How to make a query for group by count?

psyapathy · July 16, 2019, 3:12pm

Hello!
I looking for information by event_id 2771

And i get result table (example):

I want to group the data and hide the duplicate TargetUser by their count in table. I want this result:

Is it possible?
How to make a query for group by count?

Thank you advance

wangqinghuan · July 17, 2019, 5:38am

You can try sub-aggregation:

 {

      "aggs": {

        "event_id": {

          "terms": {

            "field": "event_id"

          },

          "aggs": {

            "targetUser": {

              "terms": {

                "field": "tragetUser"

              },

              "aggs": {

                "ipAddress": {

                  "terms": {

                    "field": "ipAddress"

                  }

                }

              }

            }

          }

        }

      }

    }

psyapathy · July 17, 2019, 9:39am

Thank you. But how i can get column Count with count of TargetUser?

Topic		Replies	Views
Aggregating by count of another aggregation? Elasticsearch	1	394	July 5, 2017
How to query with GROUP BY and COUNT(*) Elasticsearch	1	3029	December 13, 2022
Group by and sum Elasticsearch	1	264	December 18, 2020
Need help with ElasticSearch Pipeline Aggregation query Elasticsearch	1	493	March 14, 2017
ElasticSearch Aggs Query Elasticsearch	3	1084	July 5, 2017

How to make a query for group by count?

Related topics