elasticsearch - 使用弹性搜索查询过滤和匹配
问题描述
我在下面的弹性搜索查询中应用辅助过滤器时遇到问题。只有第一个过滤器匹配。我希望两个过滤器都应用于查询。
"query": {
"bool": {
"must": [
{
"bool": {
"filter": {
"range": {
"@timestamp": {
"gte": "2019-03-12",
"lte": "2019-03-13"
}
}
}
}
},
{
"bool": {
"filter": {
"bool": {
"must": {
"match": {
"msg_text": "foo AND bar"
}
}
}
}
}
}
]
}
}
解决方案
Well I've mentioned two solutions, first one makes use of Match Query while the second one makes use of Query String.
Also I'm assuming msg_text field is of type text.
Difference is that, query_string uses a parser, that would parse the text you mention based on the operators like AND, OR.
While match query would read the text, analyse the text and based on it constructs a bool query. In the sense you don't need to mention operators and it won't work
You can read more about them in the links I've mentioned.
1. Using Match Query
POST <your_index_name>/_search
{
"query":{
"bool":{
"filter":{
"bool":{
"must":[
{
"range":{
"@timestamp":{
"gte":"2019-03-12",
"lte":"2019-03-13"
}
}
},
{
"match":{
"msg_text":"foo bar"
}
}
]
}
}
}
}
}
2. Using Query String
POST <your_index_name>/_search
{
"query":{
"bool":{
"filter":{
"bool":{
"must":[
{
"range":{
"@timestamp":{
"gte":"2019-03-12",
"lte":"2019-03-13"
}
}
},
{
"query_string":{
"fields": ["msg_text"], <----- You can add more fields here using comma as delimiter
"query":"foo AND bar"
}
}
]
}
}
}
}
}
Technically nothing is wrong with your solution, in the sense, it would work, but I hope my answers clear, simplifies the query and helps you understand what you are trying to do.
Let me know if it helps!
推荐阅读
- python - 将移动数字键盘数字转换为其对应的单词 Python
- node.js - 无法使用 process.env 连接到数据库 | 乏味 | 节点
- hadoop - 线程“主”java.lang.OutOfMemoryError 中的 Flume 异常:Java 堆空间
- ruby-on-rails - 按空值降序排列
- android - 如何在电池上推送图像?
- dart - Dart 2 与 TypeScript 的 typeof 等价物是什么?
- javascript - 何使用 javascript 在网站中实现 razorpay 支付方式
- wordpress - WooCommerce 插件无法激活
- selenium-webdriver - Selenium - WebDriver 和 Chrome 驱动程序
- flutter - 当应用程序在前台时,云消息传递 onMessage 回调永远不会被调用,但 onResume 和 onLaunch 确实会被调用?