假设我在ElasticSearch上有以下数据:
import * as React from "react";
import Button from "react-uwp/Button";
export default class MyComponent extends React.Component<void, void> {
render() {
return (
<Button tooltip="Mini Tooltip" />
)
}
}
我想要绘制一个日期直方图,它会显示每个用户每小时所有max:currentPoints的总和,它会产生以下数据来绘制:
@timestamp; userId; currentPoints
August 7th 2017, 00:30:37.319; myUserName; 4
August 7th 2017, 00:43:22.121; myUserName; 10
August 7th 2017, 00:54:29.177; myUserName; 7
August 7th 2017, 01:10:29.352; myUserName; 4
August 7th 2017, 00:32:37.319; myOtherUserName; 12
August 7th 2017, 00:44:22.121; myOtherUserName; 17
August 7th 2017, 00:56:29.177; myOtherUserName; 8
August 7th 2017, 01:18:29.352; myOtherUserName; 11
通常使用子查询来完成,提取每小时的max(currentPoints),用户然后将结果和每小时的总和相加。
例如Kibana Timelion可以实现吗?我无法使用文档找到实现此目的的方法。
由于 亚历
答案 0 :(得分:0)
在进行另一个项目时,我已经在不使用Timelion的情况下在Kibana / Elasticsearch中尝试了答案。
此功能称为“同级管道聚合”,在这种情况下,您将使用“求和桶”。您可以将其与任何最近的Kibana / Elastic可视化配合使用(我正在使用5.5版)。
对于数据集,例如:
@timestamp; userId; currentPoints
August 7th 2017, 00:30:37.319; myUserName; 4
August 7th 2017, 00:43:22.121; myUserName; 10
August 7th 2017, 00:54:29.177; myUserName; 7
August 7th 2017, 01:10:29.352; myUserName; 4
August 7th 2017, 00:32:37.319; myOtherUserName; 12
August 7th 2017, 00:44:22.121; myOtherUserName; 17
August 7th 2017, 00:56:29.177; myOtherUserName; 8
August 7th 2017, 01:18:29.352; myOtherUserName; 11
您希望每个用户ID每小时获得(currentPoints)所有MAX(currentPoints)的总和,结果是:
August 7th 2017, 00; SumOfMaxCurrentPoints -> 27 (max from hour 00h from both users 10 + 17)
August 7th 2017, 00; SumOfMaxCurrentPoints -> 15 (max from hour 01h from both users 4 + 11)
您可以这样做:
指标
桶