Aggregation based on hour of day and timezone

beng · December 6, 2017, 2:02am

We currently have a stat known as "Peak Hours" and this shows total counts based on a field called "created_at_hour" (this field is stored as the UTC hour). We did it this way to avoid using a script to calculate the hour based on a timestamp etc.

The issue we're running into is if something is created at 6PM CST, it's stored as hour 0 in UTC. When we aggregate this data, it will come back as 0 instead of 6 (obviously because it’s stored as 0 and is an integer)

Is there a better way to do an aggregation like this as of Elastic 5.6.3 based off of a created_at timestamp? Everything online pointed to using ES side scripts but that doesn’t seem to scale well.

Thanks in advance!

beng · December 6, 2017, 2:21pm

I found some useful information at Is it possible to apply a timezone to a date in a scripted field? but it seems this approach is not best practice and has been deprecated.

I then stumbled upon https://stackoverflow.com/a/46830875 and was able to get it working with a small tweak

Just not sure how well this will scale.

system · January 3, 2018, 2:31pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to aggregate data by hour of day regardless of day Elasticsearch	4	5816	July 5, 2017
Why is aggregation giving UTC? Elasticsearch	3	487	August 19, 2017
Filtering/aggregating by a timezone field in each document instead of the same timezone for all documents Elasticsearch	2	978	August 30, 2019
Scripted field HourOfDay() Kibana	8	14367	July 10, 2017
Aggregation with different timezones Elasticsearch	2	293	August 17, 2021

Aggregation based on hour of day and timezone

Related topics