ElasticSearch Aggregation over Top Hits

后端 未结 2 1704
我在风中等你
我在风中等你 2021-01-17 20:47

I have data as following:

{\"action\":\"CREATE\",\"docs\":1,\"date\":\"2016 Jun 26 12:00:12\",\"userid\":\"1234\"}
{\"action\":\"REPLACE\",\"docs\":2,\"date\         


        
相关标签:
2条回答
  • 2021-01-17 21:09

    You can also nest aggregations inside aggregations arbitrarily to extract summarized data that you require from your data. May be below sample works.

    "aggs" : {
        "sum_of_different_buckets" : { "sum" : { "field" : "docs" } }
    }
    
    0 讨论(0)
  • 2021-01-17 21:19

    You can have other aggregation on a parallel level of top_hit but you cannot have any sub_aggregation below top_hit. It is not supported by elasticsearch. here is the link to github issue

    But if you want to have sum at the same level, you may use the approach below.

    "aggs": {
        "top_hits_agg": {
            "top_hits": {
                "size": 10,
                "_source": {
                  "includes": ["docs"]
                }
            }
        },
        "sum_agg": {
            "sum": {
                "field": "docs"
            }
        }
    }
    
    0 讨论(0)
提交回复
热议问题