0
0
ElasticsearchConceptBeginner · 3 min read

What is Bucket Aggregation in Elasticsearch: Explained with Example

In Elasticsearch, bucket aggregation groups documents into buckets based on shared criteria, like terms or ranges. Each bucket contains documents that match the bucket's condition, allowing you to organize and analyze data by categories.
⚙️

How It Works

Bucket aggregation in Elasticsearch works like sorting mail into different boxes based on labels. Imagine you have a pile of letters and you want to group them by city. Each city becomes a bucket, and all letters addressed to that city go into that bucket.

Similarly, Elasticsearch groups documents into buckets based on a condition you set, such as a field's value or a range of values. Each bucket holds documents that meet that condition, letting you analyze data in groups rather than individually.

This helps you see patterns, like how many documents fall into each category or range, making it easier to summarize and understand large datasets.

💻

Example

This example shows how to group documents by the category field using a terms bucket aggregation.

json
{
  "size": 0,
  "aggs": {
    "categories": {
      "terms": {
        "field": "category.keyword"
      }
    }
  }
}
Output
{ "aggregations": { "categories": { "buckets": [ {"key": "books", "doc_count": 10}, {"key": "electronics", "doc_count": 7}, {"key": "clothing", "doc_count": 5} ] } } }
🎯

When to Use

Use bucket aggregation when you want to group your data into categories or ranges to analyze patterns or counts. For example, you can group sales by product type, count users by country, or segment logs by status codes.

This is helpful in dashboards, reports, and any situation where understanding data distribution is important.

Key Points

  • Bucket aggregation groups documents into buckets based on criteria.
  • Each bucket contains documents matching the bucket's condition.
  • Common bucket types include terms, range, date_histogram, and filters.
  • It helps summarize and analyze data by categories or ranges.

Key Takeaways

Bucket aggregation groups documents into buckets based on shared criteria.
It helps analyze data by categories or ranges instead of individual documents.
Common bucket types include terms, range, and date histogram aggregations.
Use bucket aggregation to summarize data distribution and patterns.
Bucket aggregation results include buckets with keys and document counts.

Related by keyword

How to Get a Document in Elasticsearch: Syntax and ExampleIndex and DocumentsHow to Index Document in Elasticsearch: Syntax and ExampleIndex and DocumentsWhat is Date Type in Elasticsearch: Explanation and ExampleMappingWhat is Keyword Type in Elasticsearch: Explanation and ExampleMappingWhat is Nested Type in Elasticsearch: Explanation and ExampleMapping

Up next

What is Token Filter in Elasticsearch: Explanation and ExampleWhat is Tokenizer in Elasticsearch: Explanation and ExampleFrom/size vs search_after vs scroll in Elasticsearch: Key Differences and UsageHow to Paginate Results in Elasticsearch: Syntax and Examples

More in Aggregations

How to Paginate Aggregation Results in ElasticsearchHow to Use avg Aggregation in ElasticsearchHow to Use Cardinality Aggregation in ElasticsearchHow to Use Composite Aggregation in Elasticsearch