How to Find the Max with Aggregations in Elasticsearch
Introduction
If you’re working with data in Elasticsearch, you’ll probably need to determine the maximum value in a dataset at some point. Metrics like min, max and average are often used when compiling statistics about prices, sales, and inventory. No matter what your intended purpose may be, finding the max of a field in Elasticsearch is a quick and easy task when you make use of aggregations. In this tutorial, you’ll learn how to find the max with aggregations in Elasticsearch. If you’re already familiar with the concept of aggregation and prefer to skip right to the sample code, feel free to jump ahead to Just the Code.
Use the max
Aggregation
Let’s look at an example of how you can find the max for a field using aggregation. We’ll use a sample index called store
, which represents a small grocery store. Our store
index contains a type called products
which lists all of the products in the store. We’ll keep our dataset simple by including just a handful of products with a small number of fields: id, price, quantity, and department. The JSON shown below can be used to create this dataset:
id | name | price | quantity | department |
---|---|---|---|---|
1 | Multi-Grain Cereal | 4.99 | 4 | Packaged Foods |
2 | 1lb Ground Beef | 3.99 | 29 | Meat and Seafood |
3 | Dozen Apples | 2.49 | 12 | Produce |
4 | Chocolate Bar | 1.29 | 2 | Packaged Foods, Checkout |
5 | 1 Gallon Milk | 3.29 | 16 | Dairy |
6 | 0.5lb Jumbo Shrimp | 5.29 | 12 | Meat and Seafood |
7 | Wheat Bread | 1.29 | 5 | Bakery |
8 | Pepperoni Pizza | 2.99 | 5 | Frozen |
9 | 12 Pack Cola | 5.29 | 6 | Packaged Foods |
10 | Lime Juice | 0.99 | 20 | Produce |
11 | 12 Pack Cherry Cola | 5.59 | 5 | Packaged Foods |
12 | 1 Gallon Soy Milk | 3.39 | 10 | Dairy |
13 | 1 Gallon Vanilla Soy Milk | 3.49 | 9 | Dairy |
14 | 1 Gallon Orange Juice | 3.29 | 4 | Juice |
The mapping is shown below:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | curl -H "Content-Type: application/json" -XPUT 127.0.0.1:9200/store -d ' { "mappings": {` "products": { "properties" : {` "name": { "type": "text"}, "price": { "type": "double"}, "quantity": { "type": "integer"}, "department": { "type": "keyword"} } } } } ' |
For our example, we’ll look at our store
index and find the product that has the highest price
. Since our dataset is small, we can glance at the data and see that the product with the highest price is “Cherry Cola”, which has a price of $5.59.
1 | 11| 12 Pack Cherry Cola | 5.59 | 5 | Packaged Foods |
We’ll use this knowledge later to confirm that our aggregator worked properly. The following code can be used to find the max:
1 2 3 4 5 6 7 8 9 10 11 | curl -H "Content-Type: application/json" -XGET "127.0.0.1:9200/store/products/_search?size=0&pretty" -d ' { "aggs": { "max_price": { "max": { "field": "price" } } } } ' |
Let’s take a closer look at what’s happening in this code. First, we used "aggs"
to create an aggregator, and we named our aggregator "max_price"
. We set the type for the aggregator to be "max"
, and we set the "field"
to "price"
. This tells Elasticsearch that we want to evaluate the field "price"
and find the max value of it. Note that the URL in our curl
command contains the parameter size=0
. Without this parameter, the query would return information on each individual product, instead of just the aggregate information we want. We also specified pretty
in our URL; this tells Elasticsearch to return our results in a readable, “pretty-printed” format with proper indentation.
Let’s see what the results have to say:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 | { "took" : 3, "timed_out" : false, "_shards" : { "total" : 5, "successful" : 5, "skipped" : 0, "failed" : 0 }, "hits" : { "total" : 14, "max_score" : 0.0, "hits" : [ ] }, "aggregations" : { "max_price" : { "value" : 5.59 } } } |
We can see that the max_price
has a value of $5.59, which is the value we found by examining our data earlier.
Finding the max value in a dataset is just one possible use of aggregation in Elasticsearch. You can also use aggregation to calculate max, average, weighted average, and much more. For more information on aggregation in Elasticsearch, see their documentation.
Conclusion
There are many situations where you may want to find the max for a field in Elasticsearch, so it’s important to know how to accomplish the task correctly. This tutorial outlined an easy way to use aggregration to find the max. With these step-by-step instructions, you’ll be able to add this simple computation to your search applications and get the information you need.
Just the Code
If you’re already familiar with the concept of aggregation, here’s all the code you’ll need to find the max with aggregations in Elasticsearch.
1 2 3 4 5 6 7 8 9 10 11 | curl -H "Content-Type: application/json" -XGET "127.0.0.1:9200/store/products/_search?size=0&pretty" -d ' { "aggs": { "max_price": { "max": { "field": "price" } } } } ' |
Pilot the ObjectRocket Platform Free!
Try Fully-Managed CockroachDB, Elasticsearch, MongoDB, PostgreSQL (Beta) or Redis.
Get Started