在elasticsearch查询中从数组中返回前n个元素
[英]Return first n element from array in elasticsearch query
问题描述
I have an array field in document named as IP which contains above 10000 ips as element.
我在名为 IP 的文档中有一个数组字段,其中包含 10000 ips 以上的元素。
for eg例如
IP:["192.168.a:A","192.168.a:B","192.168.a:C","192.168.A:b"...........]
Now i made a search query with some filter and i got the results but the problem is size of result very huge because of above field.现在我用一些过滤器进行了搜索查询,我得到了结果,但问题是由于上述字段,结果的大小非常大。
Now I want to fetch only N ips from array let say only 10 order doesn't matters.现在我只想从数组中获取 N ips 假设只有 10 个订单无关紧要。
So How do i do that...那我该怎么做...
update:更新:
Apart from IP field there are others fields also and i applied filter on that field not on IP .I want whole document which satisfies filters .I just want to limit the number of elements in single IP fields.(Let me know if there is any other way apart from using script also ).除了 IP 字段,还有其他字段,我在该字段上应用了过滤器,而不是在 IP 上。我想要满足过滤器的整个文档。我只想限制单个 IP 字段中的元素数量。(如果有,请告诉我除了使用脚本之外的其他方式)。
3 个解决方案
解决方案1
1 已采纳 2020-10-02 14:12:47
This kind of request could solve your problem :这种请求可以解决您的问题:
GET ips/_search
{
"query": {
"match_all": {}
},
"script_fields": {
"truncate_ip": {
"script": {
"source": """
String[] trunc_ip = new String[10];
for (int i = 0; i < 10; ++i) {
trunc_ip[i]= params['_source']['IP'][i];
}
return trunc_ip;
"""
}
}
}
}
解决方案2
0 2020-10-02 13:50:02
By default ES returns only 10 matching results so I am not sure what is your search query and what exactly you want to restrict默认情况下,ES 只返回 10 个匹配的结果,所以我不确定您的搜索查询是什么以及您到底想限制什么
- no of elements in single ip field单个 ip 字段中的元素数
- No of ip fields matching your search results与您的搜索结果匹配的 ip 字段数
Please clarify above and provide your search query to help further.请在上面澄清并提供您的搜索查询以提供进一步帮助。
解决方案3
0 2020-10-03 05:58:00
You can use scriptedFields for generating a new field from existing fields in Elastic Search.您可以使用scriptedFields从 Elastic Search 中的现有字段生成新字段。 Details added as comments.作为评论添加的详细信息。
GET indexName/_search
{
"_source": {
"excludes": "ips" //<======= Exclude from source the IP field (change the name based on your document)
},
"query": {
"match_all": {} // <========== Define relevant filters
},
"script_fields": {
"limited_ips": { // <========= add a new scipted field
"script": {
"source": "params['_source'].ips.stream().limit(2).collect(Collectors.toList())" // <==== Replace 2 with the number of i.ps you want in result.
}
}
}
}
Note:笔记:
- If you remove _source then only the scripted field will be the part of the result.如果您删除 _source,则只有脚本字段将是结果的一部分。
- Apart from accessing the value of the field, the rest of the syntax is Java.除了访问字段的值外,其余的语法都是 Java。 Change as it suits you.改变它适合你。
- Apart from non-analyzed text fields, use doc['fieldName'] to access the field with-in script.除了未分析的文本字段外,还可以使用 doc['fieldName'] 访问脚本内的字段。 It is faster.它更快。 See the below excerpt from ES docs :请参阅以下 ES 文档摘录:
By far the fastest most efficient way to access a field value from a script is to use the doc['field_name'] syntax, which retrieves the field value from doc values.
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.