Aggregating using ingest Node

Novak478 · July 7, 2017, 5:36pm

Hi all,

I was curious if it is possible to perform a "count/terms" aggregation in an ingest node/pipeline using a script processor, or if there is any plan to add in support for a processor like that in the future?

To clarify, we have a index that we send raw data to for later querying. However, we have been reading more into ingest nodes, and are curious if anyone has been able to perform the aggregations in an ingest node with a script processor that would allow for the count aggregations to be performed before the data is actually indexed.

Here is the query we used to collect and count term counts:

GET index-name/_search?size=0
{
"aggs": {
"QueryName": {
"terms": {
"script": "doc['FieldName'].values"
}
}
}
}

Thank you.

dadoonet · July 7, 2017, 6:12pm

Like doing lookups in elasticsearch?

No it won't happen. See:

There is an elasticsearch logstash plugin but sadly it does not support adding aggs: https://www.elastic.co/guide/en/logstash/5.4/plugins-filters-elasticsearch.html

Novak478 · July 7, 2017, 7:34pm

David,

Thanks for the quick reply, and for the github link as well - appreciate the help!

system · August 4, 2017, 7:35pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Can I do query to retrieve some doc in ingest processor Elasticsearch	7	969	December 14, 2017
Ingest Node processor elasticsearch Elasticsearch	3	347	October 22, 2019
Is it possible to do a search (percolator) from ingest node? Elasticsearch	3	715	April 10, 2017
Ingest Node Processor for cumulative count of records Elasticsearch	5	596	December 22, 2017
Logstash to Ingest nodes Logstash ingest-pipeline	8	408	January 14, 2021

Aggregating using ingest Node

Related topics