我在 elasticsearch 中有以下搜索,它返回我需要的嵌套数据结构的聚合,但我真的很想将其用作 kibana 中的可视化,但我看不出如何做到这一点:
GET /system_data_nested/_search
{
"size": 0,
"aggs": {
"consideration": {
"nested": {
"path": "children"
},
"aggs": {
"gross": {
"sum": {
"field": "children.executions.consideration"
}
}
}
}
}
}
哪个返回
{
"took": 2,
"timed_out": false,
"_shards": {
"total": 5,
"successful": 5,
"skipped": 0,
"failed": 0
},
"hits": {
"total": 920,
"max_score": 0,
"hits": []
},
"aggregations": {
"consideration": {
"doc_count": 486,
"gross": {
"value": 4492767
}
}
}
}
理想情况下,我可以使用水平条形图按日期直方图聚合到每个时间段的存储桶以供考虑。
这可能吗?
实际上,是的,这是可能的。我遇到了类似的问题,并使用Vega可视化解决了它(另请参阅介绍视频(。它的作用是向 Elasticsearch 发送自定义查询,并让您决定要可视化响应的哪一部分。
在您的情况下,它看起来有点像这样(注意,这是 HJSON(:
{
$schema: https://vega.github.io/schema/vega-lite/v2.json
title: Engine Score over Time
// Define the data source
data: {
url: {
index: system_data_nested
body: {
"size": 0,
"aggs": {
"consideration": {
"nested": {
"path": "children"
},
"aggs": {
"gross": {
"sum": {
"field": "children.executions.consideration"
}
}
}
}
}
}
}
format: {
"property": "aggregations.consideration"
}
mark: line
encoding: {
x: {
field: key
type: temporal
axis: { "title": "Date" }
}
y: {
field: gross.value
type: quantitative
axis: { "title": "Consideration" }
}
}
}
}
希望这有帮助!