fel*_*enb 5 aggregation elasticsearch
我想通过“类别”字段中的不同键来汇总我的文档。这是两个文件:
"date": 1470271301,
"categories": {
"1": [blabla],
"2": [blala]
}
"date": 144343545,
"categories": {
"1": [blabla],
"2": [coco]
"3": [rat, saouth]
}
类别映射:
"categories" : {
"properties" : {
"1" : {
"type" : "long"
我想得到这样的东西:
"buckets" : [ {
"key" : "1",
"doc_count" : 2
}, {
"key" : "2",
"doc_count" : 2
{
"key" : "3",
"doc_count" : 1
}
在不更改文档映射的情况下,有什么好方法吗?
可以使用元字段 _field_names来达到此目的。
如下面的示例所示,对其运行聚合将为您提供文档计数。
例子 :
put test/test/1
{
"date": 1470271301,
"categories": {
"1": ["blabla"],
"2": ["blala"]
}
}
put test/test/2
{
"date": 144343545,
"categories": {
"1": ["blabla"],
"2": ["coco"],
"3": ["rat", "saouth"]
}
}
POST test/_search
{
"size": 0,
"aggs": {
"field_documents": {
"terms": {
"field": "_field_names",
"include" : "categories.*",
"size": 0
}
}
}
}
结果 :
"aggregations": {
"field_documents": {
"doc_count_error_upper_bound": 0,
"sum_other_doc_count": 0,
"buckets": [
{
"key": "categories",
"doc_count": 2
},
{
"key": "categories.1",
"doc_count": 2
},
{
"key": "categories.2",
"doc_count": 2
},
{
"key": "categories.3",
"doc_count": 1
}
]
}
}
| 归档时间: |
|
| 查看次数: |
123 次 |
| 最近记录: |