Elasticsearch – Use Script Filter/Conditon in Aggregation/Sub-Aggreagtion

Elasticsearch - Use Script Filter or Conditon in Aggregation or Sub-Aggreagtion

Elasticsearch – Use Script Filter/Conditon in Aggregation/Sub-Aggreagtion

Example 1 – REST:

GET /INDEX/TYPE/_search
{
     "size": 0,
     "aggs": {
          "FILTER_NAME": {
              "filter": {
                   "script": {
                        "script": "doc['field1'].value <  doc['field2'].value"
                   }
              }
          }
     }
}

Example 1 – Java API:

SearchRequestBuilder searchRequestBuilder = esClient			
	.prepareSearch("INDEX)
	.setTypes("TYPE")
	.setSize(0)
	.addAggregation(
		AggregationBuilders.filter("FILTER_NAME").filter(FilterBuilders.scriptFilter("doc['filed1'].value >  doc['field2'].value")));

SearchResponse searchResponse = searchRequestBuilder.execute().actionGet();
Map<String, Aggregation> aggMap = searchResponse.getAggregations().asMap();
InternalFilter filter = (InternalFilter) aggMap.get("FILTER_NAME");
System.out.println(filter.getDocCount());

Example 2 – REST:

GET /INDEX/TYPE/_search
{
     "size": 0,
     "aggs": {
          "AGGREGATION_NAME": {
               "terms": {
                    "field": "field1",
                    "size": 10
               },
               "aggs": {
                    "SUB_AGGREGATION_NAME": {
                         "filter": {
                              "script": {
                                   "script": "doc['field2'].value <  doc['field3'].value"
                              }
                         }
                    }
               }
          }
      }
}

Example 2 – Java API:

SearchRequestBuilder searchRequestBuilder = esClient
     .prepareSearch("INDEX")
     .setTypes("TYPE")
     .setQuery(query)
     .setSize(0)
     .addAggregation(
          AggregationBuilders.terms("AGGREGATION_NAME")
               .field("field1")
               .size(999999)
               .subAggregation(
                    AggregationBuilders.filter("SUB_AGGREGATION_NAME").filter(FilterBuilders.scriptFilter("doc['field2'].value > doc['field3'].value"))));

SearchResponse searchResponse = searchRequestBuilder.execute().actionGet();
Map<String, Aggregation> aggMap = searchResponse.getAggregations().asMap();
StringTerms terms = (StringTerms) aggMap.get("AGGREGATION_NAME");
List bucketList = terms.getBuckets();

for (Bucket bucket : bucketList) {
     InternalFilter filter= bucket.getAggregations().get("SUB_AGGREGATION_NAME");
     System.out.println(bucket.getKey()+":"+filter.getDocCount());
}

Related Links: 

Web Application for Elasticsearch :
  1. ElasticTab – Elasticsearch to Excel Report (Web Application)
Elasticsearch Plugin:
  1. Elasticsearch Plugin To Generate (Save and E-Mail) Excel Reports
Elasticsearch:
  1. Execute Multiple Search Query in Elasticsearch
  2. Monitor Elasticsearch Servers with Shell Script - E-Mail Notification
  3. Execute Raw Elasticsearch Query using Transport Client – Java API
  4. Elasticsearch – Apply Nested Filter on Nested (Inner) Aggregation
  5. Execute Multiple Search Query in Elasticsearch
  6. Enable CORS to Send Cross Domain Request to Elasticsearch using AJAX
  7. Elasticsearch Java API – Get Index List
  8. Elasticsearch Java API – Get Alias List
  9. Elasticsearch Java API - Get Type List from given Index
  10. Elasticsearch Java API – Get Field List for a given Index and Type
  11. Elasticsearch Java API – Get Index Type List Mapping
  12. Elasticsearch – Use Script Filter/Conditon in Aggregation/Sub-Aggreagtion
  13. Elasticsearch – Compare/ScriptFilter/Condition on Two Fields using Script Filter – REST Query + Java API
  14. Elasticsearch - Date/Time(String)  Add/Subtract Duration - Days,Months,Years,Hours,Minutes,Seconds
Logstash:
  1. Logstash – Process Log File Once and Exit/Stop Logstash After Reading Log File Once
  2. Measure Logstash Performance using Metrics Filter – Issue/Error in Syntax (Unknown setting ‘message’ for stdout)
  3. Logstash – Process Same Log File (File Input) from Beginning/Start
  4. Create Custom Filter/Plugin to Emit New Events Manually in Logstash
Logstash and Elasticsearch:
  1. Query Elasticsearch Cluster in Filter Section when using Logstash
  2. Custom Elasticsearch Index Name/Type Name based on Events in Logstash
MongoDB and Elasticsearch:
  1. Import Data from Mongo DB to Elasticsearch using Elasticsearch River
 Read More...

[ YOU MAY ALSO LIKE ]

Leave a Reply