Aggregation by date

kashk · November 1, 2015, 4:48pm

Hi,

I'm looking for bucket aggregation that can be applied on date time values, so I can create buckets on date field where the time between each two results is less than an hour.

For example, if I have the following:
"key_as_string": 2015-10-06T10:05:00.000Z
"key_as_string": 2015-10-06T10:55:00.000Z
"key_as_string": 2015-10-06T11:15:00.000Z
"key_as_string": 2015-10-06T12:25:00.000Z

I expect to get 2 buckets:

The first bucket will include 3 results:
2015-10-06T10:05:00.000Z
2015-10-06T10:55:00.000Z
2015-10-06T11:15:00.000Z

The second bucket will include 1 result:
2015-10-06T12:25:00.000Z

I tried the date histogram aggregation but using the hour interval creates an extra bucket for the result in 11:15 , and that’s not what I need.

Any ideas how this can be done?

Thanks

warkolm · November 1, 2015, 9:01pm

I don't think you can do this with aggs, because as you found out, it does it based on the hour and not a range.
I'm not sure what else you could do though sorry, someone else might have an idea.

Topic		Replies	Views
Date Histogram - group by hour interval across multiple days Elasticsearch	4	6617	April 21, 2017
Aggregating by hour Elasticsearch	4	5934	July 6, 2017
ES Aggregation hit that can fit multiple buckets should be in all buckets Elasticsearch	2	546	November 15, 2017
Aggregate On Key Within Date / Time Range Multiple Buckets Elasticsearch	7	861	April 19, 2019
Date_histogram buckets not as expected Elasticsearch	10	904	March 30, 2017

Aggregation by date

Related topics