Hi all,
I have documents that have an id and a set of tags (key/value pairs, the
keys being unique).
Example:
Id "servers.dfvimeodfs1.diskspace._srv_node_dfs12.byte_used"
Tags: {
- what:bytes
- plugin:diskspace
- target_type:gauge
- server:dfvimeodfs1
- mountpoint:_srv_node_dfs12
- type:used
}
I want to be able to retrieve all documents that match all given
conditions, where
"condition" can be any of the following:
- substring match on ID
- regexp match on ID
- a tag search where the tag key and tag value must match given strings
- a tag search where the tag key and tag value match substrings
- a tag search where the tag key and tag value are matched using regexp
(note for the last 3 conditions: it's not sufficient that the document has
a matching tag and a matching value, the tag key and value must correspond
(i.e. there must be a key-value pair for which the key and val match)
I did some research and I think I can just use the id as the id in
elasticsearch, but storing the tags is a little trickier.
my first idea (somewhat simplistic) was to just store each key/value-pair
as an attribute in the json, but
It seems like regexp (and term queries in general) don't support queries on
the keys, only on the values.
so maybe i should store each key-vale pair as something like
{
"key": ,
"val":
}
?
- is this overkill or the way to go? am I correct that I can't search on
keys /attribute names? - seeing as I only need equality checks, substrings and regexps, I think I
can disable all tokenizing/analyzing? - any advice on how to structure my documents and/or on configuring the
mapping would be very welcome - is there an elegant way to express the above conditions as a single
string and use
http://www.elasticsearch.org/guide/reference/query-dsl/query-string-query/
to work with user input directly?
right now my app* accepts "queries" like (the AND of) "match_id_on_this
tag_key_equals_this=tag_val_equals_this
tag_key_regex_match:tag_val_regex_match" and the app parses the input
string and generates a query but if I could feed in user input directly,
that would be pretty cool. i'm just not sure if what i want is possible
with this feature..
[*] https://github.com/vimeo/graph-explorer#query-parsing-and-execution
thanks!
Dieter
--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.