Discuss the Elastic Stack

Filter by a regexp inside a terms aggregation

Elastic Stack Elasticsearch

misterone April 11, 2020, 12:23am 1

Hi,
Is there a way to group by field1 only when field1 matches the following logic :
field1 contains ALL of the keywords in this list : [keyword1, keyword2, keyword3]
I have a working example for 1 keyword but I can't do it with more than 1:

"aggs": {
        "xxx": {
            "terms": {
                "field": "field1",
                "include": ".*keyword1.*"
            }
        }
    }

I would like to implement the regexp on this stackoverflow discussion but it doesn't work because the regexp syntax of Lucene is different :

misterone April 11, 2020, 3:32am 2

Ideally I would like to add the flags : "ALL" to the regexp to be able to do something like this : ```

"aggs": {
        "xxx": {
            "terms": {
            	"flags": "ALL",
                "field": "field1",
                "include": ".+keyword1.+&.+keyword2.+"
            }
        }
    }

misterone April 11, 2020, 4:05pm 3

Other options would be to :

filter this on the back end side. But isn't it less performant ? Elastic is going to aggregate against every possible field where in fact I might be only interested in some of them.
I could also try a bucket selection aggregation, but I would hope there is a better way.

system (system) Closed May 9, 2020, 4:17pm 4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

© 2020. All Rights Reserved - Elasticsearch

Elasticsearch is a trademark of Elasticsearch BV, registered in the U.S. and in other countries
Trademarks
Terms
Privacy
Brand
Code of Conduct

Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.