aggregation_search_group
Groups objects by a specified field to analyze aggregated vulnerability or endpoint data and uncover patterns.
Instructions
aggregation · POST /aggregation/searchGroup — Group objects by stuff. Required: objectName, q, from, size, group.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| objectName | No | query param objectName (str) | |
| q | No | query param q (str) | |
| sort | No | query param sort (str) | |
| includeOriginalDoc | No | query param includeOriginalDoc (bool) | |
| excludeFields | No | query param excludeFields (str) | |
| includeFields | No | query param includeFields (str) | |
| sumLastSubAggregationBuckets | No | query param sumLastSubAggregationBuckets (int) | |
| subAggregationLevel | No | query param subAggregationLevel (int) | |
| newParser | No | query param newParser (bool) | |
| minDocCount | No | query param minDocCount (int) | |
| from_ | No | query param from (int) | |
| size | No | query param size (int) | |
| group | No | query param group (str) | |
| totalBy | No | query param totalBy (str) | |
| aggrUseMaxSize | No | query param aggrUseMaxSize (bool) | |
| body | No | JSON request body |