WARNING: The 2.x versions of Elasticsearch have passed their EOL dates. If you are running a 2.x version, we strongly advise you to upgrade.
This documentation is no longer maintained and may be removed. For the latest information, see the current Elasticsearch documentation.
Like the query DSL, aggregations have a composable syntax: independent units of functionality can be mixed and matched to provide the custom behavior that you need. This means that there are only a few basic concepts to learn, but nearly limitless combinations of those basic components.
To master aggregations, you need to understand only two main concepts:
- Collections of documents that meet a criterion
- Statistics calculated on the documents in a bucket
That’s it! Every aggregation is simply a combination of one or more buckets and zero or more metrics. To translate into rough SQL terms:
Buckets are conceptually similar to grouping in SQL, while metrics are similar
MAX(), and so forth.
Let’s dig into both of these concepts and see what they entail.