ElasticSearch聚集在排名靠前的

我有數據如下：ElasticSearch聚集在排名靠前的

{"action":"CREATE","docs":1,"date":"2016 Jun 26 12:00:12","userid":"1234"} 
{"action":"REPLACE","docs":2,"date":"2016 Jun 27 12:00:12","userid":"1234"} 
{"action":"REPLACE","docs":1,"date":"2016 Jun 27 13:00:12","userid":"1234"} 
{"action":"CREATE","docs":1,"date":"2016 Jun 28 12:00:12","userid":"3431"} 
{"action":"REPLACE","docs":2,"date":"2016 Jun 28 13:00:12","userid":"3431"} 
{"action":"CREATE","docs":1,"date":"2016 Jun 29 12:00:12","userid":"9999"}

按日期得到記錄每一個獨特的用戶順序（降序），我使用的排名靠前的像下面這樣：

"aggs": { 
      "user_bucket": { 
       "terms": { 
        "field": "userid" 
       }, 
       "aggs": { 
        "user_latest_count": { 
         "top_hits": { 
          "size": 1, 
          "sort": [ 
           { 
            "data": { 
             "order": "desc" 
            } 
           } 
          ], 
          "_source": { 
           "include": [ 
            "docs" 
           ] 
          } 
         } 
        } 
       } 
      } 
     }

上述查詢的結果如下：

{"action":"REPLACE","docs":1,"date":"2016 Jun 27 13:00:12","userid":"1234"} 
{"action":"REPLACE","docs":2,"date":"2016 Jun 28 13:00:12","userid":"3431"} 
{"action":"CREATE","docs":1,"date":"2016 Jun 29 12:00:12","userid":"9999"}

現在，我想進一步聚集會這樣的結果是如下：

{"sum_of_different_buckets": 4}

但不知道如何SUM領域的「文檔」從上面獲得的結果值。

來源

2016-07-05 SuperCoder

我不明白你想達到什麼目的。總結哪些文檔值？結果應該如何？ –

我編輯了這個問題，請現在檢查。基本上我需要比Top Hits聚合更高一級的聚合，這樣我才能得到字段「docs」的總和。 – SuperCoder

我不認爲這是可能的，因爲你想使用top_hits的輸出，並且此後的聚合不能用於其他聚合。難道你不能只在你自己的代碼/應用程序中完成總和嗎？ –

您還可以在聚合內任意嵌套聚合，以從數據中提取所需的彙總數據。可能低於樣本作品。

"aggs" : { 
    "sum_of_different_buckets" : { "sum" : { "field" : "docs" } } 
}

來源

2016-07-14 02:34:26

ElasticSearch聚集在排名靠前的

回答

相關問題