Query aggregation help

Elastic Stack Elasticsearch
1

Hi All,

I have an index filled with the documents following this format:

        "_source": {
            "reportNumber": #a non unique number ranging from 0- 500,000
            "text":  #roughly a paragraph of text
            }

Each reportNumber appears in multiple documents with the text changing each time.
I would like to query the text for multiple phrases, for example "test" and "document", and to return all reportNumbers containing all of the search phrases. However, the problem with searching normally is that the phrases may not appear in the same individual document but it does appear across the aNumber. For example if there are documents like:

reportNumber: 1
text:"This is some"

reportNumber :1
text:"sample text"

reportNumber:2
text:"some sample"

reportNumber:3
text:"irrelevant document"

So a search with the phrases "some" and "sample" would return reportNumbers 1 and 2.

I guess it somewhat be like grouping all documents by aNumber then searching for an AND query across those groups.

I know this would be doable with a scripting language by querying individual phrases and saving the aResults in multiple lists, then comparing the common results between the lists, I'm just trying to figure out if it's possible with aggregation.

If anyone could give any pointers that would be great thanks :slight_smile:

2

Hi All,

I have managed to solve it! The way I search across the non-unique number is by grouping it into 'buckets' and then doing a filter + aggregation for the terms I am searching for (in Kibana). I suspect this is a pretty simple problem for anyone experienced but thought I should share how I did it just in case someone as lost as I was comes across it.

Cheers, Luke

3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.