我希望可视化存储在Elasticsearch上的数据。我的可视化中有一个时间过滤器和桶式过滤器。让我解释一下我存储在Elasticsearch中的数据的问题。 例如;根据“已创建”值,第一项的“已创建”值为02.03.2018。由于此值,Elasticsearch将第一个存储桶时间间隔定义为02.03.2018-05.03.2018。 另一方面,我希望存储在Elasticsearch中的数据根据我想要的时间范围进行存储。 我的意思是我希望Elasticsearch强制按照递增的顺序创建像01.03.2018,04.03.2018,07.03.2018等的桶
这是我的查询
GET alerts/sighting/_search
{
"size": 0,
"query": {
"bool": {
"filter": [
{
"range": {
"created": {
"gte": 0,
"lte": 1611859043000,
"format": "epoch_millis"
}
}
}
]
}
},
"aggs": {
"HEATMAP": {
"date_histogram": {
"field": "created",
"interval": "3D"
},
"aggs": {
"BEHAVIOUR_CHANGE": {
"terms": {
"field": "labels",
"include": "behavior-change"
},
"aggs": {
"TOTAL_ALERT_SCORE": {
"sum": {
"field": "x_nova_confidence"
}
}
}
}
}
}
}
}
这是我的结果
{
"took": 10,
"timed_out": false,
"_shards": {
"total": 5,
"successful": 5,
"failed": 0
},
"hits": {
"total": 3360,
"max_score": 0,
"hits": []
},
"aggregations": {
"HEATMAP": {
"buckets": [
{
"key_as_string": "2018-03-02T00:00:00.000Z",
"key": 1519948800000,
"doc_count": 729,
"BEHAVIOUR_CHANGE": {
"doc_count_error_upper_bound": 0,
"sum_other_doc_count": 0,
"buckets": [
{
"key": "behavior-change",
"doc_count": 212,
"TOTAL_ALERT_SCORE": {
"value": 0.0021199999999999735
}
}
]
}
},
{
"key_as_string": "2018-03-05T00:00:00.000Z",
"key": 1520208000000,
"doc_count": 601,
"BEHAVIOUR_CHANGE": {
"doc_count_error_upper_bound": 0,
"sum_other_doc_count": 0,
"buckets": [
{
"key": "behavior-change",
"doc_count": 78,
"TOTAL_ALERT_SCORE": {
"value": 0.0007799999999999907
}
}
]
}
},
{
"key_as_string": "2018-03-08T00:00:00.000Z",
"key": 1520467200000,
"doc_count": 433,
"BEHAVIOUR_CHANGE": {
"doc_count_error_upper_bound": 0,
"sum_other_doc_count": 0,
"buckets": [
{
"key": "behavior-change",
"doc_count": 96,
"TOTAL_ALERT_SCORE": {
"value": 0.0009599999999999886
}
}
]
}
},
{
"key_as_string": "2018-03-11T00:00:00.000Z",
"key": 1520726400000,
"doc_count": 0,
"BEHAVIOUR_CHANGE": {
"doc_count_error_upper_bound": 0,
"sum_other_doc_count": 0,
"buckets": []
}
},
{
"key_as_string": "2018-03-14T00:00:00.000Z",
"key": 1520985600000,
"doc_count": 0,
"BEHAVIOUR_CHANGE": {
"doc_count_error_upper_bound": 0,
"sum_other_doc_count": 0,
"buckets": []
}
},
{
"key_as_string": "2018-03-17T00:00:00.000Z",
"key": 1521244800000,
"doc_count": 0,
"BEHAVIOUR_CHANGE": {
"doc_count_error_upper_bound": 0,
"sum_other_doc_count": 0,
"buckets": []
}
},
{
"key_as_string": "2018-03-20T00:00:00.000Z",
"key": 1521504000000,
"doc_count": 0,
"BEHAVIOUR_CHANGE": {
"doc_count_error_upper_bound": 0,
"sum_other_doc_count": 0,
"buckets": []
}
},
{
"key_as_string": "2018-03-23T00:00:00.000Z",
"key": 1521763200000,
"doc_count": 0,
"BEHAVIOUR_CHANGE": {
"doc_count_error_upper_bound": 0,
"sum_other_doc_count": 0,
"buckets": []
}
},
{
"key_as_string": "2018-03-26T00:00:00.000Z",
"key": 1522022400000,
"doc_count": 365,
"BEHAVIOUR_CHANGE": {
"doc_count_error_upper_bound": 0,
"sum_other_doc_count": 0,
"buckets": []
}
},
{
"key_as_string": "2018-03-29T00:00:00.000Z",
"key": 1522281600000,
"doc_count": 0,
"BEHAVIOUR_CHANGE": {
"doc_count_error_upper_bound": 0,
"sum_other_doc_count": 0,
"buckets": []
}
},
{
"key_as_string": "2018-04-01T00:00:00.000Z",
"key": 1522540800000,
"doc_count": 0,
"BEHAVIOUR_CHANGE": {
"doc_count_error_upper_bound": 0,
"sum_other_doc_count": 0,
"buckets": []
}
},
{
"key_as_string": "2018-04-04T00:00:00.000Z",
"key": 1522800000000,
"doc_count": 3,
"BEHAVIOUR_CHANGE": {
"doc_count_error_upper_bound": 0,
"sum_other_doc_count": 0,
"buckets": []
}
}
]
}
}
}