Aggregations
Introduced in Elasticsearch 1.0, aggregations are the heart of data analytics in Elasticsearch. Highly flexible and performant, aggregations brought Elasticsearch 1.0 to a new position as a full-featured analysis engine. Extended through the life of Elasticsearch 1.x, in 2.x they are yet more powerful, less memory demanding, and faster. With this framework, you can use Elasticsearch as the analysis engine for data extraction and visualization. Let's see how that functionality works and what we can achieve by using it.
General query structure
To use aggregations, we need to add an additional section in our query. In general, our queries with aggregations look like this:
{ "query": { … }, "aggs" : { "aggregation_name" : { "aggregation_type" : { ... } } } }
In the aggs
property (you can use aggregations
if you want; aggs
is just an abbreviation), you can define any number of aggregations. Each aggregation is defined by its name and one of the...