Wow. Have to upgrade ES from 0.9 to 1.x.
Thank you.
On Friday, February 14, 2014 1:08:30 PM UTC+4, Adrien Grand wrote:
>
> This is typically something that you can do using a terms aggregation[1].
> It would look something like:
>
> {
> "aggs" : {
> "top_ips" : {
> "terms" : {
> "field" : "ip_address", // <- change field name accordingly
> "min_doc_count": 100
> }
> }
> }
> }
>
> [1]
> http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/search-aggregations-bucket-terms-aggregation.html
>
>
> On Fri, Feb 14, 2014 at 7:11 AM, Anton T <at16...@gmail.com
> <javascript:>>wrote:
>
>> Hello, I have an apache log in ES and I want to get top daily IPs having
>> hit count > 100, for example. Tried to use scripting but i have no idea how
>> to get to 'count' value of a term. Any advice?
>> Thank you.
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "elasticsearch" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to elasticsearc...@googlegroups.com <javascript:>.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/elasticsearch/e80ef007-1897-4a03-b5d9-79ce123af8d6%40googlegroups.com
>> .
>> For more options, visit https://groups.google.com/groups/opt_out.
>>
>
>
>
> --
> Adrien Grand
>
--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/e55b75fe-8fc2-4478-ba7d-007cf471691d%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
