Menu
I have set of documents in elastic index(id,name,dept,status) as {1,pone , d1,m2} {2,ptwo,d1,m2},{3,ptwo,d2,m1} I want query to get the result group by dept for 'm2' status.Also result set should include the records with zero count as {d1:2}, {d2:0}. How can we achieve it using Elastic Search aggs?
{
"query": {
"match": {
"status": "m2"
}
},
"aggs" : {
"results" : {
"terms" : {
"field" : "dept"
}
}
}
}
This Query returns the 'dept' without zero count as {d1:2}.In addition I also want records with 0 count as {d1:2}, {d2:0}. Thanks
301
Elasticsearch - Aggregations. The aggregations framework collects all the data selected by the search query and consists of many building blocks, which help in building complex summaries of the data.
shard_size cannot be smaller than size (as it doesn’t make much sense). When it is, Elasticsearch will override it and reset it to be equal to size. The default shard_size is (size * 1.5 + 10). doc_count values for a terms aggregation may be approximate. As a result, any sub-aggregations on the terms aggregation may also be approximate.
A single-value metrics aggregation that counts the number of values that are extracted from the aggregated documents. These values can be extracted either from specific fields in the documents, or be generated by a provided script. Typically, this aggregator will be used in conjunction with other single-value aggregations.
when there are lots of unique terms, Elasticsearch only returns the top terms; this number is the sum of the document counts for all buckets that are not part of the response the list of the top buckets, the meaning of top being defined by the order
What you're looking for is the min_doc_count setting. Try this:
{
"query": {
"match": {
"status": "m2"
}
},
"aggs" : {
"results" : {
"terms" : {
"field" : "dept",
"min_doc_count" : 0 <------ add this setting
}
}
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
