标签:
Elasticsearch分组聚合
1.查询指定索引下每个A_logtype有多少数据
curl -XPOST ‘localhost:19200/ylchou-0-2015-10-07/_search?pretty‘ -d ‘
{
"size": 0,
"aggs": {
"group_by_state": {
"terms": {
"field": "A_logtype"
}
}
}
}‘
结果:
{
"took" : 33,
"timed_out" : false,
"_shards" : {
"total" : 1,
"successful" : 1,
"failed" : 0
},
"hits" : {
"total" : 30434,
"max_score" : 0.0,
"hits" : [ ]
},
"aggregations" : {
"group_by_state" : {
"doc_count_error_upper_bound" : 0,
"sum_other_doc_count" : 0,
"buckets" : [ {
"key" : "waf-214",
"doc_count" : 28928
}, {
"key" : "waf-358",
"doc_count" : 1506
} ]
}
}
}
2.查询多个索引下每个A_logtype下有多少数据
curl -XPOST ‘localhost:19200/ylchou-0-2015-*/_search?pretty‘ -d ‘
{
"size": 0,
"aggs": {
"group_by_state": {
"terms": {
"field": "A_logtype"
}
}
}
}‘
结果:
{
"took" : 531,
"timed_out" : false,
"_shards" : {
"total" : 28,
"successful" : 28,
"failed" : 0
},
"hits" : {
"total" : 13477509,
"max_score" : 0.0,
"hits" : [ ]
},
"aggregations" : {
"group_by_state" : {
"doc_count_error_upper_bound" : 0,
"sum_other_doc_count" : 23151,
"buckets" : [ {
"key" : "error",
"doc_count" : 3880753
}, {
"key" : "draglog-168",
"doc_count" : 3566095
}, {
"key" : "策略测试数据004",
"doc_count" : 2999538
}, {
"key" : "syslog-37",
"doc_count" : 1284500
}, {
"key" : "waf-214",
"doc_count" : 667958
}, {
"key" : "QimingStar13",
"doc_count" : 646717
}, {
"key" : "136test",
"doc_count" : 201971
}, {
"key" : "标准化策略测试数据101",
"doc_count" : 161039
}, {
"key" : "Waf150test",
"doc_count" : 24208
}, {
"key" : "waf-358",
"doc_count" : 21579
} ]
}
}
}
Elasticsearch分组聚合-查询每个A_logtype下有多少数据
标签:
原文地址:http://my.oschina.net/ylchou/blog/523798
