Intro ElasticSearch Aggregation

Post author: David Chen
Post link: <a href="https://davidchenblog.com/posts/49f166c/" title="Intro ElasticSearch Aggregation">https://davidchenblog.com/posts/49f166c/
Copyright Notice: All articles in this blog are licensed under <span class="exturl" data-url="aHR0cHM6Ly9jcmVhdGl2ZWNvbW1vbnMub3JnL2xpY2Vuc2VzL2J5LW5jLW5kLzQuMC9kZWVkLnpo"> BY-NC-ND unless stating additionally.

Posted on 2021-08-24 Edited on 2024-07-03 In ElasticSearch Views: Disqus: Symbols count in article: 726 Reading time ≈ 1 mins.

Intro ElasticSearch Aggregation

這篇介紹ElasticSearch Aggregation。

該文章介紹如何下KQL的Sum field + Group by field
來實作簡單的ElasticSearch Aggregation查詢!
範例及Output如下:

如何在ElasticSearch做Sum Group By:

KQL exmaple:
GET {index}-*/_search?size=0
{
“size”: 0,
“aggs”: {
“groupByField”: {
“terms”: {
“field”: “employee”
},
“aggs”: {
“summarySalary”: {
“sum”: {
“field”: “salary”
}
}
}
}
}
}

Output:

{
“took” : 19,
“timed_out” : false,
“_shards” : {
“total” : 1,
“successful” : 1,
“skipped” : 0,
“failed” : 0
},
“hits” : {
“total” : {
“value” : 10000,
“relation” : “gte”
},
“max_score” : null,
“hits” : [ ]
},
“aggregations” : {
“groupByField” : {
“doc_count_error_upper_bound” : -1,
“sum_other_doc_count” : 3,
“buckets” : [
{
“key” : “Mark”,
“doc_count” : 2,
“summarySalary” : {
“value” : 1124
}
},
{
“key” : “Mary”,
“doc_count” : 1,
“summarySalary” : {
“value” : 2574
}
},
]
}
}
}