I have the following index:
{
"message" => "Thu Jun 05 08:00:00 2014 RID 978a1861-1401973200416
URL ..... ",
"@version" => "1",
"@timestamp" => "2014-08-22T15:46:22.729Z",
"host" => "........",
"kw" => "Ready Mix Concrete",
"town" => "Zephyrhills",
"state" => "FL",
"ip" => "63.251.207.54",
"src" => "comlocal5"
}
{
"message" => "Thu Jun 05 08:00:00 2014 RID 978a1861-1401973200435
URL ..... ",
"@version" => "1",
"@timestamp" => "2014-08-22T15:46:22.729Z",
"host" => "....",
"kw" => "video",
"town" => "Norfolk",
"state" => "VA",
"ip" => "216.54.94.2",
"src" => "Lsxppc21128"
}
For simplicity only 2 documents.
I want to get hash with field "kw" as a key and frequency as a value.
In this case it will be
hash{"Ready Mix Concrete} => 1
hash{video} => 1
I know that I should possibly use aggregates, but it did not work for me:
>curl -XGET 'http://localhost:9200/_search?search_type=count' -d
'{"aggregations":{"terms":{"field":"kw"}}}'
{"took":24,"timed_out":false,"_shards":{"total":10,"successful":10,"failed":0},"hits":{"total":4,"max_score":0.0,"hits":[]}}
--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/173839c3-62ad-41dd-927b-99628d114a63%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
