[BUG] Patterns command returns empty result with wrong parameter #4866
Description
What is the bug?
Patterns command mistakenly passes the value of max_sample_count parameter to buffer_limit parameter.
There is also a wrong logic in final aggregation result calculation. When the buffer size is empty, it directly returns empty result. If the buffer size can be evenly divided by the number of rows hit, it will be always cleared before calculating final merged aggregation result. Then at that point, the empty aggregation result is returned to user query even though actual result is non-empty.
How can one reproduce the bug?
PUT any even number of documents to a test index.
source=ppl_logs_text_only | patterns text method=brain mode=aggregation max_sample_count=2 variable_count_threshold=3
What is the expected behavior?
Patterns command should return correct aggregation result.
What is your host/environment?
- OS: 3.3
Do you have any screenshots?
If applicable, add screenshots to help explain your problem.
Do you have any additional context?
Add any other context about the problem.