[英]How to calculate average using aggregated values in elasticsearch?
If this is a small portion of document looks like,如果这是文件的一小部分,
{ "metricName" : "call", "createdDate" : "2019-10-31T00:00:00.000Z", "responseCode: "200" }
{ "metricName" : "email", "createdDate" : "2019-10-31T00:00:00.000Z", "responseCode: "400" }
{ "metricName" : "chat", "createdDate" : "2019-10-31T00:00:00.000Z", "responseCode: "300" }
.
.
I need to do below operations in one query.我需要在一个查询中执行以下操作。
The aggregations API allows grouping by multiple fields, using sub-aggregations.聚合 API 允许使用子聚合按多个字段进行分组。 Suppose you want to group by fields field1, field2 and field3:假设您要按字段 field1、field2 和 field3 进行分组:
Your 1,2 and 3 questions are solved with this query.您的 1,2 和 3 问题已通过此查询解决。
POST /stackoverflow/_search?size=0
{
"query": {
"bool": {
"must": [
{
"match_phrase": {
"createdDate": {
"query": "2019-10-31T00:00:00.000Z",
"slop": 0,
"zero_terms_query": "NONE",
"boost": 1
}
}
},
{
"match_phrase": {
"responseCode": {
"query": "200",
"slop": 0,
"zero_terms_query": "NONE",
"boost": 1
}
}
},
{
"match_phrase": {
"metricName": {
"query": "call",
"slop": 0,
"zero_terms_query": "NONE",
"boost": 1
}
}
}
]
}
},
"aggr": {
"agg1": {
"terms": {
"field": "metricName",
"size": 10,
"order": [
{
"_count": "desc"
},
{
"_key": "asc"
}
]
}
},
"aggs": {
"agg2": {
"terms": {
"field": "createdDate",
"size": 10,
"order": [
{
"_count": "desc"
},
{
"_key": "asc"
}
]
}
}
}
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.