[Feature Request] IP prefix aggregation

Is your feature request related to a problem? Please describe

I would like to aggregate IPs by prefix. For example Ingress logs with different IP addresses inside some Ingress logs. I want to aggregate the IP by perfix like v6 with /64 and v4 with /32 to get the count how often a ip net has requested some ingress route.

Describe the solution you'd like

I would like a solution similar to elasticsearch but without the difference between IPv6 and IPv4. In our case the IPs are in the same filed and not separated. Therefore I expect a bucket aggregation where IPv4 and IPv6 are listed together, sorted by there count.

To be more detailed:

PUT network-traffic
{
  "mappings": {
    "properties": {
       "request_ip": { "type": "ip" }
    }
  }
}

GET /network-traffic/_search
{
  "size": 0,
  "aggs": {
    "ip-subnets": {
      "ip_prefix": {
        "field": "request_ip",
        "ipv4": {
          "prefix_length": 24
        },
        "ipv6": {
          "prefix_length": 64
        }
      }
    }
  }
}

{
  ...

  "aggregations": {
    "ip-subnets": {
      "buckets": [
        {
          "key": "192.168.1.0",
          "doc_count": 4,
          "prefix_length": 24
        },
        {
          "key": "2001:db8:a4f8:112a::",
          "doc_count": 4,
          "prefix_length": 64
        },
        {
          "key": "192.168.2.0",
          "doc_count": 3,
          "prefix_length": 24
        },
        {
          "key": "2001:db8:a4f8:112c::",
          "doc_count": 3,
          "prefix_length": 64
        },
        {
           "key": "192.168.3.0",
           "doc_count": 2,
           "prefix_length": 24
        },
        {
          "key": "2001:db8:a4f8:114f::",
          "doc_count": 2,
          "prefix_length": 64
        }
      ]
    }
  }
}

Related component

Search:Aggregations

Describe alternatives you've considered

No response

Additional context

No response

opensearch-project / OpenSearch