ElasticSearch:嵌套桶聚合
Cam*_*mon 6 elasticsearch kibana
我是 ElasticSearch 的新手,所以这个问题对你来说可能很微不足道,但我开始了:
我正在使用kibana_sample_data_ecommerce,哪些文档具有这样的映射
{
...
"order_date" : <datetime>
"taxful_total_price" : <double>
...
}
我想获得数据的基本日常行为:
期待这样的文件:
[
{
"qtime" : "00:00",
"mean" : 20,
"std" : 40
},
{
"qtime" : "01:00",
"mean" : 150,
"std" : 64
},
...
]
所以,我认为我需要做的过程是:
Group by day all records ->
Group by time window for each day ->
Sum all record in each time window ->
Cumulative Sum for each sum by time window, thus, I get behavior of a day ->
Extended_stats by the same time window across all days
可以这样表达:
但是我无法打开这些桶来处理这些统计信息。你能给我一些建议来做那个手术并得到那个结果吗?
这是我当前的查询(kibana 开发人员工具):
POST kibana_sample_data_ecommerce/_search
{
"size": 0,
"query": {
"bool": {
"must": [
{
"range": {
"order_date": {
"gt": "now-1M",
"lte": "now"
}
}
}
]
}
},
"aggs": {
"day_histo": {
"date_histogram": {
"field": "order_date",
"calendar_interval": "day"
},
"aggs": {
"qmin_histo": {
"date_histogram": {
"field": "order_date",
"calendar_interval": "hour"
},
"aggs": {
"qminute_sum": {
"sum": {
"field": "taxful_total_price"
}
},
"cumulative_qminute_sum": {
"cumulative_sum": {
"buckets_path": "qminute_sum"
}
}
}
}
}
}
}
}
以下是获取扩展统计数据的方法:
{
"size": 0,
"query": {
"bool": {
"must": [
{
"range": {
"order_date": {
"gt": "now-4M",
"lte": "now"
}
}
}
]
}
},
"aggs": {
"by_day": {
"date_histogram": {
"field": "order_date",
"calendar_interval": "day"
},
"aggs": {
"by_hour": {
"date_histogram": {
"field": "order_date",
"calendar_interval": "hour"
},
"aggs": {
"by_taxful_total_price": {
"extended_stats": {
"field": "taxful_total_price"
}
}
}
}
}
}
}
}
屈服
| 归档时间: |
|
| 查看次数: |
189 次 |
| 最近记录: |