elasticsearch-plugin

问题 I am having trouble using sprintf to reference the event fields in the elasticsearch output plugin and I'm not sure why. Below is the event received from Filebeat and sent to Elasticsearch after filtering is complete: { "beat" => { "hostname" => "ca86fed16953", "name" => "ca86fed16953", "version" => "6.5.1" }, "@timestamp" => 2018-12-02T05:13:21.879Z, "host" => { "name" => "ca86fed16953" }, "tags" => [ [0] "beats_input_codec_plain_applied", [1] "_grokparsefailure" ], "fields" => { "env" =>

问题 I have been trying to add pagination in elasticsearch term aggregation. In query we can add the pagination like, { "from": 0, // to add the start to control the pagination "size": 10, "query": { } } this is pretty clear, but when I want to add pagination to aggregation, I read a lot about it, but I couldn't find anything, My code looks like this, { "from": 0, "size": 0, "aggs": { "group_by_name": { "terms": { "field": "name", "size": 20 }, "aggs": { "top_tag_hits": { "top_hits": { "size": 1 }