I have a field cid that I need to find the distinct values of.
But I want those cid that satisfy my date range constraint. What I mean is, I want distinct cid that were added to my Elasticsearch Database during the given time range.

I have tried many approaches, most of them just return all values and don’t aggregate.

{
    "aggs": {
        "daterange": {
            "range": {
                "field": "@timestamp",
                "ranges": [
                        {"from": "2019-05-02", "to": "2019-05-03"}
                    ]
            },
            "aggs": {
                "result": {
                    "terms": {
                        "field": "cid.keyword"
                    }
                }
            }
        }
    },
    "_source":"cid"
}

I expect the distinct values of cid but what I get is all values that comply with the time range.

Update:

Val’s answer works after changing my URL from /index/search?size=100 to /index/search

You need to do it this way, i.e. add the date range as a query to reduce the document set, and then run the terms aggregation only on the documents that fall into that date range:

{
  "size": 0,
  "query": {
    "range": {
      "@timestamp": {
        "gte": "2019-05-02",
        "lt": "2019-05-03"
      }
    }
  },
  "aggs": {
    "result": {
      "terms": {
        "field": "cid.keyword"
      }
    }
  }
}

6