How to make a query for group by count?

psyapathy · July 16, 2019, 3:12pm

Hello!
I looking for information by event_id 2771

And i get result table (example):

I want to group the data and hide the duplicate TargetUser by their count in table. I want this result:

Is it possible?
How to make a query for group by count?

Thank you advance

wangqinghuan · July 17, 2019, 5:38am

You can try sub-aggregation:

 {

      "aggs": {

        "event_id": {

          "terms": {

            "field": "event_id"

          },

          "aggs": {

            "targetUser": {

              "terms": {

                "field": "tragetUser"

              },

              "aggs": {

                "ipAddress": {

                  "terms": {

                    "field": "ipAddress"

                  }

                }

              }

            }

          }

        }

      }

    }

psyapathy · July 17, 2019, 9:39am

Thank you. But how i can get column Count with count of TargetUser?

system · August 14, 2019, 9:47am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Group by Aggregation doc_count Elasticsearch	1	652	November 14, 2018
How to query with GROUP BY and COUNT(*) Elasticsearch	1	2487	December 13, 2022
Aggregating by count of another aggregation? Elasticsearch	1	369	July 5, 2017
Elasticsearch query to filter count by aggregate Elasticsearch	1	2568	October 1, 2018
Group by and sum Elasticsearch	1	242	December 18, 2020

How to make a query for group by count?

Related topics