geekpete
/ gist:0f569ce6c14aaf5701cdd4f01976fed7
Created
May 15, 2018 01:12
path_hierarchy tokenizer examples
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Path Hierarchy Examples | |
| DELETE /file-path-test/ | |
| # create mapping with file_path text field and two subfields for file path tree to be analyzed in two different ways using custom analyzers. | |
| # field <- customer analyzer <- customer tokenizer <- path_hierarchy tokenizer | |
| # | |
| PUT /file-path-test/ | |
| { |
geekpete
/ gist:50470f7de18b432b12116617448ce2d1
Created
December 18, 2017 02:43
— forked from human39/gist:8b80d51a75c99e64eb42
Logstash split field solution.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Problem: We have a log line that includes a perl class that we want to log the class | |
| and method in their respected fields. An example class and method in perl: | |
| Animal::Dog::bark | |
| In this example, "bark" is the method. "Animal::Dog" is the class. | |
| After some searching and hacking, I found a solution that works with Logstash 1.4.2 | |
| Assume the input is "Animal::Dog::bark". |
geekpete
/ gist:ff8a1f99df14b1a023260ffc1166965f
Created
November 30, 2017 23:29
reindexing only child docs from a parent-join index to a new index in Elasticsearch 6.0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # based on the v6 docs for parent-join | |
| # https://www.elastic.co/guide/en/elasticsearch/reference/current/parent-join.html | |
| DELETE /my_index | |
| DELETE /my_index-new | |
| PUT my_index | |
| { | |
| "mappings": { | |
| "doc": { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Keybase proof | |
| I hereby claim: | |
| * I am geekpete on github. | |
| * I am geekpete (https://keybase.io/geekpete) on keybase. | |
| * I have a public key ASDGWhEt45Mpu9NrvY2k_y4OJm29hE1q0If-iYMIu9rqZQo | |
| To claim this, I am signing this object: |
geekpete
/ filter using an aggregation - can it be done?
Last active
February 8, 2017 07:13
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ensure library index is removed if doing repeated testing | |
| DELETE /library | |
| # add the sample data | |
| PUT library/book/1 | |
| { | |
| "title": "demian", | |
| "writer" : "Hermann Hesse", | |
| "edition" : 1, | |
| "contents" : "We have been playing with adding new facets to search on the Marketplaces" |
geekpete
/ console example.txt
Created
January 31, 2017 10:44
Counting all docs in an Elasticsearch nested mapping index
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ensure the test index is deleted if we've tested previously | |
| DELETE /my_index/ | |
| # create the index with two nested fields | |
| PUT my_index | |
| { | |
| "mappings": { | |
| "my_type": { | |
| "properties": { | |
| "user": { |
geekpete
/ source filtering and filter path examples
Last active
December 15, 2016 01:33
source filtering and filter_path
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "If you want to filter _source fields, you should consider combining the already existing _source parameter (see Get API for more details) with the filter_path parameter" | |
| Response Filtering (filter_path): | |
| https://www.elastic.co/guide/en/elasticsearch/reference/current/common-options.html#common-options-response-filtering | |
| Source Filtering: | |
| https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-get.html#get-source-filtering | |
geekpete
/ source filtering and filter path examples
Created
December 15, 2016 01:04
source filtering and filter_path
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| GET /birthday/_search | |
| { | |
| "took": 1, | |
| "timed_out": false, | |
| "_shards": { | |
| "total": 5, | |
| "successful": 5, | |
| "failed": 0 | |
| }, |
geekpete
/ bool query fails in 5.0 but worked in previous version
Last active
November 3, 2016 06:46
bool query failing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "from": 0, | |
| "size": 10, | |
| "timeout": "10s", | |
| "query": { | |
| "bool": { | |
| "must": [ | |
| { | |
| "multi_match": { | |
| "query": "test", |
geekpete
/ elasticsearch dynamic mapping examples
Last active
October 27, 2016 04:39
Elasticsearch Dynamic Mapping Examples
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # dynamic mapping, true vs false vs strict | |
| # | |
| # First review the short section of documentation around this functionality as it will aid in understanding: | |
| # https://www.elastic.co/guide/en/elasticsearch/reference/2.4/dynamic.html | |
| # | |
| # This entire example can be pasted into Sense (now called Console inside the Dev Tools section of Kibana since 5.0) | |
| # and each command run, beware that this will create indices in the Elasticsearch cluster that Kibana is pointed at, | |
| # but should not affect existing indices. | |
| # | |
| # TODO: need to add some examples of how document fields are searchable/aggregateable or not. |