Search code examples
elasticsearchelasticsearch-5elasticsearch-aggregationelasticsearch-dsl

How to write a elastic search query to get the list of 50 questions with the date and the count

I need to use 2 below MUST conditions while writing the elastic search query

MUST - ("source.keyword": "SONAX1")

MUST - ("answer.keyword": "UNHANDLED")

Required fields ( Questions & timestamp & aggregation count) & SIZE = 50 records needed

My timestamp is in epoch format and while displaying the records need to show in the date format.

Below is the query Tried

{

"query":{ "bool": { "must": { "term": { "answer.keyword": "UNHANDLED" } }, "must": { "term": { "source.keyword": "sonax" } } } }, "aggs": { "MyBuckets": { "terms": { "field": "question.keyword",”timestamp”, "sort":{ "_timestamp": "desc" "_source": { "includes": [ "source":"question.keyword",”timestamp”,

}, "size": "50" } } } }

Below is the errors:

  1. Duplicate Key must syntax error

enter image description here

Please check this: some synatx is missing

enter image description here

Solution

  • incorrect json, it will duplicate names because of the must. Please try:

    {
   "query":{
      "bool":{
         "must":[
            {
               "term":{
                  "answer.keyword":"UNHANDLED"
               }
            },
            {
               "term":{
                  "source.keyword":"sonax"
               }
            }
         ]
      }
   }
}