使用 ElasticSearch,我想获取一段时间内某个字段的总和,并过滤其他字段的值。
我定义了这个映射:
PUT match-orders
{
"settings" : {
"number_of_shards" : 1,
"number_of_replicas" : 0
},
"mappings": {
"order": {
"_all": {"enabled": false},
"properties": {
"matchTime": {"type": "date", "index": "true"},
"product_id": {"type": "keyword", "index": "true"},
"size": {"type": "float", "index": "true"},
"price": {"type": "float", "index": "true"},
"side": {"type": "keyword", "index": "true"}
}
}
}
}
我可以得到一个范围的总和:
POST /match-orders/_search?pretty
{
"aggs" : {
"price_ranges" : {
"range" : {
"field" : "matchTime",
"ranges" : [
{ "from" : "2017-09-10T18:00:00Z", "to" : "2017-09-10T18:15:00Z" }
]
},
"aggs" : {
"result" : { "sum" : { "field" : "size" } }
}
}
}
}
我可以获得包含特定术语的文档:
POST /match-orders/_search?pretty
{
"query": {
"term" : { "side" : "sell" }
}
}
但是我怎样才能结合这两个查询呢?
谢谢 :)
您只需将查询与聚合合并,如下所示:
POST /match-orders/_search?pretty
{
"query": {
"term" : { "side" : "sell" }
},
"aggs" : {
"price_ranges" : {
"range" : {
"field" : "matchTime",
"ranges" : [
{ "from" : "2017-09-10T18:00:00Z", "to" : "2017-09-10T18:15:00Z" }
]
},
"aggs" : {
"result" : { "sum" : { "field" : "size" } }
}
}
}
}
| 归档时间: |
|
| 查看次数: |
9271 次 |
| 最近记录: |