elasticsearch-aggregation

Can ElasticSearch aggregations do what SQL can do?

…衆ロ難τιáo~ 提交于 2019-12-11 04:33:05
问题 In Elasticsearch I need get the frequency and the number of colors that occur the most frequent from the highest to lowest. If I have data like this: id|name ---------- 1|blue ---------- 2|blue ---------- 3|green ---------- 4|yellow ---------- 5|blue ---------- 6|yellow ---------- 7|purple ---------- 8|purple ---------- 9|purple I need to get the count of each color and then group by the count. So in the end, I would like all the colors that occurs the same number of times to be inside one

elasticsearch aggregations separated words

风格不统一 提交于 2019-12-11 03:59:32
问题 I simply run an aggregations in browser plugin(marvel) as you see in picture below there is only one doc match the query but aggregrated separated by spaces but it doesn't make sense I want aggregrate for different doc.. ın this scenario there should be only one group with count 1 and key:"Drow Ranger". What is the true way of do this in elasticsearch.. 回答1: It's probably because your heroname field is analyzed and thus "Drow Ranger" gets tokenized and indexed as "drow" and "ranger". One way

“reverse cardinality” in elasticsearch?

别说谁变了你拦得住时间么 提交于 2019-12-11 00:58:53
问题 Suppose I have a mapping that stores trips people made, and a field in that mapping that is the user id. For instance: "trip": { "destination": { "type": "string" }, "departure_date": { "type": "date" }, "return_date": { "type": "date" }, "user_id": { "type": "integer" } } I'm trying to make a query that will return amount of trips (entries with this mapping) bucketed by amount of people (user_id). For example, it would return something like this: amount of trips | people --------------------

Sort elasticsearch aggregation buckets by text field

删除回忆录丶 提交于 2019-12-10 12:27:03
问题 I'm trying to sort the result buckets of an elasticsearch aggregation. I have a large set of documents: "mappings": { "properties": { "price": { "type": "double" }, "product_name": { "type": "text" }, "product_id": { "type": "keyword" }, "timestamp": { "type": "date" } } } What I'm currently doing is getting the latest sell for each product_id using composite and top_hits aggregations: { "query": { "bool": { "filter": [ { "range": { "timestamp": { "gte": "2019-10-25T00:00:00Z", "lte": "2019

Is it possible to put the results of an ElasticSearch aggregation back into the index?

↘锁芯ラ 提交于 2019-12-09 00:41:19
问题 So I have an index with ping data from host A to host B and my data looks like this: { "@version" => "1", "@timestamp" => "2014-07-17T21:17:34.030Z", "host" => "host_a", "to_host" => "host_b", "value" => "25.6", "from_host" => "host_a", "stat_type" => "ping" } The goal is to also store 90th percentile data for the value of the ping ("value" in the above) on a moving window e.g. last hour, last day etc. I know I can do this with an aggregation but my question is as follows: Does ElasticSearch

match_query inside script? [elasticsearch]

百般思念 提交于 2019-12-08 18:03:28
问题 I have a quite complex aggregation, its complexity is caused by absence of has_parent aggregation. Since so it's implemented using groovy. The only problem I have is to filter docs being counted in the aggregation. Aggregation looks like this: https://gist.github.com/serj-p/c4fcc9810b3b627de294 the aim of this aggregation is to build the top of universities contacts are graduated from. A contact doc has child docs, which are facebook profiles. Last ones have nested fields representing

Count of unique aggregration doc_count in ElasticSearch

戏子无情 提交于 2019-12-08 08:22:56
问题 Using ElasticSearch 7.0, I can get how many log I have for each user with an aggregation : "aggs": { "by_user": { "terms": { "field": "user_id", } } } This returns me something like: user32: 25 user52: 20 user10: 20 ... What I would like is to know how many user have 25 logs, and how many user have 20 logs etc. The ideal result would be something like : 25: 1 20: 2 19: 4 12: 54 Because 54 users have 12 logs lines. How can I make an aggregation that returns this result ? 回答1: It sounds like

Elastic Search Aggregate into buckets on conditions

坚强是说给别人听的谎言 提交于 2019-12-06 20:50:32
I am starting out with Elastic Search, and am stuck at trying to do some aggregation. Basically, I have a data set consisting of data in the following form: { "name": "The Chef Restaurant", "city": "New York", "state": "New York", "rating": "GOOD", "type": "Continental" } Now, I want to do some aggregation and get all the Continental restaurants, Good restaurants, Restaurants in New York in one query. Note that I don't want the count of all types of restaurants, I just want the count of the specific types. Also, these aggregations are mutually independent. That is, when I say GOOD, I don't

Elasticsearch aggregation turns results to lowercase

只愿长相守 提交于 2019-12-02 10:21:56
问题 I've been playing with ElasticSearch a little and found an issue when doing aggregations. I have two endpoints, /A and /B . In the first one I have parents for the second one. So, one or many objects in B must belong to one object in A. Therefore, objects in B have an attribute "parentId" with parent index generated by ElasticSearch. I want to filter parents in A by children attributes of B. In order to do it, I first filter children in B by attributes and get its unique parent ids that I'll

Elasticsearch aggregation turns results to lowercase

半世苍凉 提交于 2019-12-02 08:58:54
I've been playing with ElasticSearch a little and found an issue when doing aggregations. I have two endpoints, /A and /B . In the first one I have parents for the second one. So, one or many objects in B must belong to one object in A. Therefore, objects in B have an attribute "parentId" with parent index generated by ElasticSearch. I want to filter parents in A by children attributes of B. In order to do it, I first filter children in B by attributes and get its unique parent ids that I'll later use to get parents. I send this request: POST http://localhost:9200/test/B/_search { "query": {
订阅 elasticsearch-aggregation