5

我有以下查询获取 a 数据并创建过去一小时的聚合:

    query = {
        "query": {
            "bool": {          
                "must": [
                    { "term": {"deviceId":device} },
                    { "match": {"eventType":"Connected"} } 
                ],
                "must_not":[{
                        "query_string": {
                            "query": "Pong",
                            "fields": ["data.message"]
                        }
                    },
                ] 
            },

        },
        "size": 0,
        "sort": [{ "timestamp": { "order": "desc" }}],
        "aggs" : {
            "time_buckets" : {
                "date_histogram" : {
                    "field" : "timestamp",
                    "interval" : "hour",

                },
            }
        }
    }

我想从每个小时间隔(聚合创建的每个存储桶)中获取字段的平均值。在这篇文章中,他们谈到了与我想做的类似的事情: http ://www.elasticsearch.org/guide/en/elasticsearch/guide/current/_looking_at_time.html (“我们网站每小时的平均延迟是多少?上周?”)。但是,他们没有确切解释在这种情况下该怎么做。

有谁知道这是怎么做到的吗?

4

1 回答 1

11

刚刚意识到我可以进行嵌套聚合,然后计算聚合内字段的平均值。这是我所做的,现在可以正常工作:

 query = {
            "query": {
                "bool": {          
                    "must": [
                        { "term": {"deviceId":device} },
                        { "match": {"eventType":"Connected"} } 
                    ],
                    "must_not":[{
                            "query_string": {
                                "query": "Pong",
                                "fields": ["data.message"]
                            }
                        },
                    ] 
                },

            },
            "size": 0,
            "sort": [{ "timestamp": { "order": "desc" }}],
            "aggs" : {
                "time_buckets" : {
                    "date_histogram" : {
                        "field" : "timestamp",
                        "interval" : "day"
                    },
                    "aggs" : {
                        "avg_battery" : {
                            "avg": { "field": "data.battery-level" } 
                        }
                    }
                }
            }
        }
于 2015-02-12T23:32:15.297 回答