Alternate for sub aggregation in elastic search

Elastic Stack Elasticsearch
1

Hi I am new to Elasticsearch, and I'm writing a query using sub aggregations. I'm not sure whether it is okay in terms of performance or any other alternatives exist. please guide me.

the query looks like this

{
  "size": 0, 
  "aggs": {
    "status": {
      "terms": {
        "field": "status"
      },
      "aggs": {
        "date_buckets": {
          "date_range": {
            "field": "@timestamp",
            "ranges": [
              {
                  "key": "Today",
                  "from": "2022-04-28T05:30:00.000+0530",
                  "to": "2022-04-29T05:30:00.000+0530"
                },
                {
                  "key": "Past",
                  "from": "2020-04-27T05:30:00.000+0530",
                  "to": "2022-04-28T05:30:00.000+0530"
                },
                {
                  "key": "Future",
                  "from": "2022-05-28T05:30:00.000+0530",
                  "to": "2023-04-29T05:30:00.000+0530"
                }
            ]
          }
        }
      }
    }
  }
}
2

Welcome to our community! :smiley:

That looks ok, are you having issues with it?

3

Hi Warkolm,

The query is working for me, but I feel it is taking some time for huge data sets, I was just exploring if there is any alternatives exist for this.

4

How big are we talking? How long?

5

I got around 450M records and it is taking around 1m to fetch the results