Get the count in a tree like structure of items

Example data:
{
"userName": "spyderman",
"phoneNumber": "123ertre67890",
"devicegroup": "Globe/India/Delhi/Parkstreet/building0/401B",
"address": "#complete address with postal codes",
},
{
"userName": "batman",
"phoneNumber": "12345fas890",
"devicegroup": "Globe/India/delhi/Parkstreet/building0/402B",
"address": "#complete address with postal codes",
},
{
"userName": "superman",
"phoneNumber": "123456asf0",
"devicegroup": "Globe/India/delhi/gandhistreet/building0/401A",
"address": "#complete address with postal codes",
},

I wish to get the counts at each level:
The documents will not be duplicated (generates one per user registration into the system)
output desired:

no. of countries @global level
no. of cities @ country level
no. of buildings @ street level
no. of users @ street level and # users @ building level

I was thinking to use path tokenizers but then not sure how i can get the counts in the way i desire. can someone guide in this regard.

It appears they are in a logical order - I would recommend splitting them and index the country/city/etc as individual properties on the document. You can do this in within your software, or if that is not possible with Logstash or ingest with the Grok processor.

Hi tyler,

Yes, splitting them is the easy way to go. but i was wondering if there is a way inside elastic search DSL, so i can use that filer query and show the counts in Kibana? No 3rd parties involved.

I am imagining this as:
All i have is a tree like structure,
so is there a way i get the level-1 child counts from any given node. ?

I am not aware of a way to dynamically do this at query time - but that's not to say it isn't possible. Even if it was, it would be extremely inefficient as it would need to be performed on the entire data set to query/aggregate.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.