I am trying to create a query in elasticsearch, which is able to retrieve the documents for each group, which is the latest document within each group and meet a specific criteria. But I have not been able to solve this one.
Say the following documents are indexed in myindex in elasticsearch:
POST /myindex/_bulk
{ "index":{} }
{ "objid": 1, "ident":"group1","version":1, "chdate": 1, "field1" : 1}
{ "index":{} }
{ "objid": 2, "ident":"group1","version":2, "chdate": 2, "field1" : 0}
{ "index":{} }
{ "objid": 3, "ident":"group1","version":2, "chdate": 3, "field1" : 1}
{ "index":{} }
{ "objid": 4, "ident":"group1","version":2, "chdate": 4, "field1" : 0}
{ "index":{} }
{ "objid": 5, "ident":"group1","version":3, "chdate": 1, "field1" : 0}
I would like to find all documents, which has field1 set to x if the document with the highest chdate, for each ident and version, which has field1 set to x.
In a case where x is 0 then the documents, which has objid 4 and 5 should be returned In a case where x is 1 then the documents, which has objid 1 should be returned
ChatGpt suggested this query:
{
"size": 0,
"aggs": {
"ident": {
"terms": {
"field": "ident"
},
"aggs": {
"version": {
"terms": {
"field": "version"
},
"aggs": {
"top_hits_agg": {
"top_hits": {
"size": 1,
"sort": [
{
"chdate": {
"order": "desc"
}
}
]
}
},
"field1_filter": {
"bucket_selector": {
"buckets_path": {
"hits": "top_hits_agg.hits.hits",
"field1": "top_hits_agg.hits.hits._source.field1"
},
"script": {
"source": "params.field1 == 0"
}
}
}
}
}
}
}
}
}
But elasticsearch comes out with following error
{
"error" : {
"root_cause" : [
{
"type" : "action_request_validation_exception",
"reason" : "Validation Failed: 1: No aggregation found for path [top_hits_agg.hits.hits._source.field1];"
}
],
"type" : "action_request_validation_exception",
"reason" : "Validation Failed: 1: No aggregation found for path [top_hits_agg.hits.hits._source.field1];"
},
"status" : 400
}
Anyone who knows what the bucket path should be in this case
Thanks in advance