已更新
我有以下elastic-search查询。通过汇总,可以得出以下结果。
尝试了以下 Andrey Borisko 的示例,但就我的一生而言,我无法使其正常工作。
我的确切查询
GET employee-index/_search
{
"aggs": {
"companyId": {
"terms": {
"field": "companyId"
},
"aggs": {
"filtered": {
"filter": {
"multi_match": {
"fields": [
"fullName.edgengram",
"number"
],
"query": "brenda"
}
}
}
}
}
},
"query": {
"bool": {
"must": [
{
"multi_match": {
"fields": [
"fullName.edgengram",
"number"
],
"query": "brenda"
}
}
],
"filter": [
{
"terms": {
"companyId": [
3849,
3867,
3884,
3944,
3260,
4187,
3844,
2367,
158,
3176,
3165,
3836,
4050,
3280,
2298,
3755,
3854,
7161,
3375,
7596,
836,
4616
]
}
}
]
}
}
}
我的确切结果
{
"took" : 14,
"timed_out" : false,
"_shards" : {
"total" : 1,
"successful" : 1,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : {
"value" : 3,
"relation" : "eq"
},
"max_score" : 8.262566,
"hits" : [
{
"_index" : "employee-index",
"_type" : "_doc",
"_id" : "67207",
"_score" : 8.262566,
"_source" : {
"companyGroupId" : 1595,
"companyId" : 158,
"fullName" : "Brenda Grey",
"companyTradingName" : "Sky Blue",
}
},
{
"_index" : "employee-index",
"_type" : "_doc",
"_id" : "7061",
"_score" : 7.868355,
"_source" : {
"companyGroupId" : 1595,
"companyId" : 158,
"fullName" : "Brenda Eaton",
"companyTradingName" : "Sky Blue",
}
},
{
"_index" : "employee-index",
"_type" : "_doc",
"_id" : "107223",
"_score" : 7.5100465,
"_source" : {
"companyGroupId" : 1595,
"companyId" : 3260,
"fullName" : "Brenda Bently",
"companyTradingName" : "Green Ice",
}
}
]
},
"aggregations" : {
"companyId" : {
"doc_count_error_upper_bound" : 0,
"sum_other_doc_count" : 0,
"buckets" : [
{
"key" : "158",
"doc_count" : 2,
"filtered" : {
"doc_count" : 2
}
},
{
"key" : "3260",
"doc_count" : 1,
"filtered" : {
"doc_count" : 1
}
}
]
}
}
}
**This is how i want the filtered-companies results to look**
"aggregations": {
"companyId": {
"doc_count_error_upper_bound": 0,
"sum_other_doc_count": 0,
"buckets": [
{
"key": "158",
"doc_count": 2,
"filtered": {
"doc_count": 2 (<- 2 records found of brenda)
}
},
{
"key": "3260",
"doc_count": 1,
"filtered": {
"doc_count": 1 (<- 1 records found of brenda)
}
},
{
"key": "4616",
"doc_count": 0,
"filtered": {
"doc_count": 0 (<- 0 records found of brenda)
}
},
... and so on. Basically all the other companies that are in the filtered list i want to display with a doc_count of 0.
]
}
答案 0 :(得分:1)
据我所了解,您希望独立于查询运行聚合或聚合的一部分。在这种情况下,您应该使用Global Aggregation
评论后更新
在这种情况下,您需要使用filter aggregation。因此,例如,您当前具有以下类型的查询(简化了示例):
GET indexName/_search
{
"size": 0,
"query": {
"match": {
"firstName": "John"
}
},
"aggs": {
"by_phone": {
"terms": {
"field": "cellPhoneNumber"
}
}
}
}
成为这个:
GET indexName/_search
{
"size": 0,
"aggs": {
"by_phone": {
"terms": {
"field": "cellPhoneNumber"
},
"aggs": {
"filtered": {
"filter": {
"match": {
"firstName": "John"
}
}
}
}
}
}
}
输出看起来会有些不同:
...
"aggregations" : {
"by_phone" : {
"doc_count_error_upper_bound" : 0,
"sum_other_doc_count" : 260072,
"buckets" : [
{
"key" : "+9649400",
"doc_count" : 270,
"filtered" : {
"doc_count" : 0 <-- not John
}
},
{
"key" : "+8003000",
"doc_count" : 184,
"filtered" : {
"doc_count" : 3 <-- this is John
}
},
{
"key" : "+41025026",
"doc_count" : 168,
"filtered" : {
"doc_count" : 0 <-- not John
}
}
...
现在,如果您还需要查询结果,则必须将其包装在全局聚合中,如下所示:
GET indexName/_search
{
"size": 20,
"from": 0,
"query": {
"match": {
"firstName": "John"
}
},
"aggs": {
"all": {
"global": {},
"aggs": {
"by_phone": {
"terms": {
"field": "cellPhoneNumber"
},
"aggs": {
"filtered": {
"filter": {
"match": {
"firstName": "John"
}
}
}
}
}
}
}
}
}
根据您的查询查看的版本:
GET employee-index/_search
{
"size": 0,
"aggs": {
"filtered": {
"filter": {
"bool": {
"filter": [
{
"terms": {
"companyId": [
3849,
3867,
3884,
3944,
3260,
4187,
3844,
2367,
158,
3176,
3165,
3836,
4050,
3280,
2298,
3755,
3854,
7161,
3375,
7596,
836,
4616
]
}
}
]
}
},
"aggs": {
"by_companyId": {
"terms": {
"field": "companyId",
"size": 1000
},
"aggs": {
"testing": {
"filter": {
"multi_match": {
"fields": [
"fullName"
],
"query": "brenda"
}
}
}
}
}
}
}
}
}