I'm having a difficult time trying to get what is a simple SQL query to
work with Elasticsearch. I can query, I can get counts, but can't seem to
get the aggregation to work.
For a simple SQL query: select source_ip, count(*) from my_table where
destination port='23' group by source_ip;
I've spent the day looking over documentation and examples, but just about
all of the examples I have seen don't seem to utilize a filter and
aggregate the entire index.
On Saturday, February 14, 2015 at 2:40:17 AM UTC+1, Ian Hayes wrote:
I'm having a difficult time trying to get what is a simple SQL query to
work with Elasticsearch. I can query, I can get counts, but can't seem to
get the aggregation to work.
For a simple SQL query: select source_ip, count(*) from my_table where
destination port='23' group by source_ip;
I've spent the day looking over documentation and examples, but just about
all of the examples I have seen don't seem to utilize a filter and
aggregate the entire index.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.