Hello, First, thx you for very good ELK !
Anyone help me for how to filter range on cardinality aggregations please ? ok please look my query working example: curl -XGET 'http://localhost:9200/logstash-2014.10.20/_search?search_type=count&pretty=true' -d '{ "size":9999999, "aggs": { "distinct_ip_src": { "cardinality": { "field": "IP_SRC"}}}}' response: { "took" : 34, "timed_out" : false, "_shards" : { "total" : 5, "successful" : 5, "failed" : 0 }, "hits" : { "total" : 12975, "max_score" : 0.0, "hits" : [ ] }, "aggregations" : { "distinct_ip_src" : { "value" : 10 } } } But now, how to filter like a range distinct_ip_src.value (10 here) please ? query not working: (no hits reply) curl -XGET 'http://localhost:9200/logstash-2014.10.20/_search?search_type=count&pretty=true' -d '{ "size":9999999, "aggs": { "distinct_ip_src": { "cardinality": { "field": "IP_SRC"}}},"post_filter",{"query": {"range":{"distinct_ip_src.value":{"gt":9}}}}}' Tryed only "value": not work Tryed only "_value": not work Tryed only "term": not work size:0 : not better work Tryed removing "search_type=count": not work Best Regards @Rmkml -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/75edbbd1-7136-445d-889a-3f4d13d02e84%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
