Canvas - How to do a nested Query?

MarkusP · April 4, 2019, 1:47pm

Hi there,

I have in the ES 6.7 stack an index with a nested mapping an use a nested query in dashboards and queries

GET /client/_search
{
  "query": {
    "nested": {
      "path": "params",
      "query": {
        "bool": {
          "must": [
            {
              "match": {
                "params.paramname": "namePlaceholder"
              }
            },
            {
              "match": {
                "params.value": "false"
              }
            }
          ],
          "must_not": [
            {
              "match": {
                "params.value": "CLIENTTYPE_SPARE"
              }
            },
            {
              "match": {
                "params.value": "CLIENTTYPE_HTML"
              }
            }
          ]
        }
      }
    }
  }
}

I tried to do something similiar in canvas using esql but i failed, because i found no solution like the nested query https://www.elastic.co/guide/en/elasticsearch/reference/current/nested.html

Then I tied to use the QUERY function in the where part of the sql, but that is not supported.

Is there something i can do in the expression builder to solve this problem or anything else?

I think i could solve some of my issues in logstash by generating additional fields (derived property ) but this isn t possible for all my issues.

thomasneirynck · April 4, 2019, 8:34pm

@MarkusP

this is not possible in Canvas right now. I would log an ER https://github.com/elastic/kibana/issues/new/choose

MarkusP · April 5, 2019, 7:20am

@thomasneirynck Thank you for the information.
I created an RFE https://github.com/elastic/kibana/issues/34607 as you suggested.

system · May 3, 2019, 7:22am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.