I have a bunch of documents with the fields username and device_os as follows:
{ "username": "foo", "device_os": "Android", ....},
{ "username": "foo", "device_os": "iOS", ....},
{ "username": "bar", "device_os": "Android", ....},
{ "username": "baz", "device_os": "iOS", ....},
{ "username": "foo", "device_os": "iOS", ....}
I would like to get all distinct device_os by username as follows:
{
"foo": ["Android", "iOS"],
"bar": ["Android"],
"baz": ["iOS"]
}
What is the best way to do something like this in elasticsearch, specifically elasticsearch-py?
答案 0 :(得分:0)
您可以按以下方式使用“条款”汇总
{
"query": {
"match_all": {}
},
"aggs":{
"usr_agg":{
"terms": {"field": "username"}
}
}
}
了解更多info
答案 1 :(得分:0)
万一有人来了,解决这个问题的想法很简单:在usr_agg上使用二级聚合,如下所示:
{
"size": 0,
"aggs": {
"usr_agg": {
"terms": {
"field": "username.keyword"
},
"aggs": {
"by_device_os": {
"terms": {
"field": "device_os.keyword"
}
}
}
}
}
}