1,110 questions
-1
votes
1
answer
45
views
Why is this 5 Hour Date Histogram bucket starting at 3am?
So I know that Date Histograms can be quite tricky, so I have tested this in as easy of an environment as possible.
I have an index with 1 document. This document has a date field "2025-04-25T05:...
- 2,633
1
vote
0
answers
41
views
How can my elasticsearch query be optimized?
My query is taking more than a minute to execute most of the time. The index being queried also receives frequent write updates — at least 500 requests per minute. This is the query I am talking about:...
- 928
1
vote
1
answer
118
views
elastalert2 aggregation send alert to email includes repeating texts after table
I am sending count of statusCode in access log from elasticsearch using elastalert2.
i am able to send and receive alert via email, but i am receiving repeating texts after the table. (the repeating ...
- 11
1
vote
0
answers
56
views
Why is my new Elasticsearch index slower under load despite optimized mapping?
We've created a new Elasticsearch index (test-events-v4) with what we believed to be a more optimized mapping for storage. However, during load testing, we've observed significantly higher 99th ...
- 928
0
votes
0
answers
31
views
Does a high size value in Elasticsearch terms aggregation increase memory usage if fewer buckets are returned?
I'm using a terms aggregation in Elasticsearch and have a question about the size parameter.
If I set size: 1000 in the aggregation, but the actual number of buckets returned is always much lower—say ...
- 27
0
votes
1
answer
58
views
Elasticsearch Terms Aggregation query causes CPU spikes and too slow to respond
Quick info on my index and the data stores:
Index contains about 1.2 billion documents spread across 14 shards --> 350 GB of data and each shard having 25-30 GB of Data.
The index has a keyword ...
- 43
0
votes
0
answers
30
views
Elasticsearch date_range aggregation with +4w starts on Sunday instead of ISO week Monday — Bug or expected behavior?
I'm using an Elasticsearch date_range aggregation with weekly offsets like +4w, and I'm seeing what seems to be incorrect behavior: the range boundaries resolve to midnight on Sunday, rather than ...
0
votes
0
answers
22
views
Aggregation based on range and term
Problem: I want to have a bucket with range aggregation on win probability. But instead of having Bucket of "WON" based on win probability, have it on Constants.REVENUE_STATUS is "WON&...
- 399
0
votes
0
answers
10
views
Elasticsearch get values from multiple documents based on common value
I have to fetch the values from different documents in Elasticsearch.
Ex. documents like
BOOKS, AUTHORS, SALES
Books contains values like (id, name, pagecount, type, price, category... etc)
Authors ...
- 725
1
vote
0
answers
43
views
ElasticSearch: Need to aggregate on an aggregation to get count of status values based on last field for each session
We have a series of status updates for projects and the last update for a given project is the one we want to report on in several ways. For instance:
ProjectID
DateTime
EventDescription
001
2024-12-...
- 39
0
votes
0
answers
28
views
Elasticsearch Aggregations: Trying to use an alphabetical bucket sort within a terms aggregation
I am currently using Elasticsearch 8.15. I am in a bit of a conundrum trying to achieve outer and inner bucket sorting for strings (sorted asc or desc alphabetically). My index, hazard, looks a little ...
0
votes
1
answer
47
views
Elastic search : multiple criterias on text search
I've a question to setting my index in elastic Search.
My index has 3 fields: desig, desigSec and idRef.
In my UI application, i've a single input to search in theses 3 fields.
So i've defined this ...
0
votes
1
answer
249
views
How to Create a Histogram of Summed Nested Fields in OpenSearch?
I am working with an OpenSearch index where each document represents a dispute and contains a nested array of transactions. My goal is to compute the sum of a specific field in the nested transactions ...
- 13.9k
0
votes
1
answer
176
views
post_filter after applying top_hits aggregation not working in elastic search
Expectation:
I need all users which are not successful in their last attempt.
Actual/My Approach:
I applied aggregation by userId and top_hits with size of 1 document which is sorted in descending ...
- 1
1
vote
1
answer
65
views
How to Count Unique Assets with Specific Severity in Elasticsearch?
I have data as follows:
{
"_index": "index",
"_id": "...",
"_score": 4.512486,
"_source": {
"...
- 451
0
votes
1
answer
238
views
Elasticsearch Nested Aggregations with Spring data elasticsearch 5.2
Help Needed: Perform a Nested Aggregation with Spring Data Elasticsearch 5.2.6 and Elasticsearch-rest-client 8.10
I'm working on a project using Elasticsearch with Spring Data Elasticsearch 5.2.6, and ...
