Output of aggregation query to another index in elastic

I have an index in elastic like below. Is there an optimum way to store the aggregation of the below data into another index. I use logstash to index the original data.

Original Data

|SerialNo|Src|SubSrc|Filename|Status|
|1|Source1|s1|File1|Success|
|2|Source1|s1|file1|Error|
|3|Source1|s1|file1|Success|
|4|Source2|s2|file2|Success|
|5|Source2|s2|file2|Error|
|6|Source2|s2|file2|Error|
|7|Source3|s3|file3|Success|

Aggregated data

|Src|SubSrc|Filename|Status|Count|
|Source1|s1|File1|Success|2|
|Source1|s1|file1|Error|1|
|Source2|s2|file2|Success|1|
|Source2|s2|file2|Error|2|
|Source3|s3|file3|Success|1|

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.