I will like to group an aggregated result into subgroups. E.g I want to group a document into host, inside the host bucket, I want to group into further buckets of service names, and then further subgroup into response code.
I was able to do a first level nested aggregation but I cant go another level.
Here is my aggregation query so far:
{
"aggs": {
"group_by_route": {
"terms": {
"field": "route",
"size": 0,
"order" : { "_count" : "desc" }
},
"aggs": {
"group_by_response_code": {
"terms": {
"field": "consumerResponseCode",
"size": 0,
"order" : { "_count" : "desc" }
}
}
}
}
}
}