Bucket aggregations segment the data in question (defined by the query context) into various buckets that are identified by the buckets key. Bucket aggregation evaluates each document in the context by deciding which bucket it falls into. At the end, bucket aggregation has a set of distinct buckets with their respective bucket keys and documents that fall into those buckets.

For people who are coming from an SQL background, a query that has GROUP BY, such as the following query, does the following with bucket aggregations:

SELECT column1, count(*) FROM table1 GROUP BY column1;

This query divides the table by the different values of column 1 and returns a count of documents within each value of column 1. This is an example of bucket aggregation. There are many different types of bucket aggregation supported by Elasticsearch, all of which we will go through in this chapter.

Bucket aggregations can be present on the top or outermost level in an aggregation query. Bucket aggregations can also be nested inside other bucket aggregations.