Alternate for sub aggregation in elastic search

khasim_vali_dudekula · June 6, 2022, 6:11am

Hi I am new to Elasticsearch, and I'm writing a query using sub aggregations. I'm not sure whether it is okay in terms of performance or any other alternatives exist. please guide me.

the query looks like this

{
  "size": 0, 
  "aggs": {
    "status": {
      "terms": {
        "field": "status"
      },
      "aggs": {
        "date_buckets": {
          "date_range": {
            "field": "@timestamp",
            "ranges": [
              {
                  "key": "Today",
                  "from": "2022-04-28T05:30:00.000+0530",
                  "to": "2022-04-29T05:30:00.000+0530"
                },
                {
                  "key": "Past",
                  "from": "2020-04-27T05:30:00.000+0530",
                  "to": "2022-04-28T05:30:00.000+0530"
                },
                {
                  "key": "Future",
                  "from": "2022-05-28T05:30:00.000+0530",
                  "to": "2023-04-29T05:30:00.000+0530"
                }
            ]
          }
        }
      }
    }
  }
}

warkolm · June 8, 2022, 11:58pm

Welcome to our community!

That looks ok, are you having issues with it?

khasim_vali_dudekula · June 9, 2022, 8:01am

Hi Warkolm,

The query is working for me, but I feel it is taking some time for huge data sets, I was just exploring if there is any alternatives exist for this.

warkolm · June 9, 2022, 10:33pm

How big are we talking? How long?

khasim_vali_dudekula · June 14, 2022, 5:13am

I got around 450M records and it is taking around 1m to fetch the results

system · July 12, 2022, 5:14am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.