so have query 2 levels of aggregation , filter aggregation named timestamps_bucket_filter
{ "size": 0, "aggregations": { "colors": { "terms": { "field": "color" }, "aggregations": { "timestamps": { "date_histogram": { "field": "timestamp", "interval": "1m", "order": { "_key": "desc" } }, "aggregations": { "timestamps_bucket_filter": { "bucket_selector": { "buckets_path": { "counterts": "_count" }, "script": { "lang": "expression", "script": "counterts <= 50" } } } } } } } } } now, add sub-aggregation below timestamps_bucket_filter, like:
{ "size": 0, "aggregations": { "colors": { "terms": { "field": "color" }, "aggregations": { "timestamps": { "date_histogram": { "field": "timestamp", "interval": "1m", "order": { "_key": "desc" } }, "aggregations": { "timestamps_bucket_filter": { "bucket_selector": { "buckets_path": { "counterts": "_count" }, "script": { "lang": "expression", "script": "counterts <= 50" } }, "aggregations": { <-- add aggregation "name": { "terms": { "field": "name" } } } } } } } } } } unfortunately, getting aggregation [timestamps_bucket_filter] cannot define sub-aggregations
is there workaround barrier. need names under filter-script have created.
thanks in advance.
this seems defect. novice reading of docs claims exact opposite:
the interesting part comes next. since each bucket defines document set (all documents belonging bucket), 1 can potentially associate aggregations on bucket level, , execute within context of bucket. real power of aggregations kicks in: aggregations can nested!
https://www.elastic.co/guide/en/elasticsearch/reference/current/search-aggregations.html
Comments
Post a Comment