我在Elasticsearch中有一个文件,结构如下:
{
"_index": "logstash-2018.05.11",
"_type": "doc",
"_id": "LSg_T2MB-uso043FSCvT",
"_version": 1
"_source": {
"@version": "1",
"@timestamp": "2018-05-11T12:48:57.447Z",
"filename": "VARIABLEPART_COMMONPART"
},
"fields": {
"@timestamp": [
"2018-05-11T12:48:57.447Z"
]
}
}
我想写一些查询,允许我计算VARIABLEPART的聚合文档。 另外,我想确保我的查询结果可以用Kibana查看,但我不知道从哪里开始!