How to retrieve all unique values from a given field

warkolm · September 3, 2020, 1:43am

The quickest way to do this is to run a zero size, terms aggregation on the field.

Using the Kibana sample log data set as an example, you would run;

GET kibana_sample_data_logs/_search
{
  "size": "0",
  "aggs": {
    "unique_values": {
      "terms": {
        "field": "agent.keyword"
      }
    }
  }
}

Which returns;

(Expand this for the Elasticsearch response)

{
  "took" : 4,
  "timed_out" : false,
  "_shards" : {
    "total" : 1,
    "successful" : 1,
    "skipped" : 0,
    "failed" : 0
  },
  "hits" : {
    "total" : {
      "value" : 10000,
      "relation" : "gte"
    },
    "max_score" : null,
    "hits" : [ ]
  },
  "aggregations" : {
    "unique_values" : {
      "doc_count_error_upper_bound" : 0,
      "sum_other_doc_count" : 0,
      "buckets" : [
        {
          "key" : "Mozilla/5.0 (X11; Linux x86_64; rv:6.0a1) Gecko/20110421 Firefox/6.0a1",
          "doc_count" : 5362
        },
        {
          "key" : "Mozilla/5.0 (X11; Linux i686) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.50 Safari/534.24",
          "doc_count" : 4702
        },
        {
          "key" : "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)",
          "doc_count" : 4010
        }
      ]
    }
  }
}

Topic		Replies	Views
How to get all unique values of a field for a single index? Elasticsearch	1	1541	February 14, 2020
Unique values on the matching docs Elasticsearch	1	333	July 6, 2017
How do I get unique values from a field with a given search in kibana Kibana	4	7829	June 9, 2021
Need all distinct values .. Elasticsearch returns 1000 only Elasticsearch	1	403	January 21, 2020
How to show unique value of a field(database column) without fielddata Elasticsearch	6	1231	December 24, 2019

How to retrieve all unique values from a given field

Related topics