Creating filters per aggregation similar to Facets

Kibana provides a good example of date histograms, split out by each
"query" entered at the top in the "Query" bar. It essentially creates
multiple free text queries against "all".

I see it generates per facet filter, with a free text (query_string)
search.
Since facets are to be depreciated, I am now only using aggregations (in a
custom application - unrelated to Kibana). I have tried this with
aggregations without success.
I also realize there is something new coming in 1.4, but I assume with
multiple aggregations, (vs. multiple filters to create multiple buckets) I
can do this today.

Here is a oversimplified version of the date histogram aggregation I have
(without the leading query section - consider it pseudo code)

The "filter" section is the part in question. Removing the filter works, I
have tried all types of "filter" formats, looked for samples, etc. no luck.
I have tried {"all" : "search term"}
as well as:
{"query_string": { "all" : "search terrm" }}

I've tried a specific field name, etc. All attempts are not proving
fruitful.

Pseudo example using aggregations:

"aggregations" : {
"0" : {
"date_histogram" : {
"filter" : { "query_string" : { "query" : "Intel" } },
"field" : "created_at",
"interval" : "1d",
"min_doc_count" : 0
}
},
"1" : {
"date_histogram" : {
"filter" : { "query_string" : { "query" : "Samsung" } },
"field" : "created_at",
"interval" : "1d",
"min_doc_count" : 0,
"pre_zone" : "-02:00",
"post_zone" : "-03:30"
}
}
}

Here is the Facet version (which works - note
Filtered/query/query_string/query):

{
"facets": {
"0": {
"date_histogram": {
"field": "created_at",
"interval": "3h"
},
"global": true,
"facet_filter": {
"fquery": {
"query": {
"filtered": {
"query": {
"query_string": {
"query": "Intel"
}
},
"filter": {
"bool": {
"must": [
{
"terms": {
"userid": [

"53d02d6aed9597f3c60000fa"
]
}
},
{
"range": {
"created_at": {
"from": "now-30d",
"to": "now"
}
}
}
]
}
}
}
}
}
}
},
"1": {
"date_histogram": {
"field": "created_at",
"interval": "3h"
},
"global": true,
"facet_filter": {
"fquery": {
"query": {
"filtered": {
"query": {
"query_string": {
"query": "Samsung"
}
},
"filter": {
"bool": {
"must": [
{
"terms": {
"userid": [

"53d02d6aed9597f3c60000fa"
]
}
},
{
"range": {
"created_at": {
"from": "now-30d",
"to": "now"
}
}
}
]
}
}
}
}
}
}
}
}
}

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/3f2cbee2-1f7d-49cc-8451-3268dbef4804%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Trying using a filter aggregation:

The idea is that the filter is the outer most aggregation and the
aggregation you actually want to filter is the sub-aggregation.

Cheers,

Ivan

On Mon, Aug 11, 2014 at 6:18 PM, Jeff Steinmetz <jeffrey.steinmetz@gmail.com

wrote:

Kibana provides a good example of date histograms, split out by each
"query" entered at the top in the "Query" bar. It essentially creates
multiple free text queries against "all".

I see it generates per facet filter, with a free text (query_string)
search.
Since facets are to be depreciated, I am now only using aggregations (in a
custom application - unrelated to Kibana). I have tried this with
aggregations without success.
I also realize there is something new coming in 1.4, but I assume with
multiple aggregations, (vs. multiple filters to create multiple buckets) I
can do this today.

Here is a oversimplified version of the date histogram aggregation I have
(without the leading query section - consider it pseudo code)

The "filter" section is the part in question. Removing the filter works,
I have tried all types of "filter" formats, looked for samples, etc. no
luck. I have tried {"all" : "search term"}
as well as:
{"query_string": { "all" : "search terrm" }}

I've tried a specific field name, etc. All attempts are not proving
fruitful.

Pseudo example using aggregations:

"aggregations" : {
"0" : {
"date_histogram" : {
"filter" : { "query_string" : { "query" : "Intel" } },
"field" : "created_at",
"interval" : "1d",
"min_doc_count" : 0
}
},
"1" : {
"date_histogram" : {
"filter" : { "query_string" : { "query" : "Samsung" } },
"field" : "created_at",
"interval" : "1d",
"min_doc_count" : 0,
"pre_zone" : "-02:00",
"post_zone" : "-03:30"
}
}
}

Here is the Facet version (which works - note
Filtered/query/query_string/query):

{
"facets": {
"0": {
"date_histogram": {
"field": "created_at",
"interval": "3h"
},
"global": true,
"facet_filter": {
"fquery": {
"query": {
"filtered": {
"query": {
"query_string": {
"query": "Intel"
}
},
"filter": {
"bool": {
"must": [
{
"terms": {
"userid": [

"53d02d6aed9597f3c60000fa"
]
}
},
{
"range": {
"created_at": {
"from": "now-30d",
"to": "now"
}
}
}
]
}
}
}
}
}
}
},
"1": {
"date_histogram": {
"field": "created_at",
"interval": "3h"
},
"global": true,
"facet_filter": {
"fquery": {
"query": {
"filtered": {
"query": {
"query_string": {
"query": "Samsung"
}
},
"filter": {
"bool": {
"must": [
{
"terms": {
"userid": [

"53d02d6aed9597f3c60000fa"
]
}
},
{
"range": {
"created_at": {
"from": "now-30d",
"to": "now"
}
}
}
]
}
}
}
}
}
}
}
}
}

--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/3f2cbee2-1f7d-49cc-8451-3268dbef4804%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/3f2cbee2-1f7d-49cc-8451-3268dbef4804%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/CALY%3DcQCxZ-UvGirHes9yk1JMjfk-2YxAPdAG-1T-hCsAD_zZsw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.