Stack Overflow
Stack Overflow

Questions tagged [elasticsearch-query]

Elasticsearch provides a full Query DSL based on JSON to define queries. In general, there are basic queries such as term or prefix. There are also compound queries like the bool query. Queries can also have filters associated with them such as the filtered or constant_score queries, with specific filter queries.

Elasticsearch provides a full Query DSL based on JSON to define queries. In general, there are basic queries such as term or prefix. There are also compound queries like the bool query. Queries can also have filters associated with them such as the filtered or constant_score queries, with specific filter queries.

Certain queries can contain other queries (like the bool query), others can contain filters (like the constant_score), and some can contain both a query and a filter (like the filtered). Each of those can contain any query of the list of queries or any filter from the list of filters, resulting in the ability to build quite complex (and interesting) queries.

634 questions
0
votes
1 answer

Elasticsearch exeact match on analyzed field of integers

I want to find exact matches on a (analyzed string) field in ES. All values are integers but mapped as strings. I, unfortunately, cannot change the mapping and using query: { match: { fieldName: '1234' } } also gives me 0 hits. I cannot…
Acalypha
  • 171
  • 2
  • 14
0
votes
1 answer

Elasticsearch Aggregations: Volume-Weighted Average Price

I need to plot the Volume-Weighted Average Prive (VWAP) of trades having a price_per_unit and a quantitiy over a certain time range. As a result of the aggregation every bucket of the date_histogram should contain the VWAP of the all trades that…
Bernhard Vallant
  • 49,468
  • 20
  • 120
  • 148
0
votes
1 answer

Elasticsearch query from javascript to access nested field

I have the following data in elasticsearch. I want to aggregate based on "Dest IP" after matching for a particular value of "Source MAC Addr". How to achieve this using elasticsearch query from javascript. { "took" : 2, "timed_out" :…
Kalyanam Rajashree
  • 652
  • 2
  • 11
  • 23
0
votes
2 answers

'Should' bool query fetches unwanted results

I want to perform a query equivalent to the following MYSQL query SELECT http_user, http_req_method, dst dst_port count(*) as total FROM my_table WHERE http_req_method='GET' OR http_req_method="POST" GROUP BY http_user, http_req_method, dst…
Apostolos
  • 7,763
  • 17
  • 80
  • 150
0
votes
0 answers

Combining filters and terms in multiple boolean fields using and

Suppose we have the following filtering: field > 0 AND field != value I am a bit mixed up on the many ways that elasticsearch has to express that filter using the bool query.Consider the following queries: Query one "bool":{ "must_not":{ …
Apostolos
  • 7,763
  • 17
  • 80
  • 150
0
votes
1 answer

Elasticsearch filtering with date range data and a must_not bool query

I want to extract the following sql query to elasticsearch. Select * from someTable Where @timestamp < some_date and @timestamp >= some_other_date and dst != '-' And then do some aggregations on the returned documents. The aggregations part I have…
Apostolos
  • 7,763
  • 17
  • 80
  • 150
0
votes
1 answer

Looking for a more concise way to prefix match on multiple terms

I'm looking for a better way. I have an arbitrary number of input terms (let's say they are last names) from the user. I want to perform a prefix search on each one and boost score for any matches. The not-analyzed prefix query is what I'm using…
John K
  • 28,441
  • 31
  • 139
  • 229
0
votes
1 answer

How could I append time stamp range within my elasticsearch query?

I'm trying perform an elasticsearch query as a POST request in order pull data from the index which I created. The data which is in the index is, a table from MySQL DB, configured though logstash. Here is my request and the JSON…
Kulasangar
  • 9,046
  • 5
  • 51
  • 82
0
votes
1 answer

How could I have MySQL sum() and group by clause within my elasticsearch query?

I'm trying perform an elasticsearch query as a GET request in order pull data from the index which I created. The data which is in the index is, a table from MySQL DB, configured though logstash. Here is my request without the IN…
Kulasangar
  • 9,046
  • 5
  • 51
  • 82
0
votes
1 answer

How could I have MySQL IN clause within my elasticsearch query?

I'm trying perform an elasticsearch query as a GET request in order pull data from the index which I created. The data which is in the index is, a table from MySQL DB, configured though logstash. Here is my request without the IN…
Kulasangar
  • 9,046
  • 5
  • 51
  • 82
0
votes
1 answer

Timezone causing different results when doing a search query to an index in Elastic Search

I'm trying to find out the results from a search query (ie: searching results for the given date range) of a particular index. So that I could get the results in a daily basis. This is the query :…
Kulasangar
  • 9,046
  • 5
  • 51
  • 82
0
votes
1 answer

Elasticsearch fix date field value. (change field value from int to string)

I used python ship data from mongodb to elasticsearch. There is a timestamp field named update_time, mapping like: "update_time" : { "type": "date", "format": "yyy-MM-dd HH:mm:ss||yyyy-MM-dd||epoch_millis" }, epoch_millis …
Mithril
  • 12,947
  • 18
  • 102
  • 153
0
votes
1 answer

Group by a part of string from a field rather than the full field in Elasticsearch

Here structure of my index: [ { "Id":"1", "Path":"/Series/Current/SerieA/foo/foo", "PlayCount":100 }, { "Id":"2", "Path":"/Series/Current/SerieA/bar/foo", "PlayCount":1000 }, { …
gunererd
  • 651
  • 9
  • 19
0
votes
1 answer

Sum for Multiple Ranges on GroupBy Aggregations in Elasticsearch

The following mapping is aggregated on multiple levels on a field grouping documents using another field. Mapping: { 'predictions': { 'properties': { 'Company':{'type':'string'}, 'TxnsId':{'type':'string'}, …
Jack Daniel
  • 2,527
  • 3
  • 31
  • 52
0
votes
1 answer

Elasticsearch: How to score query for range based on array with max/min values

I have many documents containing a rate property which is an array containing min/max range of accepted rates. { "rate": [250, 700] } I now would like to perform queries providing another range, for example: { "bool": { "must": [ …
zanona
  • 12,345
  • 25
  • 86
  • 141
1 2 3
42 43