Elasticsearch provides aggregations (formerly known as facets) to summarize data as metrics or analytics. It is used to group data, perform calculations on them, e.g. sums, percentiles, histograms, etc. Aggregations are grouped into three categories.
- Bucket ggregations to group data into buckets
- Metrics ggregations to compute metrics over data
- Pipeline ggregations to calculate data on the output from previous aggregations
✅ Start Elasticsearch instance (see Setup)
The basic structure of an aggregation is:
{
"aggs": {
"<label>": {
"<type-of-aggregation>": { ... }
}
}
}The aggregation is sent to the same Search API endpoint as the previous queries. Both aggs and query can complement each other, for example a search request can have a query block to filter and/or match specific documents while the aggregations in aggs use the resulting documents to group them or calculate metrics on them.
The response from a terms aggregation may look as follows (omitting some fields)
{
...
"aggregations": {
"<label>": {
"buckets": [
{
"key": "<some-key>",
"doc_count": 3
},
{
"key": "<next-key>",
"doc_count": 2
}
...
]
}
}
}The given output sorts the entries of buckets by field doc_count, the number of documents that match the same term.
- Terms (Bucket)
- Filter (Bucket)
- Nested (Bucket)
- Stats (Metric)
- Percentiles (Metric)