hi team,
I want to select all the users from user index and filter software engineers from user_job index and result should display in bucket aggregation
Welcome.
What did you do so far?
Could you provide a full recreation script as described in About the Elasticsearch category. It will help to better understand what you are doing. Please, try to keep the example as simple as possible.
A full reproduction script will help readers to understand, reproduce and if needed fix your problem. It will also most likely help to get a faster answer.
hi @dadoonet
this is my query
GET metric/_search
{
"size": 0,
"query": {
"bool": {
"filter": [
{
"range": {
"@timestamp": {
}
}
}
]
}
},
"aggs": {
"group": {
"terms": {
"field": "user.keyword",
"size": 10000
},
"aggs": {
"Score": {
"terms": {
"script": {
"lang": "painless",
"source": "\r\n long fixed= 0 ;\r\n"
}
}
}
}
}
}
}
this is my result
"aggregations" : {
"group" : {
"doc_count_error_upper_bound" : 0,
"sum_other_doc_count" : 0,
"buckets" : [
{
"key" : "david warner",
"doc_count" : 203,
"Score" : {
"doc_count_error_upper_bound" : 0,
"sum_other_doc_count" : 0,
"buckets" : [
{
"key" : "1.0",
"doc_count" : 84
},
{
"key" : "2.0",
"doc_count" : 49
}]}}]}}
i want to check these user roles are engineer. And user_roles field in another index called user_role. i need a buckets aggregation results after checking users are engineer.(it is something like select users from user and select user from user_role where role=engineer) . need to deal with two indexes
thank you
You can't do that in elasticsearch (doing joins at search time).
Unless you use the parent/child feature - but I'd use it only and only if I don't have any other choice.
I prefer doing joins at index time instead. Which means only index one type of document.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.