Structure for query with multiple sub queries with the same structure but different parameters

I am trying to analyse speed exceedances along a route, and what I would like is a query that returns all results together (all speed exceedances), which is the result of individual section by section queries (because each section has a different speed limit). Something like the following:

(section: 1 AND speed_limit 1) OR
(section: 2 AND speed_limit 2) OR ...
(section: i AND speed_limit i) OR
Where i is quite large, maybe 1000 to cover the whole network map. Is there any harm in just combining large numbers of small queries? Is there a better way to structure them? Are there any specialist queries that could help simplify?

Hey,

this is one is tough to answer without knowing more about the data model. In general, there is a limit of the number of bool clauses, see Search settings | Elasticsearch Guide [8.0] | Elastic

Would it be possible to populate data prior to indexing or use a runtime field to expose the information of speeding?

--Alex

Probably not prior to indexing because the speed limits can change through time, I think runtime might be too much of a performance hit. We might just need to try with a large number of search settings. We did wonder about storing the results of the individual queries in a separate index but this would take away from the live nature of the system. Further thoughts welcome.

If the speed limits can change over time, maybe an enrich processor might be an interesting option? See Set up an enrich processor | Elasticsearch Guide [8.0] | Elastic for more information

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.