我目前正在尝试对elasticsearch index运行聚合查询来做推荐。
使用logstash推送到elasticsearch的数据
OrderNumber ProductName
o12345 Chicken
o55631 Peanuts
o12345 Apples
o98356 Avocado
o12345 Oranges
o31498 Peach
o12345 Grapes
正如您所见,订单编号 o12345 是唯一的,其中包含为该订单购买的所有产品。
将数据传递到Elasticsearch后,我得到以下格式化输出:
"_index" : "hello",
"_type" : "logs",
"_id" : "AVmxZxg-pyZuCjD89WOe",
"_score" : 1.0,
"_source" : {
"message" : "o12345\Chicken\r",
"@version" : "1",
"@timestamp" : "2017-01-18T11:47:20.518Z",
"path" : "C:\\Elk\\logstash\\bin\\mylog.log",
"host" : "localhost",
"OrderNumber" : "o12345",
"ProductName" : "Chicken"
}, {
"_index" : "hello",
"_type" : "logs",
"_id" : "AVmxZxg-pyZuCjD89WOe",
"_score" : 1.0,
"_source" : {
"message" : "o55631\Peanuts\r",
"@version" : "1",
"@timestamp" : "2017-01-18T11:47:20.518Z",
"path" : "C:\\Elk\\logstash\\bin\\mylog.log",
"host" : "localhost",
"OrderNumber" : "o55631",
"ProductName" : "Peanuts"
我正在尝试查询此数据以获得以下结果:
示例
{
"query" : {
"match" : {
"ProductName" : "Chicken"
}
现在退回购买鸡肉的所有其他产品,这些产品是o12345独有的
OrderNumber ProductName
o12345 Apples
o12345 Oranges
o12345 Grapes
请帮助我不熟悉弹性并且不确定如何制定此查询。