I wrote this query in SQL and now I needed it in the elastic search. How can I do that? Answer Here you go: You need to use should clause for or and must clause for and. You need to use term or match query based on your requirement.
Tag: elasticsearch
select a single field with applying filters in elasticsearch
I would like to select all the filename field values by ACCOUNT and APPLICATION_NAME Assuming as in SQL I need to do this : this is a screenshot of a log entry sample in the kibana interface Answer selecting the unique values of a specific field is exactly like running an aggregation query at one of the SQL databases for
Use having on SQL Query
I’m use the next query to get the average of memory used, but only need get data when average is more than x value And show me the next error Found 1 problemnline 1:152: Cannot use HAVING filter on non-aggregate [@timestamp]; use WHERE instead” And when use WHERE clause, like this Show the next error Found 1 problemnline 1:8: Cannot
how to save database versioning as a sql_last_version variable in logstash
What I’m trying to do is to save the greatest version of rows in the sql_last_value parameter as shown below in my log.conf file after each time it executes. This is my log.conf for logstash: for instance, this is my table: I’m expecting to store 600 as the last_version parameter. I’m sure if mistaken or not, I’ve got no ideas
How to keep SQL data and Elasticsearch in-sync, and which to search from?
I’ve seen two solutions mentioned, and was wondering what most people do. Use logstash Code your application to make writes to Elasticsearch alongside SQL. For example, Another question is how to handle actually searching the entity? Do you ONLY use Elasticsearch? If not, I would assume you fetch from Elasticsearch based on keywords and use the IDs returned to filter
SQL Where clause equivalent for Elastic Search
I am trying to create a aggregate results in elastic search but filter option is not working for me. I can aggregate data without filter e.g. but I am facing problems to write equivalent DSL query of : Answer Should be something like this: Use a filter if you know the exact value and do not need a match, else