggs": {
"top-types": {
"terms": {
"field": "_type"
},
"aggs": {
"top_docs": {
"top_hits": {
"sort": [
{
"_score": {
"order": "desc"
}
}
],
"size": 1
}
}
}
}
}
}
Related
I am writing queries in the Elasticsearch for my app.I need it to search within several indices and aggregate the result(For example, shows 3 items of each indices)like below.
I tested nested, aggregation, joining queries but it is not the answer.I need the result to be returned as below
{
index1: [
{item1},
{item2},
],
index2: [
{item3},
{item4},
{item5},
]
}
Does anybody know what should I do?
You can do multi-index search and the use aggregation and sorting on based on _index metadata.
Your query should look like this:
GET index_1,index_2/_search
{
"query": {
"terms": {
"_index": ["index_1", "index_2"]
}
},
"aggs": {
"indices": {
"terms": {
"field": "_index",
"size": 10
}
}
},
"sort": [
{
"_index": {
"order": "asc"
}
}
],
"script_fields": {
"index_name": {
"script": {
"lang": "painless",
"source": "doc['_index']"
}
}
}
}
For more information you can check ES official documentation here.
I've an index in elastic search which contains data of daily transactions. Each doc has mainly three fields as below :
TxnId, Status, TxnType,userId
two documents can have same TxnIds.
I'm looking for a query that provides aggregation over status,TxnType for unique txnIds. Basically I'm looking for something like : select unique txnIds from user_table group by status,txnType.
I've a ES query which will dedup on TxnIds. I've another ES query which can perform composite aggregation on status and txnType. I want to do both things in Single query.
I tried collapse feature . I also tried cardinality and dedup features. But query is not giving correct output.:
{
"size": 0,
"query": {
"bool": {
"filter": [
{
"term": {
"streamSource": 3
}
}
]
}
},
"collapse": {
"field": "txnId"
},
"aggs": {
"buckets": {
"composite": {
"size": 30,
"sources": [
{
"status": {
"terms": {
"field": "status"
}
}
},
{
"txnType": {
"terms": {
"field": "txnType"
}
}
}
]
}
}
}
}
Say I have documents of type Order and they have a field bulkOrderId. Bulkorderid represents a group or bulk of orders issued at once. They all have the same Id like this :
Order {
bulkOrderId": "bulkOrder:12345678";
}
The id is unique and is generated using UUID.
How do I find groups of orders with the same bulkOrderId from elasticsearch when the bulkOrderId is not known? Is it possible?
You can achieve that using a terms aggregation and a top_hits sub-aggregation, like this:
{
"query": {
"match_all": {}
},
"aggs": {
"bulks": {
"terms": {
"field": "bulkOrderId",
"size": 10
},
"aggs": {
"orders": {
"top_hits": {
"size": 10
}
}
}
}
}
}
Hi I've indexed some info into ElasticSearch like
{"info":"002345 Groot 7AP"}
and supported a query template
GET _search?size=5
`{"query": {
"match_phrase_prefix": {
"info": "%s"
}
}
}`
so I can search info by any terms.
the default order is "_score":"desc"
and now I want to return query results sorting by hit count, so the frequently used infos would show up.
I read some aggregation api on elastic.co, but don't know how to write the query body.
Thanks.
Try this if this works:
`{
"aggs": {
"top_tags": {
"terms": {
"field": "type",
"size": 3
},
"aggs": {
"top_sales_hits": {
"top_hits": {
"sort": [
{
"_score": {
"order": "desc"
}
}
],
"size" : 1
}
}
}
}`
}
}`
In an Elasticsearch index I have document having fields: fooId and fooField.
I would like to fetch the document with a given fooId value but the largest value of fooField. Right now, I have a filtered query with an aggregation like this one:
"aggs": {
"topHits_agg": {
"top_hits": {
"sort": [{
"fooField": {
"order": "desc"
}
}],
size: 1
}
}
}
However, the performance is not good. Is there any way to make this better?
If I understand correctly you do not need aggregation, you could sort on fooField directly like this
GET your_index/_search
{
"query": {
"filtered": {
"filter": {
"term": {
"fooId": "your_specific_id"
}
}
}
},
"sort": [
{
"fooField": {
"order": "desc"
}
}
],
"size": 1
}