我正在ElasticSearch中进行筛选。我想让doc_count在非数据日期返回0,但它根本不打印这些日期,只返回有数据的日期给我。你知道我该怎么做吗?以下是Python输出:
0 NaN
1 NaN
2 NaN
3 NaN
4 NaN
...
33479 {'date': '2022-04-13T08:08:00.000Z', 'value': 7}
33480 {'date': '2022-04-13T08:08:00.000Z', 'value': 7}
33481 {'date': '2022-04-13T08:08:00.000Z', 'value': 7}
33482 {'date': '2022-04-13T08:08:00.000Z', 'value': 7}
33483 {'date': '2022-04-13T08:08:00.000Z', 'value': 7}
这是我的ElasticSearch过滤器:
"from": 0,
"size": 0,
"query": {
"bool": {
"must":
[
{
"range": {
"@timestamp": {
"gte": "now-1M",
"lt": "now"
}
}
}
]
}
},
"aggs": {
"continent": {
"terms": {
"field": "source.geo.continent_name.keyword"
},
"aggs": {
"_source": {
"date_histogram": {
"field": "@timestamp", "interval": "8m"
}}}}}}
您需要将min_doc_count值设置为0,以便在doc_count为零的情况下进行聚合。
{
"from": 0,
"size": 0,
"query": {
"bool": {
"must": [
{
"range": {
"@timestamp": {
"gte": "now-1M",
"lt": "now"
}
}
}
]
}
},
"aggs": {
"continent": {
"terms": {
"field": "source.geo.continent_name.keyword",
"min_doc_count": 0
},
"aggs": {
"_source": {
"date_histogram": {
"field": "@timestamp",
"interval": "8m",
"min_doc_count": 0
}
}
}
}
}
}