Add different fields to aggregations results

Praveen_Shilavantar · September 4, 2015, 3:33am

Sample Index data:

Desired output:

SQL Query which can yield the above output:

SELECT name, component_version
FROM config_data
WHERE report_date BETWEEN '2015-08-26' AND '2015-08-27'
GROUP BY name
ORDER BY report_date DESC;

I don't know how to add "component_version" to aggregations results? I am not sure it's possible.

{
"size": 2,
"_source": {
"includes": [
"tail",
"report_date",
"component_version"
],
"excludes":
},
"sort": [
{
"report_date": {
"order": "desc"
}
}
],
"aggs": {
"tail": {
"terms": {
"field": "tail"
}
}
}
}

I am looking for the below output,

"aggregations": {
"name": {
"doc_count_error_upper_bound": 0,
"sum_other_doc_count": 1130419,
"buckets": [
{
"key": "ABC",
"report_date": "2015-08-26T01:17:07"
"component_version": "1.03"
},
{
"key": "BCD",
"report_date": "2015-08-26T03:17:07"
"component_version": "3.03"
}
}

Praveen_Shilavantar · September 4, 2015, 3:46am

I am able to achieve this using top hits aggregations

https://www.elastic.co/guide/en/elasticsearch/reference/current/search-aggregations-metrics-top-hits-aggregation.html

{
"aggs": {
"top-name": {
"terms": {
"field": "name",
"size": 10
},
"aggs": {
"top_component_versions": {
"top_hits": {
"sort": [
{
"report_date": {
"order": "desc"
}
}
],
"_source": {
"include": [
"name",
"report_date",
"component_version"
]
},
"size" : 1
}
}
}
}
}
}

Topic		Replies	Views
How to add a field to the result of the aggregation Elasticsearch	3	864	August 23, 2021
Aggregation max additional info Elasticsearch	1	260	November 18, 2020
Can I aggregate using only part of a field? Elasticsearch	3	539	April 6, 2019
Is it possible to add a field to all document in an index which the field is an aggregation result? Elasticsearch	4	582	September 26, 2019
Different results when changing pipeline aggregations order Elasticsearch	1	341	April 19, 2020

Add different fields to aggregations results

Related topics