I'm looking to have nested aggregation queries against documents to eventually reveal cardinality against a particular field which will result in either '1' or '2'.
I'd like to filter out the '1' so that only those aggregation results with value:2 remain. Is this possible?
GET collectd/_search
{
"size":0,
"query": {
"match_all": {}
},
"aggs": {
"hostname": {
"significant_terms": {
"field": "host.keyword"
}, "aggs": {
"interfaceName": {
"significant_terms": {
"field": "type_instance.keyword"
}, "aggs": {
"interfaceState": {
"cardinality": {
"field": "upstate"
}
}
}
}
}
}
}
}Bump
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.