聚合多个字段的弹性搜索查询
Aggregate Elastic search query for multiple fields
我正在编写一个弹性搜索查询,负载看起来像
"userData": [
{
"subject1":1234,
"subject2":678
}
]
我写了一个查询,如果我想获得单个字段的平均值,它可以很好地工作
查询:
{
"aggs": {
"student_data": {
"date_histogram": {
"field":"@timestamp",
"calendar_interval":"minute"
},
"aggs": {
"marks_avg": {
"avg": {
"field":"subject1"
}
}
}
}
}
}
我想要的是也得到subject2的平均值。
有点像:
"avg": {
"field":"subject1",
"field":"subject2"
}
使用多个聚合的查询应该有效:
{
"aggs": {
"student_data": {
"date_histogram": {
"field":"@timestamp",
"calendar_interval":"minute"
},
"aggs": {
"subject1_avg": {
"avg": {
"field":"subject1"
}
},
"subject2_avg": {
"avg": {
"field":"subject2"
}
}
}
}
}
}
我正在编写一个弹性搜索查询,负载看起来像
"userData": [ { "subject1":1234, "subject2":678 } ]
我写了一个查询,如果我想获得单个字段的平均值,它可以很好地工作
查询:
{
"aggs": {
"student_data": {
"date_histogram": {
"field":"@timestamp",
"calendar_interval":"minute"
},
"aggs": {
"marks_avg": {
"avg": {
"field":"subject1"
}
}
}
}
}
}
我想要的是也得到subject2的平均值。
有点像:
"avg": {
"field":"subject1",
"field":"subject2"
}
使用多个聚合的查询应该有效:
{
"aggs": {
"student_data": {
"date_histogram": {
"field":"@timestamp",
"calendar_interval":"minute"
},
"aggs": {
"subject1_avg": {
"avg": {
"field":"subject1"
}
},
"subject2_avg": {
"avg": {
"field":"subject2"
}
}
}
}
}
}