如何过滤计数器小于Kibana中的参数? [英] How can I filter the counter less than a parameter in Kibana?
问题描述
我有一个与此类似的问题:如何过滤一个字段,使其比在Kibana上的计数器更大? https://github.com/elastic/kibana/issues/9684
I have a question similar to this: How can I filter a field greater than a counter on Kibana? https://github.com/elastic/kibana/issues/9684
在此链接上有一个完美的答案:您需要在Json Input Advanced Bucket Option上使用"{'min_doc_count':X}".完美,它的运行方式与我想要的完全一样,只是因为我想要相反的内容,例如"max_doc_count".
On this link there is a perfect answer: You need use "{'min_doc_count': X}" on your Json Input Advanced Bucket Option. Perfect, It runs exactly like I want, except because I want the oposite, something like "max_doc_count".
令我惊讶的是,这个选项不存在……有人知道"max_doc_count"的含义是什么?
For my surprise, this options doesn't existis... Some one knows what would be the "max_doc_count" equivalent of?
在SQL中将类似于:GROUP BY my_field HAVING COUNT(*)< 3
In SQL would be something like: GROUP BY my_field HAVING COUNT(*) < 3
谢谢.
推荐答案
The correct way of doing this in ES is to use a bucket_selector pipeline aggregation with the special _count path.
POST /_search
{
"size": 0,
"aggs": {
"my_terms": {
"terms": {
"field": "my_field.keyword"
},
"aggs": {
"max_doc_count": {
"bucket_selector": {
"buckets_path": {
"count": "_count"
},
"script": {
"source": "params.count < 3"
}
}
}
}
}
}
}
结果中,my_terms聚合将仅包含文档计数为< 3.无需订购任何东西或对您的应用程序进行编程以忽略任何东西.
In the results, the my_terms aggregations will only contain buckets where the document count is < 3. No need to order anything or to program your application to ignore anything.
这篇关于如何过滤计数器小于Kibana中的参数?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
