Hello,
looking for some help to "extract" the first value in an array inside a document.
I have this field called " orchestratorOutput.categoricalListData.ACPredictions " that is logging an array of values (ex.: OTHER, PYMTCONF2, COMPCRI, PYMTCONF, SPAM, OOOAA, R4C_GENERAL, R4C_LIFT, R4C_ABROAD, R4C_DEATH, R4C_OUTPORT, INTTEST, R4C_TOGETHER, R4C_TELECLUB, R4C_RETIREMENT, SPONS, R4C_POST2PRE, R4C_EMPLLEAVES, R4C_DATASUB, R4C_COMPANYCLOSED)
now, I need to return in an new field, just the first value (before the ",")...
I tried it in several ways, but i'm not able to return it...
f.ex: if I use just doc['orchestratorOutput.categoricalListData.ACPredictions.keyword'].value it returns always "COMPCRI" that is the first value in alphabetical order...
any tips how to do it?
thanks a lot.
ps. I'm just a "business"-guy with very limited tech skills
This is a bit difficult to do with Elasticsearch as all arrays that are indexed in Elasticsearch won't be ordered, they will be like a bag of elements. The simplest way would be to either get the first element at ingest or to save the field as a string(again, at ingest, before it was indexed).
Otherwise, you would have to enable the _source field and then use something like: params._source[ 'orchestratorOutput.categoricalListData.ACPredictions'] in order to access the ordered array.
Hello @Marius_Dragomir, thanks a lot for your support!
luckily _source field is already enabled...
I tried with your suggested code and I always get " - " as result.
then I tried just params._source.orchestratorOutput.categoricalListData.ACPredictions and it returns the full content.
what I would need is just the first word before the first " , "
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
