When you perform a pipeline aggregation in Elasticsearch, it applies a series of transformations or calculations to the results of one or more input aggregations. Here’s how it works:
1. Elasticsearch performs the input aggregations: Before performing the pipeline aggregation, Elasticsearch first performs one or more input aggregations to obtain the data to be transformed. These input aggregations can be any of the supported aggregation types, such as terms, date histograms, or range aggregations.
2. Elasticsearch applies the pipeline aggregations: Next, Elasticsearch applies the specified pipeline aggregations to the output of the input aggregations. These pipeline aggregations can perform a wide range of transformations, including arithmetic operations, statistical calculations, bucketing, filtering, and more.
3. Elasticsearch returns the transformed results: Once all pipeline aggregations have been applied, Elasticsearch returns the transformed results. The output of a pipeline aggregation can be a single value or a new set of buckets, depending on the type of aggregation.
For example, let’s say you have an index of customer orders, and each document has a “product” field that represents the product ordered, and a “price” field that represents the price of the product. You could perform a terms aggregation on the “product” field to group the orders by product, and a sum aggregation on the “price” field to calculate the total revenue for each product. You could then perform a pipeline aggregation to calculate the average revenue per product, by dividing the total revenue by the number of orders for each product.
Pipeline aggregations can be chained together to perform a series of transformations in a specific order. Elasticsearch applies the pipeline aggregations in the order specified in the request, and passes the output of each aggregation as input to the next aggregation in the chain.
Pipeline aggregations can be a powerful tool for performing complex calculations on your data, while also taking advantage of the powerful aggregation capabilities of Elasticsearch. By applying a series of transformations to the output of input aggregations, you can obtain new insights into your data that might not be possible with simple aggregations alone.