ES15-聚合

時間  2019-12-19
標籤 es15 聚合 欄目 設計模式 简体版
原文   原文鏈接

1.Terms Aggregation

分組聚合app

例子,先按照app分組,而後再按照sev分組ui

GET logstash-waf-logs-2018.09.21/_search
{
  "query": {
    "range": {
      "ctime": {
        "gte": 1537524000000
      }
    }
  },
  "size": 0,
  "aggs": {
    "apps": {
      "terms": {
        "field": "app.keyword"
      },
      "aggs": {
        "sevs": {
          "terms": {
            "field": "sev.keyword"
          }
        },
        "doc_count": {
          "value_count": {
            "field": "uuid.keyword"
          }
        }
      }
    }
  }
}

結果:spa

{
  "took": 2,
  "timed_out": false,
  "_shards": {
    "total": 5,
    "successful": 5,
    "skipped": 0,
    "failed": 0
  },
  "hits": {
    "total": 1334,
    "max_score": 0,
    "hits": []
  },
  "aggregations": {
    "apps": {
      "doc_count_error_upper_bound": 0,
      "sum_other_doc_count": 0,
      "buckets": [
        {
          "key": "H5",
          "doc_count": {
            "value": 797
          },
          "sevs": {
            "doc_count_error_upper_bound": 0,
            "sum_other_doc_count": 0,
            "buckets": [
              {
                "key": "高",
                "doc_count": 794
              },
              {
                "key": "中",
                "doc_count": 3
              }
            ]
          }
        },
        {
          "key": "licai",
          "doc_count": {
            "value": 428
          },
          "sevs": {
            "doc_count_error_upper_bound": 0,
            "sum_other_doc_count": 0,
            "buckets": [
              {
                "key": "高",
                "doc_count": 428
              }
            ]
          }
        },
        {
          "key": "chuzhika",
          "doc_count": {
            "value": 57
          },
          "sevs": {
            "doc_count_error_upper_bound": 0,
            "sum_other_doc_count": 0,
            "buckets": [
              {
                "key": "高",
                "doc_count": 55
              },
              {
                "key": "中",
                "doc_count": 2
              }
            ]
          }
        },
        {
          "key": "oms",
          "doc_count": {
            "value": 21
          },
          "sevs": {
            "doc_count_error_upper_bound": 0,
            "sum_other_doc_count": 0,
            "buckets": [
              {
                "key": "高",
                "doc_count": 21
              }
            ]
          }
        },
        {
          "key": "zhifu-app",
          "doc_count": {
            "value": 9
          },
          "sevs": {
            "doc_count_error_upper_bound": 0,
            "sum_other_doc_count": 0,
            "buckets": [
              {
                "key": "高",
                "doc_count": 9
              }
            ]
          }
        },
        {
          "key": "POS-DB",
          "doc_count": {
            "value": 8
          },
          "sevs": {
            "doc_count_error_upper_bound": 0,
            "sum_other_doc_count": 0,
            "buckets": [
              {
                "key": "高",
                "doc_count": 8
              }
            ]
          }
        },
        {
          "key": "kuaijiezhifu",
          "doc_count": {
            "value": 6
          },
          "sevs": {
            "doc_count_error_upper_bound": 0,
            "sum_other_doc_count": 0,
            "buckets": [
              {
                "key": "高",
                "doc_count": 5
              },
              {
                "key": "中",
                "doc_count": 1
              }
            ]
          }
        },
        {
          "key": "sso",
          "doc_count": {
            "value": 5
          },
          "sevs": {
            "doc_count_error_upper_bound": 0,
            "sum_other_doc_count": 0,
            "buckets": [
              {
                "key": "高",
                "doc_count": 5
              }
            ]
          }
        },
        {
          "key": "支付DB",
          "doc_count": {
            "value": 2
          },
          "sevs": {
            "doc_count_error_upper_bound": 0,
            "sum_other_doc_count": 0,
            "buckets": [
              {
                "key": "中",
                "doc_count": 2
              }
            ]
          }
        },
        {
          "key": "POS",
          "doc_count": {
            "value": 1
          },
          "sevs": {
            "doc_count_error_upper_bound": 0,
            "sum_other_doc_count": 0,
            "buckets": [
              {
                "key": "中",
                "doc_count": 1
              }
            ]
          }
        }
      ]
    }
  }
}

2.Filter Aggregation

過濾聚合code

相關文章
相關標籤/搜索
每日一句
    每一个你不满意的现在,都有一个你没有努力的曾经。
本站公眾號
   歡迎關注本站公眾號,獲取更多信息
聯繫我們 最近搜索 最新文章 沪ICP备13005482号-10 MyBatis教程 SQL 教程 MySQL教程 Java 教程 Thymeleaf 教程 Hibernate教程 Spring教程 Redis教程