我在弹性搜索中有几千个不同时间和三个serviceId的文档。有没有可能用计数器把所有这些文档按月划分?文件型号:
{
"dateTime" : "2011-03-13T11:34:14.869Z",
"organizationId" : "1a4b7625-dcec-4326-b7dc-96e038b31d0b",
"accountId" : "a9bfcced-ddaa-477c-8021-18364ac320ee",
"processInstanceId" : "711e73cb-1286-461f-810f-d5791f71101f",
"serviceConfigurationId" : "e8be10e8-2ba2-4365-bfb0-96052d90be7e",
"clusterId" : "542096b3-3982-4d4b-bce1-44b1f988cf7f",
"serviceId" : "asdf"
}
我正在做一个有范围的SearchRequest(例如一年(,并希望它能做这样的事情:
{
"_index": "test",
"_type": "_doc",
"_id": "Jc0H03AB-y_MhSAimo7v",
"_score": null,
"_month": {
"Jan": [
{
"serviceId": "asdf",
"counter": 4
},
{
"serviceId": "zxcv",
"counter": 9
}
],
"Feb":[
{
"serviceId": "asdf",
"counter": 12
},
{
"serviceId": "zxcv",
"counter": 11
}
], etc
}
}
我发现了如何使用Java API创建范围查询。
RangeQueryBuilder rangeQueryBuilder = QueryBuilders.rangeQuery("dateTime").from(LocalDateTime.parse("2011-11-09T10:30")).to(LocalDateTime.parse("2022-11-09T10:30")).timeZone("Z");
sourceBuilder.query(rangeQueryBuilder);
searchRequest.source(sourceBuilder);
client().search(searchRequest, RequestOptions.DEFAULT);
也许这是不可能的,我在浪费时间试图找到解决方案?
范围查询将返回dateTime位于给定范围内的文档。您不能在查询部分中按月份对它们进行分组。这可以使用date_histogram聚合和top_hits聚合b 来完成
{
"size": 0,
"aggs": {
"filter_year": { --> filter documents which fall in given interval
"filter": {
"range": {
"dateTime": {
"gte": "2011-01-01",
"lte": "2011-12-31"
}
}
},
"aggs": {
"month": {
"date_histogram": { --> group documents on monthly interval
"field": "dateTime",
"format": "MMM",
"interval": "month"
},
"aggs": {
"documents": {
"top_hits": { --> return documents under months
"_source": [
"clusterId"
],
"size": 10
}
}
}
}
}
}
}
}