我想获取子聚合。
"size" :0 ,
"aggs": {
"classification of day": {
"date_histogram": {
"field": "ALARM DATE",
"format" : "dd/MM/yyyy",
"interval": "day"
},
"aggs": {
"classification1": {
"terms": {
"field": "CLASSIFICATION",
"keyed":true
}
}
}
}
}
above json query returns the following output.
"aggregations": {
"classification of day": {
"buckets": [
{
"key_as_string": "25/02/2016",
"key": 1456358400000,
"doc_count": 166,
"classification1": {
"doc_count_error_upper_bound": 0,
"sum_other_doc_count": 0,
"buckets": [
{
"key": "attack",
"doc_count": 58
},
{
"key": "compromise",
"doc_count": 30
},
{
"key": "error",
"doc_count": 24
},
{
"key": "reconnaissance",
"doc_count": 20
},
{
"key": "suspicious",
"doc_count": 19
},
{
"key": "warning",
"doc_count": 14
},
{
"key": "misuse",
"doc_count": 2
}
]
}
},
{
"key_as_string": "26/02/2016",
"key": 1456444800000,
...
我试过的 Java 代码,
String aggregations1 = "CLASSIFICATION";
String field1 = "ALARM DATE";
DateHistogramInterval interval1 = DateHistogramInterval.DAY;
SearchResponse response = client.prepareSearch(index).setTypes(type)
.addAggregation(AggregationBuilders.dateHistogram("classification of day").field(field1)
.interval(interval1).format("dd/MM/yyyy")
.subAggregation(AggregationBuilders.terms("terms").field(aggregations1)))
.execute().actionGet();
Iterator<Aggregation> iter = response.getAggregations().iterator();// get("");
while (iter.hasNext()) {
Aggregation aggs=iter.next();
System.out.println(aggs.getName());
//aggs.
}
问题是我得到了聚合值。这里有日期,但我没有得到子聚合。基本上我想按日期将 CLASSIFICATION 提取到一个对象。
最佳答案
我设法让它工作。如果有人觉得这有帮助,我会在此处添加我的答案。
String aggregations1 = "CLASSIFICATION";
String field1 = "ALARM DATE";
DateHistogramInterval interval1 = DateHistogramInterval.DAY;
SearchResponse sr = client.prepareSearch(index).setTypes(type)
.addAggregation(AggregationBuilders.dateHistogram("classification of day").field(field1)
.interval(interval1).format("dd/MM/yyyy")
.subAggregation(AggregationBuilders.terms("classifications").field(aggregations1)))
.execute().actionGet();
// sr is here your SearchResponse object
Histogram agg = sr.getAggregations().get("classification of day");
Collection<Histogram.Bucket> buckets = (Collection<Histogram.Bucket>) agg.getBuckets();
// For each entry
for (Histogram.Bucket bucket : buckets) {
if (bucket.getDocCount() != 0) {
System.out.println((int) bucket.getDocCount());
System.out.println(bucket.getKeyAsString());
Terms terms =bucket.getAggregations().get("classifications");
Collection<Terms.Bucket> bkts = terms.getBuckets();
for (Bucket b : bkts) {
if (b.getDocCount() != 0) {
//ESClassification classificaiton = new ESClassification();
System.out.println((int) b.getDocCount());
System.out.println(b.getKeyAsString());
} else {
//list = Collections.<ESClassification> emptyList();
}
}
} else {
//list = Collections.<ESClassification> emptyList();
}
}
关于java - 如何从elasticsearch获取子聚合,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/35926154/