P.S - I need to find the top N log messages which are commonly occuring.
The reason I can't use 'term' aggregation is that the log message contain some different types of IDs in between them and that too many. So, it becomes the LCS [ longest common subsequence ] problem.
If the changing parameters were at start or end, I would have parsed or taken the substring in the script query.
So I was asking if there is any aggregation or technique elasticsearch has to tackle the above problem ?