[
https://issues.apache.org/jira/browse/METRON-1114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16158618#comment-16158618
]
ASF GitHub Bot commented on METRON-1114:
----------------------------------------
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/702
This is really good, thanks for the contribution! Are we intending (as a
follow-on activity), to enable something like top hits aggregation in here so
we can get the documents in the buckets back, or are we just expecting follow
on queries to be the norm?
At least for using the API, it seems like it would be nice to at least have
something rudimentary, but again, that's not a this PR thing.
> Add group by capabilities to search REST endpoint
> -------------------------------------------------
>
> Key: METRON-1114
> URL: https://issues.apache.org/jira/browse/METRON-1114
> Project: Metron
> Issue Type: New Feature
> Reporter: Ryan Merriman
> Assignee: Ryan Merriman
>
> We need a way to group search results. Instead of all search results being
> included in a single list, they would instead be grouped together based a
> list of fields. For example, if "ip_src_addr" was set to the groupBy field,
> all results with the same value for that field would be in a group together.
> All other search features would still apply to the groups including
> filtering, sorting and result set size.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
