Question

我是Elastic Search和Lucene Syntax的新手。

我想知道的是，无论如何都要获得特定时间段的平均值。

例如，我的索引中存储了以下信息。

Index Name Result TimeStamp
a-3    A    7     March 7th 2018, 16:17:35.000
a-3    A    13    March 7th 2018, 16:17:36.000
a-3    B    5     March 7th 2018, 16:17:37.000

我想写一个查询，以便在16:17:35和16:17:38之间返回A = 10和B = 5的平均结果。

这可能吗？

感谢。

Answer 1

您可以合并range query并使用嵌套聚合（term aggregation和avg aggregation）

POST my_index/_search
{
  "size": 0, 
  "query": {
    "range": {
      "TimeStamp": {
        "gte": "2018-03-07 16:17:35",
        "lte": "2018-03-07 16:17:38" 
      }
    }
  }, 

  "aggs": {
    "name": {
      "terms": {
        "field": "Name",
        "size": 10
      }
      , "aggs": {
        "stats": {
          "avg": {
            "field": "Result"
          }
        }
      }
    }
  }
}

结果将如下所示

{
  "took": 4,
  "timed_out": false,
  "_shards": {
    "total": 5,
    "successful": 5,
    "failed": 0
  },
  "hits": {
    "total": 3,
    "max_score": 0,
    "hits": []
  },
  "aggregations": {
    "name": {
      "doc_count_error_upper_bound": 0,
      "sum_other_doc_count": 0,
      "buckets": [
        {
          "key": "A",
          "doc_count": 2,
          "stats": {
            "value": 10
          }
        },
        {
          "key": "B",
          "doc_count": 1,
          "stats": {
            "value": 5
          }
        }
      ]
    }
  }
}

Elastic Luence查询平均结果

1 个答案: