Elastic Search

How Do I Filter Elasticsearch Results?

3 years ago
by John Otieno
By default, Elasticsearch uses a relevance score to sort the results from a search query. A relevance score determines how relevant a document is depending on the queried data.

However, we can apply filters to narrow down and maximize the relevant documents returned from a query.

This guide will learn how to apply conditions in an Elasticsearch query to filter out more precise query results.

Filter by Term

We can use the term query to filter out results in a query. For example, the query below filters out documents where the city name is New York.

GET /kibana_sample_data_ecommerce/_search

{

  "query": {

    "bool": {

      "filter": [

        {"term": {

          "geoip.city_name": "New York"

        }}

      ]

    }

  }

}

In the example query above, we use a boolean filter to search for documents that match the city_name as “New York.”

The example result for this is:

Multiple Terms

You can also match documents that match two or more terms. For example, we can query for records where the type = order and region = “New York”

GET /kibana_sample_data_ecommerce/_search

{

  "query": {

    "bool": {

      "filter": [

        {"term": {

          "type": "order"

        }},

        {

          "term": {

            "geoip.region_name": "New York"

          }

        }

      ]

    }

  }

}

In such an example, both the type and geoip.region_name fields must evaluate true to the searched term.

Example result:

Range Filter

To filter by a numeric value, you can use boolean conditions. For example, to filter for results where the price of the product is greater than 1000, we can do:

GET /kibana_sample_data_ecommerce/_search

{

  "query": {

    "bool": {

      "filter": [

        {"range": {

          "products.base_price": {

            "gte": 1000

          }

        }}

      ]

    }

  }

The above query should filter the documents where the base_price of the items is greater than or equal to 1000.

Here are some example results:

Filter by Phrase

Suppose you only recall a specific phrase and do not want to fetch all the documents in the index? You can use must and match_phrase to narrow down the results.

For example, what if we only want to get the products under the men’s category but are unsure of all the specific types? We can run a query as:

GET /kibana_sample_data_ecommerce/_search

{

  "query": {

    "bool": {

      "must": [

        {"match_phrase": {

          "products.category": "Men's"

        }}

      ]

    }

  }

}

In the example above, we use the boolean must to ensure the matched phrase matches the one specified.

Below are example results:

Must Not filter

We can also use the must_not filter to remove all documents that contain a specific phrase or range. For example, to exclude all the documents where the purchase date is Monday, we can do:

GET /kibana_sample_data_ecommerce/_search

{

  "query": {

    "bool": {

      "must_not": [

        {"match": {

          "day_of_week": "Monday"

        }}

      ]

    }

  }

}

Example results return documents that do not contain the day_of_week as Monday.

Conclusion

This guide discussed filtering Elasticsearch results using boolean conditional such as range, must, and more.

About the author

John Otieno

My name is John and am a fellow geek like you. I am passionate about all things computers from Hardware, Operating systems to Programming. My dream is to share my knowledge with the world and help out fellow geeks. Follow my content by subscribing to LinuxHint mailing list

View all posts