Elasticsearch’s aggregations allow you to summarize the values in the fields for the documents that match the query. When you’re providing a search user interface, you use aggregations to provide values that your users can use to narrow their result sets. Elasticsearch can aggregate text fields or numeric fields. For numeric fields, you can apply functions like sum, average, min, and max. The ability to aggregate at multiple levels of nesting is the basis of Elasticsearch’s analytics capabilities, which we’ll explore in the next section. Try the following query:
GET movies/_search
{
"query": {
"match_all": {}
},
"aggs": {
"actor_count": {
"terms": {
"field": "actors.keyword",
"size": 10
},
"aggs": {
"average_rating": {
"avg": {
"field": "rating"
}
}
}
}
},
"size": 0
}
Your results will show you a set of buckets (aggs) for actors, along with a count of the movies they appear in. For each of these buckets, you will see a sub-bucket that averages the ratings field of these movies. This query also omits the hits by setting the size parameter to 0 to make it easier to see the aggregation results.
You can experiment with building aggregations of different types and with different sub-buckets.