1

我有一个结构没有的索引。用户登录系统的次数如下:

[{
        "users_id": 5,
        "uname": "abcdef",
        "status": "active",
        "groups_id": 2,
        "user_login": [{
                "user_logins_id": 12,
                "users_id": 5,
                "success": "t",
                "type": "login",
                "date": "2017/01/02",
                "ip_address": "198.27.146.70"
            },
            {
                "user_logins_id": 13,
                "users_id": 5,
                "success": "t",
                "type": "logout",
                "date": "2017/01/02",
                "ip_address": "198.27.146.70"
            },
{
                "user_logins_id": 12,
                "users_id": 5,
                "success": "t",
                "type": "login",
                "date": "2017/01/03",
                "ip_address": "198.27.146.70"
            },
            {
                "user_logins_id": 13,
                "users_id": 5,
                "success": "t",
                "type": "logout",
                "date": "2017/01/03",
                "ip_address": "198.27.146.70"
            }
        ],
        "role": "Student"
    },
    {
        "users_id": 2,
        "uname": "xyz",
        "status": "active",
        "groups_id": 1,
        "user_login": [{
                "user_logins_id": 16,
                "users_id": 2,
                "success": "t",
                "type": "login",
                "date": "2017/01/05",
                "ip_address": "198.27.146.70"
            },
            {
                "user_logins_id": 17,
                "users_id": 5,
                "success": "t",
                "type": "logout",
                "date": "2017/01/06",
                "ip_address": "198.27.146.70"
            }
        ],
        "role": "Professor"
    }
]

问题:需要知道特定角色的用户登录给定日期范围的次数(按天计算的结果)。解决方案:我在 user_login.date 字段(嵌套文档)上应用了日期直方图,并在根级别的角色字段上应用了术语聚合(使用反向嵌套聚合),此外我还编写了一个嵌套聚合。日期直方图返回超过指定日期范围的子存储桶。

以下是我尝试过的查询:

 {
  "size": 0,
  "query": {
    "bool": {
      "must": [
        {
          "term": {
            "status.keyword": {
              "value": "active"
            }
          }
        },
        {
          "nested": {
            "path": "user_login",
            "query": {
              "bool": {
                "must": [
                  {
                    "range": {
                      "user_login.date": {
                        "from": "2017/01/02",
                        "to": "2017/01/02",
                        "include_lower": true,
                        "include_upper": true,
                        "format": "yyyy/MM/dd",
                        "boost": 1
                      }
                    }
                  },
                  {
                    "match": {
                      "user_login.type": "login"
                    }
                  }
                ]
              }
            }
          }
        }
      ]
    }
  },
  "aggs": {
    "histo": {
      "nested": {
        "path": "user_login"
      },
      "aggs": {
        "histogrammm": {
          "date_histogram": {
            "field": "user_login.date",
            "interval": "day"
          },
          "aggs": {
            "reverzzzwayyy": {
              "reverse_nested": {},
              "aggs": {
                "roles": {
                  "terms": {
                    "field": "role.raw",
                    "size": 10
                  },
                  "aggs": {
                    "logins1": {
                      "nested": {
                        "path": "user_login"
                      },
                      "aggs": {
                        "logins2": {
                          "filter": {
                            "bool": {
                              "must": [
                                {
                                  "range": {
                                    "user_login.date": {
                                      "from": "2017/01/02",
                                      "to": "2017/01/02",
                                      "include_lower": true,
                                      "include_upper": true,
                                      "format": "yyyy/MM/dd",
                                      "boost": 1
                                    }
                                  }
                                },
                                {
                                  "term": {
                                    "user_login.type": {
                                      "value": "login",
                                      "boost": 1
                                    }
                                  }
                                }
                              ]
                            }
                          }
                        }
                      }
                    }
                  }
                }
              }
            }
          }
        }
      }
    }
  }
}

即使对于“2017/01/03”,上述查询也会返回日期直方图子桶,这是错误的。有什么办法可以解决这个问题吗?

4

0 回答 0