Sridhar
March 23, 2020, 5:52am
1
Hi,
GET indexname/_search
{
"query": {
"dis_max": {
"queries": [
{ "match": { "data.target.sampler.keyword": "CPU" }},
{ "match": { "data.row.Hostname.keyword": "HOSTNAME-21" }},
{ "match": { "data.name.keyword": "Average_cpu" }}
]
}
},
"size": 1,
"sort": [
{
"@timestamp": {
"order": "desc"
}
}
]
}
but in result I'm getting different hostnames.. I expect the result to be only for the "data.row.Hostname.keyword" value
The dismal query matched one or more of the queries so there is no guarantee the middle one must match. How come you are not using a Boolean query on terms instead?
Sridhar
March 23, 2020, 7:30am
3
Hi,
I tried bool must but no luck..
GET indexname/_search
{
"_source": [ "data.row.Hostname", "data.row.PerUtili" ],
"query": {
"bool": {
"must": [
{ "match": { "data.target.sampler": "aaCPU" }},
{ "match": {"data.row.Hostname": "HOSTNAME-21"}},
{ "match": {"data.row.CPU": "Average_cpu"}}
]
}
}, "size": 1,
"sort": [
{
"@timestamp": {
"order": "desc"
}
}
]
}
Sridhar
March 23, 2020, 7:36am
4
Hi.. Used keyword in bool must query.. it works now.
thanks for your help
system
April 20, 2020, 7:36am
5
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
