I'm using Elasticsearch 8.4.1 and I'm trying to return more than 10 buckets from this working query:

GET vaersdata_2/_search
{
  "aggs": {
    "age_died after_shot": {
        "multi_terms": {
        "terms": [{ 
          "field": "AGE_YRS"
        }, {
          "field": "DIED"
        }]
      }
    }
  }
}

So I added size into the mix, but after numerous failed attempts, it throws an error. This query didn't show errors in the console until I ran it:

GET vaersdata_2/_search
{
  "aggs": {
      "size": 0,
    "age_died after_shot": {
        "multi_terms": {
        "terms": [{ 
          "field": "AGE_YRS",
          "size" : 100
        }, {
          "field": "DIED"
        }]
      }
    }
  }
}

and then I get this error:

"type": "parsing_exception", "reason": "Aggregation definition for [size starts with a [VALUE_NUMBER], expected a [START_OBJECT].", "line": 3, "col": 15 }, "status": 400

I've seen size used as a solution for this using nested term queries, but how do I do this for an aggs, multi-terrms query?

CodePudding user response：

Tldr;

Quite close, but the size arguments is not place in the right spot.

Solution

GET vaersdata_2/_search
{
  "aggs": {
    "age_died after_shot": {
        "multi_terms": {
        "terms": [{ 
          "field": "AGE_YRS"
        }, {
          "field": "DIED"
        }],
        "size" : 100
      }
    }
  }
}

The following query has been tested with kibana 8.4.1

GET kibana_sample_data_ecommerce/_search
{
  "aggs": {
    "multi_bucket": {
      "multi_terms": {
        "size": 12,
        "terms": [{
          "field": "customer_first_name.keyword" 
        }, {
          "field": "customer_last_name.keyword"
        }]
      }
    }
  }
}