elasticsearch聚合-从找到的文档返回数组列表

m0rkklqb 于 2021-06-13 发布在 ElasticSearch

关注(0)|答案(1)|浏览(355)

我正在使用聚合功能查询时间序列数据。要查询的数据具有分类性质。我首先使用日期直方图创建桶。从这些生成的bucket中，我希望从找到的文档中提取实际值，形成一个数组。
解决方案的一个变通方法可能是在aggs对象中推送hits对象。我也不知道怎么做。
查询：

GET elastiflow-*/_search
{
  "size": 10000,
  "sort": [
    {
      "@timestamp": {
        "order": "desc",
        "unmapped_type":"boolean"
      }
    }
  ],
  "_source": {
    "includes": ["time", "data" ]
  }
  , "query": {
    "bool": {
      "filter": {
        "range": {
          "@timestamp": {
            "gte": "now-2d/d",
            "lte": "now"
          }
        }
      }
    }
  }
  , "aggs": {
    "30secbuckets": {
      "date_histogram": {
        "field": "time",
        "fixed_interval": "30s"
      }
      , "aggs": {
        "average": {
            "terms": {
            "field": "data"
          }
        }
      }
    }
  }
}

谢谢！

elasticsearch aggregate-functions

来源：https://stackoverflow.com/questions/65198948/elasticsearch-aggregation-return-a-list-of-array-from-documents-found

1条答案

按热度按时间

wxclj1h51#

我想你在找 top_hits 度量聚合：

{
  "size": 0,
  "_source": false,
  "query": {
    "bool": {
      "filter": {
        "range": {
          "@timestamp": {
            "gte": "now-2d/d",
            "lte": "now"
          }
        }
      }
    }
  },
  "aggs": {
    "30secbuckets": {
      "date_histogram": {
        "field": "time",
        "fixed_interval": "30s"
      },
      "aggs": {
        "hits": {
          "top_hits": {
            "size": 100,
            "sort": [
              {
                "@timestamp": {
                  "order": "desc",
                  "unmapped_type": "boolean"
                }
              }
            ],
            "_source": {
              "includes": [
                "time",
                "data"
              ]
            }
          }
        },
        "average": {
          "terms": {
            "field": "data"
          }
        }
      }
    }
  }
}

赞(0）回复(0）举报 2021-06-13

我来回答

elasticsearch聚合-从找到的文档返回数组列表

1条答案

相关问题

热门标签

最新问答