弹性搜索桶过滤

问题描述 投票:0回答:1

我想从聚合桶中过滤数据。我写了这样的查询

{
    "size":0,
    "aggregations": {
        "latestNode": {
            "terms": {"field": "uri"},
            "aggregations": {
                "top_nodes": {
                    "top_hits": {
                        "sort": [
                            {
                                "timestamp": {
                                    "order": "desc"
                                }
                            }
                        ],
                        "size" : 1
                    }
                }
            }
        }
    }
}

在此之后,我得到的结果如下:

{
    "took": 14,
    "timed_out": false,
    "_shards": {
        "total": 10,
        "successful": 10,
        "skipped": 0,
        "failed": 0
    },
    "hits": {
        "total": 6,
        "max_score": 0,
        "hits": []
    },
    "aggregations": {
        "latestNode": {
            "doc_count_error_upper_bound": 0,
            "sum_other_doc_count": 0,
            "buckets": [
                {
                    "key": "2FF70002AC01F743",
                    "doc_count": 2,
                    "top_nodes": {
                        "hits": {
                            "total": 2,
                            "max_score": null,
                            "hits": [
                                {
                                    "_index": "VirtualDB",
                                    "_type": "doc",
                                    "_id": "E85FnWgBhR1fwKHvHfpI",
                                    "_score": null,
                                    "_source": {
                                        "uri": "2FF70002AC01F743",
                                        "status": "WARNING",
                                        "name": "Test_20k_11Test1",
                                        "timestamp": 1548664071116
                                    },
                                    "sort": [
                                        1548664071116
                                    ]
                                }
                            ]
                        }
                    }
                },
                {
                    "key": "vDB1234",
                    "doc_count": 2,
                    "top_nodes": {
                        "hits": {
                            "total": 2,
                            "max_score": null,
                            "hits": [
                                {
                                    "_index": "VirtualDB",
                                    "_type": "doc",
                                    "_id": "Es5EnWgBhR1fwKHvm_r5",
                                    "_score": null,
                                    "_source": {
                                        "uri": "vDB1234",
                                        "status": "OK",
                                        "name": "Test_20k_11Test",
                                        "timestamp": 15486640781116
                                    },
                                    "sort": [
                                        15486640781116
                                    ]
                                }
                            ]
                        }
                    }
                },
                {
                    "key": "2FF70002AC01F744",
                    "doc_count": 1,
                    "top_nodes": {
                        "hits": {
                            "total": 1,
                            "max_score": null,
                            "hits": [
                                {
                                    "_index": "VirtualDB",
                                    "_type": "doc",
                                    "_id": "Fc5GnWgBhR1fwKHvPvrm",
                                    "_score": null,
                                    "_source": {
                                        "uri": "2FF70002AC01F744",
                                        "status": "WARNING",
                                        "name": "Test_20k_11Test1",
                                        "timestamp": 1548664061116
                                    },
                                    "sort": [
                                        1548664061116
                                    ]
                                }
                            ]
                        }
                    }
                },
                {
                    "key": "vDB1235",
                    "doc_count": 1,
                    "top_nodes": {
                        "hits": {
                            "total": 1,
                            "max_score": null,
                            "hits": [
                                {
                                    "_index": "VirtualDB",
                                    "_type": "doc",
                                    "_id": "Ec5DnWgBhR1fwKHvb_oe",
                                    "_score": null,
                                    "_source": {
                                        "uri": "vDB1235",
                                        "status": "OK",
                                        "name": "Test_20k_11Test",
                                        "timestamp": 15486640751116
                                    },
                                    "sort": [
                                        15486640751116
                                    ]
                                }
                            ]
                        }
                    }
                }
            ]
        }
    }
}

现在我想根据条件从桶中删除一些项目

如果uri = vDB1234并且“status”=“OK”,“name”=“Test_20k_11Test”则删除

{
                                        "uri": "vDB1234",
                                        "status": "OK",
                                        "name": "Test_20k_11Test",
                                        "timestamp": 15486640781116
                                    }

聚合桶中的第二位感谢您提前帮助

elasticsearch elasticsearch-aggregation
1个回答
0
投票

如果要从整个结果集中删除它,可以使用查询块。在这种情况下,首先运行查询,并对查询结果执行聚合。

{
"query": {
    "bool" : {
        "must": [
            // Your conditions here
        ]
    }
},
"size":0,
"aggregations": {
    "latestNode": {
        "terms": {"field": "uri"},
        "aggregations": {
            "top_nodes": {
                "top_hits": {
                    "sort": [
                        {
                            "timestamp": {
                                "order": "desc"
                            }
                        }
                    ],
                    "size" : 1
                }
            }
        }
    }
}
© www.soinside.com 2019 - 2024. All rights reserved.