我有两个弹性搜索查询
如何将这两个quires合并为一个查询?我正在努力为这两个类似的需求写一个signle查询。请帮我解决这个问题。谢谢
{
"query": {
"filtered": {
"query": {
"match": {
"payment_type": "paypal"
}
},
"filter": {
"range": {
"transaction_date": {
"from": "2014-11-10",
"to": "2014-11-10"
}
}
}
}
},
"aggs": {
"daily_price_sum": {
"sum": {
"field": "price"
}
},
"daily_post_sum": {
"sum": {
"field": "purchased_post_count"
}
}
}
}
{
"size": 0,
"query": {
"match": {
"payment_type": "paypal"
}
},
"aggs": {
"daily_price_sum": {
"sum": {
"field": "price"
}
},
"daily_post_sum": {
"sum": {
"field": "purchased_post_count"
}
}
}
}
答案 0 :(得分:13)
如果您使用的是版本低于1.4.0的ES,则可以使用Filter Aggregations。查询相同如下:
{
"size": 0,
"query": {
"match": {
"payment_type": "paypal"
}
},
"aggs": {
"daily_price_sum": {
"sum": {
"field": "price"
}
},
"daily_post_sum": {
"sum": {
"field": "purchased_post_count"
}
},
"one_day_aggs": {
"filter": {
"range": {
"transaction_date": {
"from": "2014-11-10",
"to": "2014-11-10"
}
}
},
"aggs": {
"daily_price_sum": {
"sum": {
"field": "price"
}
},
"daily_post_sum": {
"sum": {
"field": "purchased_post_count"
}
}
}
}
}
}
但是如果您使用的是ES 1.4.0,则可以使用Filters Aggregation使查询更紧凑。查询相同如下:
{
"size": 0,
"query": {
"match": {
"payment_type": "paypal"
}
},
"aggs": {
"transactions": {
"filters": {
"filters": {
"one_day": {
"range": {
"transaction_date": {
"from": "2014-11-10",
"to": "2014-11-10"
}
}
},
"all_days": {
"match_all": {}
}
}
},
"aggs": {
"daily_price_sum": {
"sum": {
"field": "price"
}
},
"daily_post_sum": {
"avg": {
"field": "purchased_post_count"
}
}
}
}
}
}
我也看到你对查询命中不感兴趣,但只对聚合值感兴趣。在这种情况下,您可以通过使用ES 1.4.0中的Shard Query Cache来提高这些聚合的性能。要使用此功能,请启用链接中提到的分片查询缓存,并将以下参数添加到_search操作:
search_type=count。