Bucket aggregations are useful to analyze how the whole relates to its parts to gain better insight. They help in segmenting the data into smaller parts. Each type of bucket aggregation slices the data into different segments or buckets. Bucket aggregations are the most common type of aggregation used in any analysis process.
We will cover the following topics, keeping the network traffic data example at the center:
- Bucketing on string data
- Bucketing on numeric data
- Aggregating filtered data
- Nesting aggregations
- Bucketing on custom conditions
- Bucketing on date/time data
- Bucketing on geo-spatial data
Sometimes, we may need to bucket the data or segment the data based on a field that has a string datatype, typically keyword
typed fields in Elasticsearch. This is very common. Some examples of scenarios in which you may want to segment the data by a string typed field are:
- Segmenting the network traffic data per department
- Segmenting the network traffic data...