Hey Guys, I am building some Logging and monitoring product for my employer and using ES as backend. now finding unique value of each/any attribute is core part of business logic I have in hand.
lets say I want unique dst_ip, to achieve that, - I have used "index":"not_analyzed" for selected fields - Api used to get unique count http://127.0.0.1:9200/es-server/Events/_search -d '{"aggs":{"dst_ip_count":{"cardinality":{"field":"dst_ip"}}},"size":0}' - Api used to fetch those values http://127.0.0.1:9200/es-server/Events/_search -d '{"fields":["dst_ip"],"facets":{"terms":{"terms":{"field":"dst_ip","size":1116,"order":"count"}}},"size":1116}' here 1116 is received from first API. now here the count is very small but in production environment this count goes greater then 2lakh. which results in slow query response. do we have any other way to fetch such values with pagination inbuild like we have in search query with size and from. Please suggest, thanks in advance. -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/b11eaa9f-ba52-4e0a-ba21-3cfb6e669a58%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
