i have a simple search query, where i am searching all the documents that falls in a data range. i have more than 50K results, with in which i want to display only top 1000 results based on date. this way my query can also be faster, as the user will also be interested to see only the 1000 results max at a time.
how can i archive this? please help.
Can you show us the query you currently have?
i am using the below query, and thought that it would return 1000 records (as i mentioned size:1000 in agg), but it returns all.
{
"query" : {
"bool" : {
"must" : {
"range" : {
"filetimestamp" : {
"from" : "2016-01-01T00:00:00.000-0800",
"to" : "2016-08-31T17:11:37.393-0700",
"include_lower" : true,
"include_upper" : true
}
}
}
}
},
"fields" : "filename",
"sort" : [ {
"filetimestamp" : {
"order" : "desc"
}
} ],
"aggregations" : {
"filenames" : {
"terms" : {
"field" : "filename",
"size" : 1000
}
}
}
}
I believe you misread what size refers to here. According to
The size parameter can be set to define how many term buckets should be returned out of the overall terms list.
I think what might help you is using the following:
Hope this helps,
Isabel
{
"size":1000,
"query" : {
"bool" : {
"must" : {
...Hi,
thanks for the response. but i dont think this is helping. though i give 1000 in size, it is returning all the results in console.
thanks
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.