curl -XPOST "100.98.210.20:9200/logstash-2018.10.17/_search?pretty" -d '
{ "size" : 0, 是否返回参考数据
"aggs": { 默认参数
"all_hostname": { 自定义返回名字
"terms":{ 默认
"size":200, 查询结果显示多少条
"field":"hostname" 聚合项
}
}
}
}'
源数据
{
"took":1505,
"timed_out":false,
"_shards":{
"total":20,
"successful":20,
"failed":0
},
"hits":{
"total":114409200,
"max_score":1,
"hits":[
{
"_index":"logstash-2018.10.16",
"_type":"ngix_13_log",
"_id":"AWZ6OpP8XYOz2dgYz_lS",
"_score":1,
"_source":{
"timestamp":"2018-10-16T08:15:50+08:00",
"remoteAddr":"100.117.117.38",
"forwardedip":"180.130.2.234, 118.178.15.252",
"status":"200",
"hostname":"apstuent2c.com",
"uri":"/app_2c/discoveryv3/findCourseTopicList",
"server_port":"80",
"request":"POST /app_2c/discoveryv3/findCourseTopicList HTTP/1.1",
"requestUri":"/app_2c/discoveryv3/findCourseTopicList",
"request_time":0.008,
"http_referer":"-",
"http_user_agent":"okhttp/3.9.0",
"body_bytes_sent":417,
"upstream_http_host":"10.26.97.5:80",
"upstream_response_time":"0.006",
"@version":"1",
"@timestamp":"2018-10-16T00:15:51.083Z",
"path":"/usr/local/nginx/logs/acess_appsdent2c.log",
"type":"nginx_153_log",
"kafka":{
"msg_size":680,
"topic":"rizhi_nginx",
"consumer_group":"logstash_el",
"partition":6,
"offset":6047185082,
"key":null
}
}
},
返回结果:
"aggregations" : {
"all_hostname" : {
"doc_count_error_upper_bound" : 0,
"sum_other_doc_count" : 614,
"buckets" : [ {
"key" : "apstdet2c.zhiushu.com",
"doc_count" : 63315744
}, {
"key" : "appsdent.zihishu.com",
"doc_count" : 48502113
}, {
"key" : "stdy.zhiuihu.com",
"doc_count" : 28878648
}, {