这个问题不是如何按多个字段做聚合,我们可以使用子聚合。
如果你懂SQL,我可以给你一个完美的解释:
SELECT SUM(SomeField1), MAX(SomeField2), MIN(SomeField3), AVG(SomeField4) FROM FooTable
GROUP BY Key1, Key2, Key3
我们可以在 Elasticsearch 中实现吗?
谢谢。
是的,您需要聚合 byKey1然后为Key2and添加两个子聚合Key3,最后为 per 添加一个度量子聚合SomeField*,基本上是这样的:
{
"size": 0,
"aggs": {
"key1": {
"terms": {
"field": "Key1"
},
"aggs": {
"key2": {
"terms": {
"field": "Key2"
},
"aggs": {
"key3": {
"terms": {
"field": "Key3"
},
"aggs": {
"somefield1": {
"sum": {
"field": "SomeField1"
}
},
"somefield2": {
"max": {
"field": "SomeField2"
}
},
"somefield3": {
"min": {
"field": "SomeField3"
}
},
"somefield4": {
"avg": {
"field": "SomeField4"
}
}
}
}
}
}
}
}
}
}
| 归档时间: |
|
| 查看次数: |
2644 次 |
| 最近记录: |