Question

与Query the latest document of each type on Elasticsearch类似，我在ES中有一组记录。为了这个例子，让我们说它也是新闻，每个都有映射：

"news": {
    "properties": {
        "source": { "type": "string", "index": "not_analyzed" },
        "headline": { "type": "object" },
        "timestamp": { "type": "date", "format": "date_hour_minute_second_millis" },
        "user": { "type": "string", "index": "not_analyzed" }
        "newspaper": { "type": "string", "index": "not_analyzed"}
    }
}

我可以通过以下方式获取每位用户的最新“新闻报道”：

"size": 0,
"aggs": {
    "sources" : {
        "terms" : {
            "field" : "user"
        },
        "aggs": {
            "latest": {
              "top_hits": {
                "size": 1,
                "sort": {
                  "timestamp": "desc"
                }
              }
            }
        }
    }
}

然而，我想要实现的目标是获得上一篇文章每位用户，每份报纸，我无法理解它。

e.g。

约翰，纽约时报，Title1
John，BBC ，Title2
简，纽约时报，Title3
等

Answer 1

您可以为terms字段添加另一个newspaper子聚合，如下所示

"size": 0,
"aggs": {
    "sources" : {
        "terms" : {
            "field" : "user"
        },
        "aggs": {
            "newspaper": {
               "terms": {
                  "field": "newspaper"
               },
               "aggs": {
                  "latest": {
                     "top_hits": {
                       "size": 1,
                       "sort": {
                          "timestamp": "desc"
                       }
                     }
                  }
               }
            }
        }
    }
}

Elasticsearch获取最新文档，按多个字段分组

1 个答案: