弹性搜索中的Date_Histogram
[英]Date_Histogram in elastic search
问题描述
Today I had a task where I have to aggregate the data bucketed by 1 hour interval. 
今天我有一个任务,我必须汇总1小时间隔的数据。 So I used Date_Histogram aggregation in elastic search. 所以我在弹性搜索中使用了Date_Histogram聚合。 Below is the query: 以下是查询:
GET test-2017.02.01/_search
{
"size" : 0,
"aggs": {
"range_aggs": {
"date_histogram": {
"field": "@timestamp",
"interval": "hour",
"format": "yyyy-MM-dd HH:mm"
}
}
}
}
I got the below result: 我得到了以下结果:
"aggregations": {
"range_aggs": {
"buckets": [
{
"key_as_string": "2017-02-01 12:00",
"key": 1485950400000,
"doc_count": 4027
},
{
"key_as_string": "2017-02-01 13:00",
"key": 1485954000000,
"doc_count": 0
}
]
}
}
Every is good till now as I have run this query for one day, but when I run the query for multiple days in that case, I am getting the keys per day. 由于我已经运行了一天这个查询,所以每个都很好,但是当我在这种情况下运行查询多天时,我每天都会得到密钥。 My question is - How can I get the data for the hour intervals(ex- 9am to 10am, 10am to 11am, ...etc) across all the days ? 我的问题是 - 如何获取所有日子的小时间隔(上午9点到上午10点,上午10点到上午11点,等等)的数据?
1 个解决方案
解决方案1
0 2018-09-19 05:10:24
{
"aggs": {
"range_aggs": {
"date_histogram": {
"field": "@timestamp",
"interval": "day",
"min_doc_count": 1
},
"aggs": {
"range_aggs": {
"date_histogram": {
"field": "@timestamp",
"interval": "hour"
}
}
}
}
}
}
If you need response grouped by hour, on across days, try this one. 如果您需要按小时分组的响应,请在不同日期尝试此操作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.