I guess you want ES plugin reads aggregations part of query results.
But, it seems that logstash elasticsearch input plugin only watchs hits.hits array of elasticsearch search API response.
Note: https://github.com/logstash-plugins/logstash-input-elasticsearch/blob/master/lib/logstash/inputs/elasticsearch.rb#L168
Does anybody know the way to make aggregation result as hitted documents?