在elasticsearch中,如何实现像这样的SQL函数:
SELECT a, sum(b), sum(c), d
FROM TableA
WHERE a IN (1,2,3,4) AND d = 88
GROUP BY a
HAVING sum(b) > 10
ORDER BY sum(b) desc, sum(c) asc
LIMIT 10 OFFSET 5;
到目前为止,我只做了这个:
{
"size":0,
"query":{
"filtered": {
"filter":{
"terms":{
"a": [1, 2, 3, 4]
}
},
"query":{
"match": {
"d": 8
}
}
}
},
"aggs": {
"group_by_a":{
"terms":{
"field": "a",
"size": 10,
"order" : { "sum(b)" : "desc" }
},
"aggs" : {
"sum(b)": {"sum": {"field": "b"}},
"sum(c)": {"sum": {"field": "c"}}
}
}
}
}
就像我刚刚实现的那样:
SELECT a, sum(b), sum(c)
FROM TableA
WHERE a IN (1,2,3,4) AND d = 88
GROUP BY a
HAVING sum(b) > 10
ORDER BY sum(b) desc
LIMIT 10;
如何处理额外的返回字段 d ,有条件,额外的顺序是 sum(c)asc ,偏移5 < / strong>?
很遗憾我发现有条款目前是unsupported。
答案 0 :(得分:3)
这在5.2中实现为bucket selector aggregation,ex
GET /_search
{
"size": 0,
"query": {
"term": { "code": "16001" }
},
"aggs" : {
"errors_per_week" : {
"date_histogram" : {
"field" : "date",
"interval" : "week"
},
"aggs": {
"total_errors": {
"value_count": {
"field": "code"
}
},
"error_bucket_filter": {
"bucket_selector": {
"buckets_path": {
"totalErrors": "total_errors"
},
"script": "params.totalErrors > 5"
}
}
}
}
}
}