Hi,
I am trying to perform group by on a string field. But as I understand, strings are tokenized and hence not able group by on the exact string. I found that it has to do with analyzer.
Is there a way I can do that?
Thanks in advance.
You don't have to have String fields analized. Check out the dynamic fields
You'll have to read up on mappings but here is what you will be looking for
https://www.elastic.co/guide/en/elasticsearch/reference/current/_multi_fields.html
You can set a field to Not be analyzed , or you can create an additional field so you can have a tokenized field or "raw" field
Yeah, I have about this earlier.
I haven't modified any mappings.
I used Logstash to load the logs into Elasticsearch. But now realized that I can't do a multi-field aggregation or exact string search.
So, do I have to reload the data for this to work now?