I have about 5 key-value pairs in elasticsearch data per object, I want to add the values of certain keys(audio_calls) of those objects where some other keys have the values I want(network_type, weather). I want the result to be grouped by area_num
.
For example
{
.
.
"audio_calls":2000,
"area": "a",
"area_num": 1,
"network_type":"3g",
"weather":"sunny"
.
.
}
{
.
.
"audio_calls":1420,
"area": "a",
"area_num": 1,
"network_type":"4g",
"weather":"stormy"
.
.
}
{
.
.
"audio_calls": 1503,
"area": "c",
"area_num": 2,
"network_type":"4g",
"weather":"cold"
}
{
.
.
"audio_calls": 4051,
"area": "c",
"area_num": 2,
"network_type":"4g",
"weather":"sunny"
}
{
.
.
"audio_calls": 240,
"area": "e",
"area_num": 3,
"network_type":"2g",
"weather":"cloudy"
.
.
.
}
.
.
.
I am guessing I have to do this using aggregations but, I don't know how to conditionally add the audio_calls
values, say add only those audio_calls
where network_type
is 3g
and weather
is sunny
.
With the (PHP)code I tried (Filtered Aggregation), aggregation simply added all the calls in all the objects without grouping by area_num.
'aggs' => [
'filter_by_conditions' => [
'filter' => [
'terms' => ['network_type' => $network_type],
'terms' => ['weather' => $weather],
],
'aggs' => [
'sum_of_calls' => [
'sum' => ['field' => $call_type]
],
'aggs' => [
'terms' => ['field' => $area_num, 'size' => 1000]
]
]
]
where $call_type = "audio_calls"
The output does not group by area_num, it simply adds all the audio_calls and gives one number.
"aggregations":{"filter_by_conditions":
{"doc_count":1665,"sum_of_calls":{"value":31464}}}}