Answer the question
In order to leave comments, you need to log in
About Aggregations in Elasticsearch?
Let's say I have a log in logstash with records of when, where and what time (timestamp) they walked with the dog
(name - the name of the dog). I need to get the latest dog walk entries from a list of dog names. I can't write a normal query, here's what I did:
GET logstash-1/dogs_walk/_search?pretty
{
"aggs": {
"filtered": {
"filter": {
"terms": {
"name": [
"Sharik",
"Strelka"
]
}
},
"aggs": {
"group": {
"terms": {
"field": "name",
"size": 2
}
}
}
}
}
}
Can you tell me the best way to solve this problem? About https://www.elastic.co/guide/en/elasticsearch/refe... I am aware, until the required request could not be compiled.
Answer the question
In order to leave comments, you need to log in
I think I decided I should have used top_hits https://www.elastic.co/guide/en/elasticsearch/ref...
{
"aggs": {
"filtered": {
"filter": {
"terms": {
"name": [
"Sharik",
"Strelka"
]
}
},
"aggs": {
"group": {
"terms": {
"field": "name",
"size": 2
},
"aggs": {
"top_dogs_timestamp": {
"top_hits": {
"sort": [
{
"timestamp:" {
"order": "desc"
}
}
],
"size": 1
}
}
}
}
}
}
}
}
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question