I want to process the result if a field is occurring 'n' number of times while running a query. I am not referring to the count attribute where we get the total number but I want to get a result only if a particular field is occuring n number of times. Ideally i would do this outside the query but was wondering if there is a way to let the query itself handle this.
Can you give some examples of documents you're matching against, as well as which would and would not match? That way there are some concrete scenarios.
Okay,
Consider the following:
{
"User": "John",
"Action": "Failed login"
"Timestamp": "2019-05-16 23:59:55"
}
.
.
.
{
"User": "John",
"Action": "Logged in"
"Timestamp": "2019-05-16 23:59:59"
}
A user John tries to login but is unable to do so. In which case the first document applies. I can query and check for match and get the total hits for that user's 'Failed login'. That will give me the total number of times that user tried to login unsuccessfully. However, what i want is to check if the user is trying to login 'n' number of times before being successful.
Is there a way to check that directly in the query itself. I want to avoid writing any additional code.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.