krpt
Reputation: 23
Elasticsearch aggregation get a list of all values taken by a specific field
Each of my elasticrecords I'm searching contain a "status" field that contains an http status code,
I made this request to get the average of the api-response-time on a defined time range by uri :
GET /gravitee-*/_search
{
"query": {
"bool": {
"filter": [
{ "range": { "@timestamp": { "gte": "now-50d/d" }}}
]
}
},
"aggs": {
"average_api-response-time": {
"terms": {
"field" : "uri"
},
"avg": { "field" : "api-response-time" }
}
}
}
I wish to also get all the values that the "status" field took during this timerange ( it contains numericals : 200,401,etc.. ). Is it possible without an histogram request ?
Thanks for helping !
Edit : Solved on reddit thanks to u/do-u-even-search-bro :
GET /gravitee-*/_search
{
"size": 0,
"query": {
"range": {
"@timestamp": {
"gte": "now-50d/d"
}
}
},
"aggs": {
"group_by_uri": {
"terms": {
"field": "uri"
},
"aggs": {
"average_response_time": {
"avg": {
"field": "api-response-time"
}
},
"status_terms": {
"terms": {
"field": "status"
}
}
}
}
}
}
Upvotes: 0
Views: 33
Answers (0)
Related Questions
- Opensearch Nested aggregation - get buckets for specific nested property
- ElasticSearch - How to display an additional field name in aggregation query
- Sort elasticsearch aggregation buckets by text field
- Elasticsearch range aggregation ignores negative values
- Problem in nest query for sorting in aggregation
- Elasticsearch - Query field against aggregation
- Elasticsearch aggregation on values in nested list (array)
- Elasticsearch - Get top 'n' values & perform aggregation