Hello,
I have this query that is aggregates with top hits to retrieve the last doc.
I want to use the bucket selector to filter for buckets that match a source field, event.outcome: "failure".
I am struggling with the bucket path:
This is how the aggregation looks without the bucket selector:
