Hello Everyone,
I am very new to aggregation and need your help to get started with it. I tried looking after lots of examples shared across net, but failed to understand how to define aggregation. I tried to define aggregation at time of index creation alone with defining mapping with expectation that i will visualize a new bucket.field with the "aggsname" filed on kibana..but maping went through without any sign of creation aggsbucket.
So, can someone help me with link which guide how to get started with aggregation?
Code:-
curl -X POST localhost:8080/alok2_otrscsv -d '{
"mappings" : {
"otrscsv" : {
"properties" : {
"Ticket#" : { "type" : "string" },
"Created" : { "type" : "date", "format" : "YYYY-MM-dd HH:mm:ss || yyyy-MM-dd HH:mm:ss, MM/dd/YYYY HH:mm:ss || MM/dd/yyyy HH:mm:ss", "null_value" : "0"},
"Changed" : { "type" : "date", "format" : "YYYY-MM-dd HH:mm:ss || yyyy-MM-dd HH:mm:ss, MM/dd/YYYY HH:mm:ss || MM/dd/yyyy HH:mm:ss", "null_value" : "0"},
"Location" : { "type" : "string"}
}
}
},
"aggs" : {
"Closed_tickets" : { "terms" : { "field" :"Close Time"} }
}
}'