我有key value一对对。是否可以精确匹配key&的值,然后检查其value范围值?
key value
key
value
示例:在doc下面oracle_props是一个带有名称,值对的数组。我需要检查它是否具有"oracle_cursors"键,然后检查它的值是否小于1000。
oracle_props
"oracle_cursors"
GET /eg/message/_percolate { "doc": { "client": { "name": "Athena", "version": 1, "db": { "@type": "Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 64bit", "oracle_props": [ { "@name": "open_cursors", "@value": 4000 }, { "@name": "USER_ROLE_PRIVS_COUNT", "@value": 1 }, { "@name": "CREATE_PERMISSION", "@value": "Y" } ] } } } }
以下是我的过滤器。
我还需要检查以下内容,以便返回3结果
3
1&2是and操作,并且3或4中的任何一个都应该满足3。我需要第4点的帮助,下面是我的查询。另外,请提出是否有更好的方法。
PUT /eg/.percolator/3 { "query": { "filtered": { "filter": { "or": [ { "missing": { "field": "client.db.oracle_props.@name" } } ] }, "query": { "bool": { "must": [ { "match": { "client.name": "Athena" } }, { "match": { "client.db.@type": "Oracle" } } ] } } } } }
更新资料
我可以下面有什么吗
{ "match": { "client.db.oracle_props[name='open_cursors'].value": 4000 } }
更多尝试
我遵循elasticsearch 嵌套查询,并通过重新索引将映射更改为nestedtype。谁能找到问题我为什么要得到nested: NullPointerException;?
nested: NullPointerException;
PUT /eg/.percolator/3 { "nested" : { "path" : "client.db.oracle_props", "score_mode" : "avg", "query" : { "bool" : { "must" : [ { "match" : {"client.db.oracle_props.@name" : "open_cursors"} }, { "range" : {"client.db.oracle_props.@value" : {"lt" : 4000}} } ] } } } }
映射变化
... "properties": { "@type": { "type": "string" }, "oracle_props": { "type" : "nested", "properties": { "@name": { "type": "string" }, "@value": { "type": "long" } } } } ...
让我们开始吧:
db
oracle_props.@value
long
Y
CREATE_PERMISSION
range lt 4000
lte
我没有得到您要求的缺失值,因此我跳过了它。
为了使您走上正确的道路,我必须对它进行一些简化(因为我无法完全理解问题中的所有问题,对不起)
我也不打算进行渗透,而是将所有内容重命名为twitter / tweet,因为这对于我从示例中复制而言更容易。
1)创建空索引“ twitter”
curl -XDELETE 'http://localhost:9200/twitter/' curl -XPUT 'http://localhost:9200/twitter/'
2)为实际的“ tweet”创建geo_point映射
curl -XPUT 'http://localhost:9200/twitter/tweet/_mapping' -d ' { "tweet": { "properties": { "db": { "type": "object", "properties": { "@type": { "type": "string" }, "oracle_props": { "type": "nested", "properties": { "@name": { "type": "string" }, "@value": { "type": "string" } } } } } } } }'
3)让我们检查一下是否设置了映射
curl -XGET 'http://localhost:9200/twitter/tweet/_mapping?pretty=true'
4)发布一些带有嵌套数据的推文
curl -XPUT 'http://localhost:9200/twitter/tweet/1' -d '{ "name": "Athena", "version": 1, "db": { "@type": "Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 64bit", "oracle_props": [ { "@name": "open_cursors", "@value": 4000 }, { "@name": "USER_ROLE_PRIVS_COUNT", "@value": 1 }, { "@name": "CREATE_PERMISSION", "@value": "Y" } ] } }'
5)仅嵌套查询
curl -XGET localhost:9200/twitter/tweet/_search -d '{ "query": { "nested" : { "path" : "db.oracle_props", "score_mode" : "avg", "query" : { "bool" : { "must" : [ { "term": { "db.oracle_props.@name": "open_cursors" } }, { "range": { "db.oracle_props.@value": { "lte": 4000 } } } ] } } } } }';
6)查询“雅典娜”和“ Oracle”
curl -XGET localhost:9200/twitter/tweet/_search -d '{ "query" : { "bool" : { "must" : [ { "match" : {"tweet.name" : "Athena"} }, { "match" : {"tweet.db.@type" : "Oracle"} } ] } } }'
7)结合前两个查询
curl -XGET localhost:9200/twitter/tweet/_search -d '{ "query" : { "bool" : { "must" : [ { "match" : {"tweet.name" : "Athena"} }, { "match" : {"tweet.db.@type" : "Oracle"} }, { "nested" : { "path" : "db.oracle_props", "score_mode" : "avg", "query" : { "bool" : { "must" : [ { "term": { "db.oracle_props.@name": "open_cursors" } }, { "range": { "db.oracle_props.@value": { "lte": 4000 } } } ] } } } } ] } } }'
结果为
{ "took": 2, "timed_out": false, "_shards": { "total": 5, "successful": 5, "failed": 0 }, "hits": { "total": 1, "max_score": 2.462332, "hits": [ { "_index": "twitter", "_type": "tweet", "_id": "1", "_score": 2.462332, "_source": { "name": "Athena", "version": 1, "db": { "@type": "Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 64bit", "oracle_props": [ { "@name": "open_cursors", "@value": 4000 }, { "@name": "USER_ROLE_PRIVS_COUNT", "@value": 1 }, { "@name": "CREATE_PERMISSION", "@value": "Y" } ] } } } ] } }
