弹性搜索聚合超过顶点 [英] ElasticSearch Aggregation over Top Hits
本文介绍了弹性搜索聚合超过顶点的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我有以下数据:
{"action":"CREATE","docs":1,"date":"2016 Jun 26 12:00:12","userid":"1234"}
{"action":"REPLACE","docs":2,"date":"2016 Jun 27 12:00:12","userid":"1234"}
{"action":"REPLACE","docs":1,"date":"2016 Jun 27 13:00:12","userid":"1234"}
{"action":"CREATE","docs":1,"date":"2016 Jun 28 12:00:12","userid":"3431"}
{"action":"REPLACE","docs":2,"date":"2016 Jun 28 13:00:12","userid":"3431"}
{"action":"CREATE","docs":1,"date":"2016 Jun 29 12:00:12","userid":"9999"}
要按日期(降序)获取每个唯一用户订单的记录,我使用了如下所示的热门点击:
To get records for each unique user order by date(descending), I used Top Hits like the one below:
"aggs": {
"user_bucket": {
"terms": {
"field": "userid"
},
"aggs": {
"user_latest_count": {
"top_hits": {
"size": 1,
"sort": [
{
"data": {
"order": "desc"
}
}
],
"_source": {
"include": [
"docs"
]
}
}
}
}
}
}
上述查询结果如下:
{"action":"REPLACE","docs":1,"date":"2016 Jun 27 13:00:12","userid":"1234"}
{"action":"REPLACE","docs":2,"date":"2016 Jun 28 13:00:12","userid":"3431"}
{"action":"CREATE","docs":1,"date":"2016 Jun 29 12:00:12","userid":"9999"}
现在,我想进一步汇总,结果如下:
Now, I want to aggregate this further so that the result is as following:
{"sum_of_different_buckets": 4}
但不知道如何 SUM 从上面获得的结果中输入 docs 值。
But not sure how to SUM the field "docs" value from the result obtained above.
推荐答案
p>您还可以在聚合中任意嵌套聚合,以从数据中提取所需的汇总数据。
You can also nest aggregations inside aggregations arbitrarily to extract summarized data that you require from your data. May be below sample works.
"aggs" : {
"sum_of_different_buckets" : { "sum" : { "field" : "docs" } }
}
这篇关于弹性搜索聚合超过顶点的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
