使用 Elasticsearch 1.1.1
我正在尝试为所有帐户构建一个“页面”每秒浏览量查询(因此匹配所有帐户)。
映射是...
"xxx-20140526": {
"mappings": {
"xxx": {
"properties": {
"accountId": {
"type": "long"
},
"hitTime": {
"type": "date",
"format": "dateOptionalTime"
},
}
}
}
}
查询...
POST /xxx-20140526/xxx/_search
{
"filter": {
"range": {
"timeHit": {
"gte": "2014-05-26T13:40", //Date generated dynamically now - 5mins
"lt": "2014-05-26T13:45" //Date generated dynamically now
}
}
},
"aggs": {
"views_per_sec": {
"date_histogram": {
"field": "timeHit",
"interval": "second"
}
}
}
}
但是聚合也会返回以前的值...
"aggregations": {
"trx_per_sec": {
"buckets": [
{
"key_as_string": "2014-05-26T13:36:46.000Z",
"key": 1401111166000,
"doc_count": 72
},
... Other dates in the 30 mins range here...
{
"key_as_string": "2014-05-26T13:42:47.000Z",
"key": 1401111167000,
"doc_count": 5013
}
}
}
1- 聚合是否考虑过滤器? 2- 过滤最后 5 分钟的方法是否正确,还是我应该查看日期聚合?
我也试过...
{
"aggs": {
"range": {
"date_range": {
"field": "timeHit",
"format": "yyyy-MM-dd HH:mm:ss",
"ranges": [
{
"from": "now-5m"
}
]
}
}
}
}
但这似乎没有返回正确数量的文档。
最佳答案
好的,我让它在这里工作是查询...
{
"size": 0, <--- Size zero. Don't return any docs we only care about the aggregation.
"aggs": {
"last_5_mins": {
"filter": {
"range": {
"hitTime": {
"gte": "now-5m",
"lte": "now"
}
}
},
"aggs": {
"tps": {
"date_histogram": {
"field": "hitTime",
"interval": "second"
}
}
}
}
}
}
关于elasticsearch - 如何使用 Elasticsearch 过滤最后 5 分钟的日期直方图?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/23872135/