使用bool查询进行弹性搜索聚合

时间:2020-06-19 09:02:09

标签: elasticsearch

这是我的弹性布尔查询。效果很好:

{
  "query": {
        "bool": {
            "filter": [
                {
                    "terms": {
                        "parent_uuid._raw": [
                            "87ec596a-109e-45ce-8a8d-7a2d1a56df81",
                            "07526608-8140-46be-96b9-c5f7cca4bd93"
                        ]
                    }
                },
                {
                    "terms": {
                        "resource_type._raw": [
                            "Zone"
                        ]
                    }
                }
            ]
        }
    },
    "from": 0
}

我要汇总名称字段。所以我添加了这个:

"aggs": {
    "group_by_name": {
        "terms": {
            "field": "display_name.keyword"
        }
    } }

但是结果是一样的。 我想念的是什么?

我得到的结果是:

{“设备资源”:[ { “ fq_name”:[ “默认域”, “ muthu1500”, “ EP”, “ JUNOS / Zone = oam” ], “ uuid”:“ 161cf82d-16fd-4219-861d-d50de622f8eb”, “ uri”:“ / ems-central / device-resource / 161cf82d-16fd-4219-861d-d50de622f8eb” }, { “ fq_name”:[ “默认域”, “ muthu1500”, “ EP”, “ JUNOS / Zone =不信任” ], “ uuid”:“ fe28fb7c-c087-4473-aeef-e302022f47a4”, “ uri”:“ / ems-central / device-resource / fe28fb7c-c087-4473-aeef-e302022f47a4” }, { “ fq_name”:[ “默认域”, “ muthu1500”, “ MNONZT”, “ JUNOS / Zone =信任” ], “ uuid”:“ 251a4a9e-acb4-49ed-9c29-499ddbceb532”, “ uri”:“ / ems-central / device-resource / 251a4a9e-acb4-49ed-9c29-499ddbceb532” }, { “ fq_name”:[ “默认域”, “ muthu1500”, “ MNONZT”, “ JUNOS / Zone =不信任” ], “ uuid”:“ a3417512-8953-4c1e-b68e-8390327d5213”, “ uri”:“ / ems-central / device-resource / a3417512-8953-4c1e-b68e-8390327d5213” }, { “ fq_name”:[ “默认域”, “ muthu1500”, “ SRX1500MD”, “ JUNOS / Zone =信任” ], “ uuid”:“ 1a5434c5-d47d-40be-bb00-ef1d244e6c0c”, “ uri”:“ / ems-central / device-resource / 1a5434c5-d47d-40be-bb00-ef1d244e6c0c” }],“总计”:5}

由于最后两个记录分别具有与第二个记录和第三个记录相同的display_name,因此汇总应仅显示其中一个。 我想要这个结果:

{“设备资源”:[ { “ fq_name”:[ “默认域”, “ muthu1500”, “ EP”, “ JUNOS / Zone = oam” ], “ uuid”:“ 161cf82d-16fd-4219-861d-d50de622f8eb”, “ uri”:“ / ems-central / device-resource / 161cf82d-16fd-4219-861d-d50de622f8eb” }, { “ fq_name”:[ “默认域”, “ muthu1500”, “ EP”, “ JUNOS / Zone =不信任” ], “ uuid”:“ fe28fb7c-c087-4473-aeef-e302022f47a4”, “ uri”:“ / ems-central / device-resource / fe28fb7c-c087-4473-aeef-e302022f47a4” }, { “ fq_name”:[ “默认域”, “ muthu1500”, “ MNONZT”, “ JUNOS / Zone =信任” ], “ uuid”:“ 251a4a9e-acb4-49ed-9c29-499ddbceb532”, “ uri”:“ / ems-central / device-resource / 251a4a9e-acb4-49ed-9c29-499ddbceb532” }],“总计”:3}

1 个答案:

答案 0 :(得分:1)

根据您的映射,您的terms聚合必须像这样(使用_raw子字段):

"aggs": {
  "group_by_name": {
    "terms": {
        "field": "display_name._raw"
    }
} }
相关问题
最新问题