How to group and return counts

paul2 · October 25, 2016, 12:15pm

Hi, I'm using a field, transactiontype, to return the count of each transaction type. The following code works but returns both the full number of hits and the counts.

Does anyone know what I do to return counts only? Maybe it's because I'm using _search in the url. I tried _count but that didn't work.

**{**
**	"query": {**
**		"match": {**
**			"MAJORPOSTCODE": "WC1R,WC1A,WC1V,WC1B,WC1N,WC1X,WC1E,WC1H"**
**		}**
**	},**
**	"aggs" : {**
**        "Transactiontypes" : { "terms" : { "field" : "TRANSACTIONTYPE" } }**
**    }**
**}**

Ideal Reponse

 "aggregations": {
    "count_by_type": {
      "doc_count_error_upper_bound": 0,
      "sum_other_doc_count": 0,
      "buckets": [
        {
          "key": "auction",
          "doc_count": 43
        },
        {
          "key": "lease",
          "doc_count": 39
        },

nik9000 · October 25, 2016, 1:01pm

Tip: wrap things in ``` so they are formatted. I edited your post with my godlike admin powers so I could read it. The ** that you added to the query don't really help with readability either.

That shouldn't matter.

You can use size=0 to remove all of the hits from the response. You can use response filtering to further limit the response.

When people ask questions like this I worry that they are exposing Elasticsearch directly over an untrusted connection. That isn't a great idea because it is fairly easy to craft a query that puts a super large load on Elasticsearch. And if you've really misconfigured Elasticsearch you can get it to run arbitrary commands for you as the Elasticsearch user. I only bring it up because it is a problem waiting to happen that you might have.