Elasticsearch aggregations group and extract summaries out of your data.
Aggregations belong into four main families:
-
Bucketing
-
Bucketing aggregations build buckets (groups) and put documents into relevant bucket based on some criteria. Each bucket is associated with a key and a document criterion
-
-
Metric
-
Metric Aggregations compute metrics over a set of documents.
-
Two types:
-
Single value numeric metric aggregations (output single value)
-
avg, sum, min, max, cardinality.
-
-
Multi value numberic metric aggregations (output multiple values).
-
-
-
-
Matrix
-
Matrix aggregations operate on multiple fields and produce a matrix result based on the values extracted from the requested document fields. Unlike metric and bucket aggregations, this aggregation family does not yet support scripting.
-
-
Pipeline
-
Pipeline Aggregations aggregate the output of other aggregations and their associated metrics.
-
Aggregations can be nested
We can can associate aggregations on the bucket level, and those will execute within the context of that bucket. Bucketing aggregations can have sub-aggregations (bucketing or metric). There is no hard limit on the level/depth of nested aggregations.
Metric aggregations cannot contain other aggregations.
Basic Structure of Aggregations
"aggregations" : {
"<aggregation_name>" : {
"<aggregation_type>" : {
<aggregation_body>
}
[,"meta" : { [<meta_data_body>] } ]?
[,"aggregations" : { [<sub_aggregation>]+ } ]?
}
[,"<aggregation_name_2>" : { ... } ]*
}
Example: Single value metric aggregation avg
POST /exams/_search?size=0
{
"aggs" : {
"avg_grade" : { "avg" : { "field" : "grade" } }
}
}
- heartin's blog
- Log in or register to post comments
Recent comments