java - Output of Elasticsearch query results -
there query elasticsearch database 6 aggregations. required every first aggregation namely ip address deduce data database. is, source ip address ip address, icmp-request, icmp.response, bytes_in, bytes_out. assume array of ip addresses , array of elements of separate class (with necessary data). how bypass aggregations create these arrays 6 nested cycles not want to. maybe knows how elasticsearch. or how crawl data on parameters without elasticsearch.
searchresponse response = client.preparesearch("packetbeat-*").settypes("dns") .setquery(querybuilders.boolquery() .must(querybuilders.rangequery("@timestamp").gte("now-18d").lt("now-3d")) .addaggregation(aggregationbuilders .terms("client_ip") .field("client_ip") .subaggregation(aggregationbuilders.terms("ip").field("ip") .subaggregation(aggregationbuilders.terms("icmp.request.type").field("icmp.request.type")) .subaggregation(aggregationbuilders.terms("icmp.response.type").field("icmp.response.type")) .subaggregation(aggregationbuilders.sum("bytes_in").field("bytes_in")) .subaggregation(aggregationbuilders.sum("bytes_out").field("bytes_out"))))
Comments
Post a Comment