Elastics search query to filter out result having value A in list but not B

elasticsearch filter
elasticsearch terms query
elasticsearch multiple filters
elasticsearch bool query
elasticsearch nested query
elasticsearch contains query
[term] query does not support array of values
elasticsearch filter terms

I am trying to form a query where, requirement is to filter only those data where country is india but not usa.

Sample data.

{
  "data": {
    "attributes": {
      "name": "test",
       "country": ["india","usa","japan"]
    }
  }
}

As , in the above example we have both india and usa, it should not filter the result.

whereas it should filter if the data is in the format mentioned below.

ex1:

{
  "data": {
    "attributes": {
      "name": "test",
       "country": ["india","japan"]
    }
  }
}

ex2:

{
  "data": {
    "attributes": {
      "name": "test",
       "country": ["india"]
    }
  }
}

You can use the filter (or must) and must_not clauses in a boolean query. In case I understood your requirement correctly, you could use the following.

{
  "query": {
    "bool" : {
      "filter": {
        "term" : { "data.attributes.country" : "india" }
      },
      "must_not" : {
        "term" : { "data.attributes.country" : "usa" }

      }
    }
  }
}

The documentation for both boolean and term are quite extensive and contain many example.

Query and filter context | Elasticsearch Reference [7.8], By default, Elasticsearch sorts matching search results by relevance score, which Besides deciding whether or not the document matches, the query clause also They will filter out documents which do not match, but they will not affect the score the significand's precision will be converted to floats with loss of precision. Select Nested Field Value along with other fields using nest in Elastic Search. 0. Elastics search query to filter out result having value A in list but not B.

The question, looked a bit confusing. I am assuming, you don't want India and USA to come together. Based on the above assumption, the below query is shared.

"query": {
        "bool": {
            "must": [{
                    "term": {
                        "tags": {
                            "value": "india"
                        }
                    }
                }
            ],
            "must_not": [{
                    "term": {
                        "tags": {
                            "value": "usa"
                        }
                    }
                }
            ]
        }
    }

Matching by array elements - Elasticsearch, I have to construct quite a non-trivial (as it seems to be now) query in Elasticsearch. Index the documents with the string array just like that and search using a bool query (bool filter in 1.x) with each term in the OR b) find records where each of resulting elements is false, i.e. 'D = false AND E = false'. Elasticsearch supports a large number of queries. A query starts with a query key word and then has conditions and filters inside in the form of JSON object. The different types of queries have been described below. Match All Query. This is the most basic query; it returns all the content and with the score of 1.0 for every object.

The query looks like this:

GET countries/_search
{
  "query": {
    "bool": {
      "must": [
        {
          "term": {
            "data.attributes.country.keyword":{
              "value": "india"
            }
          }
        }
      ],
      "must_not": [
        {
          "term": {
            "data.attributes.country":{
              "value": "usa"
            }
          }
        }
      ]
    }
  }
}

Response:

{
  "took" : 2,
  "timed_out" : false,
  "_shards" : {
    "total" : 1,
    "successful" : 1,
    "skipped" : 0,
    "failed" : 0
  },
  "hits" : {
    "total" : {
      "value" : 2,
      "relation" : "eq"
    },
    "max_score" : 0.16786805,
    "hits" : [
      {
        "_index" : "countries",
        "_type" : "_doc",
        "_id" : "3",
        "_score" : 0.16786805,
        "_source" : {
          "data" : {
            "attributes" : {
              "name" : "test",
              "country" : [
                "india"
              ]
            }
          }
        }
      },
      {
        "_index" : "countries",
        "_type" : "_doc",
        "_id" : "2",
        "_score" : 0.13353139,
        "_source" : {
          "data" : {
            "attributes" : {
              "name" : "test",
              "country" : [
                "india",
                "japan"
              ]
            }
          }
        }
      }
    ]
  }
}

Steps to reproduce:

PUT countries  

PUT countries/_doc/1
{
  "data": {
    "attributes": {
      "name": "test",
      "country": [
        "india",
        "usa",
        "japan"
      ]
    }
  }
}

PUT countries/_doc/2
{
  "data": {
    "attributes": {
      "name": "test",
      "country": [
        "india",
        "japan"
      ]
    }
  }
}

PUT countries/_doc/3
{
  "data": {
    "attributes": {
      "name": "test",
      "country": [
        "india"
      ]
    }
  }
}

Query where fields from different indexes are not all equal , Can i query across 2 indexes with just 2 common fields and get other fields in the Only A and B are common between these indexes, however i want all the in one doc in each index has a different value to the rest of the fields in that doc, Not sure if you meant your issue was with searching or with the results returned. I have two custom Dynamics 365 entities: Pharmacy_History and Pharmacy_Contact. Pharmacy_History references Pharmacy Contact as a lookup field. When a Pharmacy_History record is created or updated a flow is triggered. In the flow I need to list all history records having the same contact. Some calcu

Query string query | Elasticsearch Reference [7.8], The * value extracts all fields that are eligible for term queries and filters the (​Optional, array of strings) Array of fields you wish to search. just think how many terms need to be queried to match the query string "a* b* c*" . and would not match if the field is missing or set with an explicit null value like the following: The AND/OR/NOT operators can be used to fine tune our search queries in order to provide more relevant or specific results. This is implemented in the search API as a bool query. The bool query

Match query | Elasticsearch Reference [7.8], See the rewrite parameter for valid values and more information. If the fuzziness parameter is not 0 , the match query uses a rewrite method of The match query supports multi-terms synonym expansion with the synonym_graph token filter. the type of the aggregation · Indexing aggregation results with transforms. In today’s lesson, you’re going to learn how to filter query results using the WHERE clause. This clause is important as only those records matching the where clause’s conditions are returned in the query results. The objectives of today’s lesson are to: Learn about various condition types, such as Equality, Range, and Membership

In which order are my Elasticsearch queries/filters executed , You might have heard or read in the past that filters are executed before not compute the score on documents that do not match filters, the truth is on all sub clauses and return the minimum of the results. Conjunctions (a AND b AND . Call advance(target) on the clause that has the least cost() value. Parameter value: query_then_fetch. The request is processed in two phases. In the first phase, the query is forwarded to all involved shards. Each shard executes the search and generates a sorted list of results, local to that shard.

Comments
  • have you had any success with my answer?
  • What is "commodo" and "velit"? And where do you see a tags field in the shared sample documents?