elasticsearch - Query to find the average number of entries for the given hour range -
i have below-given query should find average number of entries given hour range, i.e. 15:00 16:00.
this query not working properly. how can indicate hour range (without date) , find average number of entries per range?
post /myindex/_search { "size": 0, "query": { "bool": { "filter": [ {"term": {"eventid": "11"}}, {"term": {"eventtype": "type1"}} ] } }, "aggs": { "range": { "date_range": { "field": "datetime", "ranges": [ { "from": "16:00-1h/h", "to": "16:00/h" } ] } } } } should use moving average? how?
i tried this, appreciate if can me finish query. don't know if "value_count" : { "field" : "eventhour"} correct way count number of entries. how can add range of hours in query?:
post /myindex/_search { "size": 0, "query": { "bool": { "filter": [ {"term": {"eventid": "11"}}, {"term": {"eventtype": "type1"}}, { "script": { "script": "doc.date.date.gethourofday() >= min && doc.date.date.gethourofday() <= max", "params": { "min": 15, "max": 16 } } } ] } }, "aggs": { "hourly_intensity": { "date_histogram": { "field": "datetime", "interval": "hour" }, "aggs": { "count_of_events": { "value_count" : { "field" : "eventhour"} } } }, "hourly_avg_count": { "avg_bucket": { "buckets_path": "hourly_intensity>count_of_events" } } } }
i found solution myself:
post /myindex/_search { "size": 0, "query": { "bool": { "filter": [ {"term": {"eventid": "11"}}, {"term": {"eventtype": "type1"}}, {"term": {"eventhour": 15}} ] } }, "aggs": { "hourly_intensity": { "date_histogram": { "field": "datetime", "interval": "hour" }, "aggs": { "count_of_events": { "value_count" : { "field" : "eventhour"} } } }, "avg_num_events_per_hour": { "avg_bucket": { "buckets_path": "hourly_intensity>count_of_events" } } } } 
Comments
Post a Comment