- 308
1
vote
1
answer
112
views
How can I count all the occurrences within my date_histogram?
I'm trying to get a total count of my aggregations based on group_by_asset's field:summary.severity. Below is my es query:
{
"runtime_mappings": {
// Your runtime mappings here
},
&...
- 451
0
votes
1
answer
39
views
Elasticsearch aggregation name syntax documented somewhere?
I got the error message
Aggregation names can contain any character except '[', ']', and '>'
from Elasticsearch when a ">" somehow ended up in an aggregation name. Is that documented ...
- 1,897
0
votes
1
answer
81
views
ReactiveElasticsearchClient query composite aggregation not return all result
I use ReactiveElasticsearchClient to query composite aggregation but not return all result.
I mean I add all docCount value in return message manually, the result is not same as the document total ...
- 55
0
votes
1
answer
208
views
How Elastic Search Composite Aggregation On Whole Index And Return Whole Result
I have tried to call a Composite Aggregation in ES but return only few results, clearly, it only do the composite aggregation on 10 records.
Same ask as title: How Elastic Search Composite Aggregation ...
- 55
1
vote
2
answers
143
views
Does Elastic Search have an equivalent to SQL Group By aggregation?
I know Elastic Search could do aggregation, but you know DB aggregation is not totally same as ES world.
Like we do below in DB:
select a, b, c, d, sum(e), sum(f)
from some_table nolock
group by a, b, ...
- 55
0
votes
1
answer
79
views
Aggregation sorting based on either of 1 key in open search
Consider below is the 2 documents got after aggregation , now i need to sort on the documents.
Document 1:
{
'startDate' :'2023-02-01',
'endDate' : '2022-02-01'
}
Documet 2 :
{
'endDate' : '2024-02-...
- 5,212
0
votes
1
answer
72
views
Elastic Search Watcher parsing exception
I am trying to create a elasticsearch watcher which will get some aggregation in last 20 mins with the following conditions:
type is equal to fax
Plan is equal to plan_a
And the aggregations are:
...
- 21
1
vote
1
answer
275
views
Different aggregation count for the same value
In Elasticsearch facing an issue in an aggregation query. The issue is as follow,
I am asking for two different aggs in the same query. The first is “show me the doc counts for subject.label for these ...
- 367
0
votes
1
answer
51
views
Unique count of a document based on an array property of a nested property
Assuming it's the mapping of my index below, i want to create an elastic aggregation query to count the number of documents for each element of test array property
Mapping
"mappings": {
...
0
votes
1
answer
60
views
Can anyone help me simplify the complex nested aggregation in an Elasticsearch? Or is it final result
I am trying to understand how to dynamically build the aggregations with nested and regular filters for regular or nested fields, so, my final query looks like code below and would be fine if it can ...
0
votes
1
answer
416
views
Opensearch Nested aggregation - get buckets for specific nested property
Version
Opensearch 2.13
Description
I am exploring the possibility of generating facets from my index in Opensearch using bucket aggregations and the search API. I am trying to find how to generate ...
- 503
0
votes
1
answer
39
views
percentitles aggregation in Elastic Search just gives percentile value as whatever is given in missing parameter
I just simplified my query as this
GET /index-name/_search
{
"from": 0,
"query": {
"bool": {
"filter": [
{
"terms": {
...
- 85
0
votes
1
answer
1k
views
Aggregation for Terms in new Java client - is there a generic way to get the results?
When creating aggregation in new API Java client I came into a problem.
this is how I create my request. some of my fieldnames are of type string. some can be long or double etc
Map<String, ...
- 1,641
0
votes
1
answer
42
views
How to Filter Aggregated Results in Elasticsearch for List Type Field Used in Field Aggregation?
I want to do aggregation on the list field in elasticsearch. But while doing same, as this is list field if there is other value along with searched value inside the list then aggregation will also ...
0
votes
2
answers
243
views
Elasticsearch - Case insensitive aggregation not working
ES version - 7.17.7
I've an index for which I' running an aggregation to get all field matching certain regex. This should be case-insensitive i.e.
new york should match New York and NEW YORK and New ...
- 46
0
votes
1
answer
65
views
Elastic Search Query to filter records where value in 2 columns of the record are equal
I am working with Elastic Search Version 6.8.22 and have an index where I have 2 columns: Column A and Column B. I want to filter out all records where values for Column A is equal to Column B. How ...
0
votes
1
answer
65
views
Boosting buckets in aggregation ElasticSearch
I have an elasticsearch query that I am using to group by results by a text field called category in my documents. One more key in my _docs is called id of type integer. Now, there are two ...
