elasticsearch


Elasticsearch 5.2 nested query for multi terms


nested document look like this
{
"userid": "123",
"usertag": [
{
"tag": "A",
"logcreatetime": "2017-01-14"
},
{
"tag": "C",
"logcreatetime": "2017-01-17"
}
]
},
{
"userid": "456",
"usertag": [
{
"tag": "A",
"logcreatetime": "2017-01-12"
},
{
"tag": "B",
"logcreatetime": "2017-01-19"
}
]
},
.....
usertag object is nested mapping,
how to get user id by 2017-01-12 to 2017-01-19 , has tag A and B?
thanks
sorry for my english.
I'm assuming you've indexed your logcreatetime as Date field, so you can use the following query:
curl -XGET http://localhost:9200/my_users/_search -d '
{
"query": {
"bool": {
"must": [ {
"nested": {
"path": "usertag",
"query": {
"bool": {
"must": [
{ "match": { "usertag.tag": "A" }},
{ "range" : {
"usertag.logcreatetime" : {
"gte": "2017-01-12",
"lte": "2017-01-19"
}
}}
]
}
}
}
}, {
"nested": {
"path": "usertag",
"query": {
"bool": {
"must": [
{ "match": { "usertag.tag": "B" }},
{ "range" : {
"usertag.logcreatetime" : {
"gte": "2017-01-12",
"lte": "2017-01-19"
}
}}
]
}
}
}
}]
}
}
}'
The limitation of syntax is that you can look for particular child which both has particular tag AND its logcreatetime lies within given range. But in order to ensure you'll have two children you should combine two nested queries into 2 must clauses of top-level bool.

Related Links

Elasticsearch - using ngrams as a tokenizer and filter gives different outputs
Grouping match_phrase search results by match text in Elastic Search
Need a customized index in the elasticsearch
ElasticSearch assign own IDs while indexing with LogStash
How to retrieve the latest event with a given field value?
Converting nginx access log bytes to number in Kibana4
Elasticsearch minBy
Snowball analyzer vs language analyzer
AND between tokens in elasticsearch
Elasticsearch Stemmer Override Token Filter not working when usind rules path
Logstash extracting values from sp_executesql
Logstash Grok Modifying and overwriting #timestamp
how to restore elasticsearch.yml config file to original?
Index a graph with ElasticSearch
ElasticSearch query not returning expected results
Fluentd High Availability Custom Index

Categories

HOME
firebase
memory
opencart
keyboard
weblogic12c
yii
softlayer
subdomain
hdfs
embedded-resource
ant
impala
angular-meteor
ui-automation
angular2-template
pyresttest
reportviewer
siesta
fasm
xades4j
fireloop
smartgwt
spring-jpa
sonata
orange-api
temperature
web-deployment
fosuserbundle
maven-plugin
spring-shell
eclipse-emf
data-collection
knights-tour
private-key
char-pointer
xerces-c
testlink
strapi
recovery
oauth2-playground
mura
mobile-angular-ui
alertify
pbx
scheduledexecutorservice
conan
jtag
powerpoint-2013
noclassdeffounderror
strpos
django-validation
diawi
boost-proto
textpattern
directx-9
gluon-desktop
knife
espresso
wlanapi
vdm-sl
domino-designer-eclipse
algebraixlib
explain
kefir.js
console.log
neo4jphp
.htpasswd
spring-social-linkedin
acitree
coalesce
quickgraph
xs
ofstream
red-system
system-requirements
wndproc
image-formats
nsfont
uploading
wiktionary
glx
play2-mini
qt-mobility
printqueue
downgrade
3-tier
sscli
android-input-method
facebook-fbml
activex-exe
synthesizer

Resources

Encrypt Message