Hi,
We are having an requirement like to generate a report for particular hour in a whole year or whole month.
The document data is having date time field. need to generate a report as what is the aggregation result between 10 a.m. to 11 a.m. for whole month and whole year.
currently when I convert the field to HH:mm in index pattern and done terms aggregation, result is multiple records are showing insted of one record.
The data is generating from Transform.
having millions of records and scripted field is impacting performance and other issues also.
Can you please suggest the way to achieve it.
Hi there, the best way would be probably to reindex your data with the information about hourOfDay already in the documents in the index. Another solution that came to my mind was creating a scripted field: doc['timestamp'].value.hour and then just creating a histogram aggregation on the top of it, but you mentioned performance problems with this solution.
Maybe someone else has a better idea?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.