0
votes
1
answer
106
views
Elasticsearch/OpensSearch query for product variations
I am using AWS OpenSearch database which is a fork of Elasticsearch. My use case is as follows:
A product contains an ID, a title, a brand, a productGroupId
Query: Given a string, find all products ...
- 1,089
1
vote
0
answers
43
views
Elasticsearch Query to Retrieve Sales Data for Filtered Products in a Single Query which both resides in a single index
I have an Elasticsearch index with two types of records: one for product data (including item_code, color, size, etc.), and another for sales data containing the item_code and related sales ...
- 405
0
votes
0
answers
164
views
Elasticsearch Min/Max aggregation returned the value_as_string in 'format'+'epochtimeinmillis'
In Elasticsearch 7.16, for some date fields the Min/Max aggregation returned a value as 'format_specifiedin*_*the_aggregation'+'epochtimeinmillis', however for some other date fields it is returning ...
- 11
1
vote
0
answers
127
views
Alternative to FiltersAggregator.KeyedFilter in new Java Elasticsearch client
currently we are in the process of migrating to spring boot 3 ,and since there aren't many migration guides and examples with alternatives to specific queries and aggregations:
What's the alternative ...
- 11
0
votes
1
answer
44
views
How to aggregate elasticsearch results based on concrete value of another aggregation?
i've problems to correctly filter my data based on previously aggregated result.
I've the following mapping for my elasticsearch data:
"properties": {
"day": {
"type&...
- 3
0
votes
0
answers
24
views
Is there a way to combine filter aggs as sub aggs?
I'm trying to create aggregations for certain matches.
GET /test_index_search
{
"aggregations": {
"fooAggregation": {
"filters": {
"filters":...
- 757
0
votes
1
answer
54
views
Elasticsearch Query to Retrieve a Fixed Number of Documents from Each Index
I have an Elasticsearch setup with multiple indexes (let's say a, b, c, d, e, and f). My goal is to retrieve a total of 20 documents, with exactly 4 documents from each index. However, if any index ...
- 2,392
0
votes
0
answers
76
views
Getting error when using variable_width_histogram aggregation 'Too many buckets'
We are trying to execute a query to get variable_width_histogram aggregation results but getting an error 'Trying to create too many buckets'. However bucket size in query is 10. When trying to get ...
-1
votes
1
answer
628
views
How can I order by grouped fields count in elasticsearch?
My data objects contain 3 string fields: section, category and username.
I want to do grouping by category and username and find out the top 20 "section" and their count in the grouping i ...
- 26
0
votes
1
answer
503
views
Elasticsearch sort by field in top hits parameter
I am trying to sort data by top_hits parameter in search query Elasticsearch but somehow it didn't affect anything. can anyone please help me with this one?
so I've tried using sort as some people ...
- 7
0
votes
1
answer
391
views
Elasticsearch order by field in top hits aggregation
I am trying to sort data by top_hits parameter in search query Elasticsearch but somehow it didn't affect anything. can anyone please help me with this one?
so I've tried using sort as some people ...
- 7
0
votes
1
answer
227
views
Elasticsearch "ignore_above" issues
Index Mapping(In Kibana)
GET /new_index/_mapping
I already reset the "ignore_above" to the larger size, but it seems not working for my index when I query for searching.
I heard from other ...
- 15
0
votes
1
answer
48
views
Elasticsearch show sum of same keys of each data
can anyone please help me with this complicated sum with elasticsearch since I've been searching and trying for days, yet seems no one have the same problem as mine.
let say I have this sample data :
[...
- 7
0
votes
1
answer
153
views
how to limit the response size in terms aggregation in elastic search
Am using below elastic search query and getting the response, but how to limit the response size of each itemDetails.itemId specified in the query.
elastic search version: 8.7.1
sample elatic search ...
- 109
0
votes
1
answer
115
views
how to sort the data before applying terms aggregation in elastic search
we want to sort the data using few fileds before applying terms aggregation, tried using terms and sort sub aggregation using which sort is working however terms aggregation is giving duplicate ...
- 109
0
votes
1
answer
44
views
Is that a way to use elastic search replace the specific field data to null when retriving search result?
I need to use elastic search in nestjs to query to retrieve some result from index.
Requirements: I need all results including access_level: "Restricted" and access_level: "...
- 15
0
votes
1
answer
238
views
Elastic dump from 8.9 to 2.3 throwing errors
When I ran the below command
C:\Users\ASDF>elasticdump --input=http://username:pwd@domainname/indexnameone/ --output=http://username:pwd@domainnameone/indexnametwo --type=data
The error is
...
- 6,224