Logstash - aggregation_fields in elasticsearch filter plugin

Francisca_Lima · January 17, 2019, 3:37pm

Hello,

I am trying to use elasticsearch filter plugin in logstash.
My logstash file:

filter {
elasticsearch {
hosts => "XXX"
index => "logs_0"
query => "query.json"
aggregation_fields => { "value_avg" => "AVG"}
}
}

And, in my query I create an aggregation named value_avg. What can be wrong?
The result of my aggregation is like this:
{
"took" : 0,
"timed_out" : false,
"_shards" : {
"total" : 5,
"successful" : 5,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : 649,
"max_score" : 0.0,
"hits" :
},
"aggregations" : {
"value_avg" : {
"value" : 472.545088887031
}
}
}

Francisca_Lima · January 17, 2019, 6:14pm

We found the solution. In the elasticsearch filter plugin we need to use query_template and not query, since we are using a query in a file.

system · February 14, 2019, 6:14pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How can i use aggregation in logstash-elasticsearch filter plugin Logstash	5	1872	June 28, 2018
Aggregations response in logstash Elastic search filter Logstash	1	317	June 27, 2018
Query from Kibana and from Elastic search Filter Logstash	1	308	June 22, 2018
How to get the aggregation value into a field in CSV in logstash configuration file? Elasticsearch	1	366	March 31, 2022
Logstash elastic search filter plugin Logstash	2	443	May 16, 2019

Logstash - aggregation_fields in elasticsearch filter plugin

Related topics