Reputation: 4985
Elasticsearch: Aggregation on different fields
I'm using a specific piece of software to index data into Elasticsearch, but it creates documents like this:
{
contact: +31644488857,
name: "Jan",
address: "street 3"
}
and
{
person: {
phone: +31688844499,
address: "street 5"
}
name: "Piet"
}
Now I am looking for a way to create a table in kibana, which combines the phone numbers, but treats them as a single field. So I do not want to create different tables, or multiple columns for multiple fields. I just want to create a single table which shows all phone numbers, regardless of which field it's from.
Is there a way to accomplish this? I wished I could use a scripted field, but it seems that I cannot aggregate on scripted fields...
Upvotes: 0
Views: 85
Answers (1)
Reputation: 217554
You can certainly create a scripted field in Kibana for (keyword) strings that you can later aggregate.
Simply go to "Management > Index Patterns", pick the relevant index pattern, create a new scripted field of type string and use the following script:
[doc['contact.keyword'].value, doc['person.phone.keyword'].value]
This will create a new scripted field that contains an array whose elements will be your phone number fields. You can then visualize that field either in the Discover view or in a terms aggregation in the Visualization view.
Upvotes: 0
Related Questions
- Elasticsearch aggregation on multi fields
- Aggregate Elastic search query for multiple fields
- Aggregation on multiple fields - elasticsearch
- Terms Aggregations in multiple fields Kibana
- ElasticSearch: Aggregating on field key
- How to aggregate data by an field in elasticsearch?
- Elasticsearch: aggregate on two fields
- Elasticsearch aggregate by multiple fields separately
- Aggregate by two or more fields in elasticsearch
- How can I perform an aggregation on multiple fields?