如何在 Elasticsearch 中过滤聚合结果?
[英]How to filter aggregation results in Elasticsearch?
问题描述
I have an Elasticsearch index "sessions" with two fields:
我有一个包含两个字段的 Elasticsearch 索引“会话”:
"user_id" : {
"type" : "keyword"
},
"login_at" : {
"type" : "date"
}
Every time a user logs in, a new record is created with user_id and current timestamp.每次用户登录时,都会使用 user_id 和当前时间戳创建一条新记录。
I want to list all users who have not logged in for a week.我想列出所有一周未登录的用户。 I know how to get the last login time for each user with:我知道如何通过以下方式获取每个用户的最后登录时间:
GET sessions/_search
{
"size": 0,
"aggs": {
"user_aggs": {
"terms": {
"field": "user_id",
"order": {
"last_access": "asc"
}
},
"aggs": {
"last_access": {
"max": {
"field": "login_at"
}
}
}
}
}
}
The above query lists all users and their last login time.上述查询列出了所有用户及其上次登录时间。
How can I filter the "last_access" field to values that are smaller than now-7d?如何将“last_access”字段过滤为小于 now-7d 的值?
1 个解决方案
解决方案1
1 2020-09-06 18:13:22
Ok, I was able to resolve this.好的,我能够解决这个问题。 Here is the query:这是查询:
GET sessions/_search
{
"size": 0,
"aggs": {
"user_aggs": {
"terms": {
"field": "user_id",
"size": 1000,
"order": {
"last_access": "asc"
}
},
"aggs": {
"last_access": {
"max": {
"field": "login_at"
}
},
"users_filtered": {
"bucket_selector": {
"buckets_path": {
"key": "last_access"
},
"script": "params.key < a_timestamp"
}
}
}
}
}
}
The a_timestamp variable has to be sent from the application, but that is ok.必须从应用程序发送 a_timestamp 变量,但这没关系。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.