Convert es (Bucket aggregation) query to java

Elastic Stack Elasticsearch
1

Hi,
Can anyone help me convert this query in java program and how would i get only the aggreagtion result from query. The query is given below.

GET /_search
{
  "size": 0,
  "query": {
    "bool": {
      "filter": [
        {
          "range": {
            "@timestamp": {
              "gte": 1664044200000,
              "lte": 1664216999000,
              "format": "epoch_millis"
            }
          }
        },
        {
          "query_string": {
            "analyze_wildcard": true,
            "query": "service.name:*itm*"
          }
        }
      ]
    }
  },
  "aggs": {
    "2": {
      "terms": {
        "field": "labels.client_id",
        "size": 100000,
        "order": {
          "_key": "desc"
        },
        "min_doc_count": 1
      },
      "aggs": {
        "4": {
          "terms": {
            "field": "labels.job_id",
            "size": 100000,
            "order": {
              "_key": "desc"
            },
            "min_doc_count": 1
          },
          "aggs": {
            "3": {
              "sum": {
                "field": "labels.row_count"
              }
            }
          }
        }
      }
    }
  }
}

Pls help me i'v been sitting on this work from very long and im not able to meet up with the result.

2

One more thing i want that i want to start my output from Aggregations If that is possible.
the above part is not required

{
  "took" : 111,
  "timed_out" : false,
  "_shards" : {
    "total" : 23232,
    "successful" : 3535,
    "skipped" : 767,
    "failed" : 0
  },
  "hits" : {
    "total" : {
      "value" : 56547,
      "relation" : "eq"
    },
    "max_score" : null,
    "hits" : [ ]
  },
  "aggregations" : {
    "2" : {
      "doc_count_error_upper_bound" : 0,
      "sum_other_doc_count" : 0,
      "buckets" : [
        {
          "key" : "86789",
          "doc_count" : 4,
          "4" : {
            "doc_count_error_upper_bound" : 0,
            "sum_other_doc_count" : 0,
            "buckets" : [
              {
                "key" : "2222222",
                "doc_count" : 1,
                "3" : {
                  "value" : 666.5
                }
              },
              {
                "key" : "111111",
                "doc_count" : 1,
                "3" : {
                  "value" : 1111
                }
              },
              {
                "key" : "22222",
                "doc_count" : 1,
                "3" : {
                  "value" : 6666
                }
              },
              {
                "key" : "555555",
                "doc_count" : 1,
                "3" : {
                  "value" : 66666
                }
              }
            ]
          }
        }

Thanks.

3

Hi Shubh,

Are you using the Elasticsearch Java client? Do you have any code so far? There is an aggregation example in the documentation that may help you get started.

4

Hi carly.richmond,

thanks for replay yes im using java client i have done some code but the output is not coming as expected. can pls give me code for this query so that i can refer. it would be very helpful for me. I have gone through that document already.

5

Hi Shubh, can you share the code you have and what output or error you are receiving please? It would be good to understand what output you have versus what you expect.

6

@carly.richmond Here is my code. as per the document you shared me im not able to get The response of an aggregation which we have to run in for loop getting some som erro in code as well pls correct me or send me the right code.

public class podQuery {

    public static void main(String[] args) {

        RestHighLevelClient client = new RestHighLevelClient(
                RestClient.builder(new HttpHost("hostname", port, "http")))

        try {

            BoolQueryBuilder queryBuilder = QueryBuilders.boolQuery();

            queryBuilder.must(QueryBuilders.matchQuery("labels.client_id", "50152"));
            queryBuilder.must(QueryBuilders.rangeQuery("@timestamp").gte("2022-09-26")
                    .lte("now/d")
            );



            TermsAggregationBuilder jobidAggregation = AggregationBuilders
                    .terms("termByJobid")
                    .field("labels.job_id")
                    .minDocCount(1);

            jobidAggregation
                    .subAggregation(AggregationBuilders
                            .sum("sumOfRowcount")
                            .field("labels.row_count")
                    );

            TermsAggregationBuilder termsAggregation = AggregationBuilders
                    .terms("term_by_client_id")
                    .field("labels.client_id")
                    .size(100000)
                    .minDocCount(1).subAggregation(jobidAggregation);

            SearchRequest searchRequest = new SearchRequest();
            searchRequest.indices("*apm*itm*");


            SearchSourceBuilder searchSourceBuilder = new SearchSourceBuilder();
            searchSourceBuilder.aggregation(termsAggregation);
            searchSourceBuilder.query(queryBuilder);
            searchRequest.source(searchSourceBuilder);

            SearchResponse searchResponse = client.search(searchRequest, RequestOptions.DEFAULT);

            List<Aggregation> aggregationList = searchResponse.getAggregations().asList();

        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }
}
7

Hi Shubh, you say you're getting an error. What is the error?

Can you also confirm if you are using the Java REST Client or the Java API Client and what versions of that client and Elasticsearch you are using? From the references in your code it looks like you are using the REST client which is deprecated as of 7.17 in favour of the API client. So we would recommend switching to the Java API client.

8

can you just tell me how would i parse the searchresponse object from above code. with code example

9

Hi Shubh,

The discuss forum is best effort help for Elasticsearch, as well as educating the community. We are not a support forum. If others have similar snippets and experiences they may share.

I suggest following the code example for the Java API client mentioned above. That example also includes an example of how to process the aggregation response in the second snippet that covers how to process the response.

1 Like
10

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.