Calculate on nested field, got wrong result , any advice will be appreciated

with query conditions, I filtered out only one doc, part of the doc _source is :

"_source": {
               "event": [
                  {
                     "time": 1520252057459,
                     "duration": 1876,
                     "speed": 0,
                     "event_name": "firstBufferingEnd",
                     "detail": "",
                     "cdn_ip": ""
                  },
                  {
                     "time": 1520252060460,
                     "duration": 0,
                     "speed": 207445,
                     "event_name": "networkSpeed",
                     "detail": "",
                     "cdn_ip": ""
                  },
                  {
                     "time": 1520252062460,
                     "duration": 0,
                     "speed": 96871,
                     "event_name": "networkSpeed",
                     "detail": "",
                     "cdn_ip": ""
                  },
                  {
                     "time": 1520252064460,
                     "duration": 0,
                     "speed": 0,
                     "event_name": "networkSpeed",
                     "detail": "",
                     "cdn_ip": ""
                  },

query body is as follow , I got the avg value of speed, but the value is obvious wrong, how can I exclude out those dirty events such as the "firstBufferingEnd" ?

{
            "query": {
                "nested": {
                   "path": "event",
                   "query": {
                       "bool": {
                           "must": [
                              {
                                    "range": {
                                       "event.speed": {
                                          "gt":10000000
                                       }
                                    }
                              },
                              {
                                  "terms": {
                                     "event.event_name": [
                                        "networkSpeedReport",
                                        "networkSpeed"
                                     ]
                                  }
                              }
                           ]
                       }
                   }
                }
            },
            "aggs":{
                "gg":{
                    "nested": {
                        "path":"event"
                    },
                    "aggs":{
                        "gg":{
                            "avg":{
                                "field":"event.speed"
                            }
                        }
                    }
                }
            }
        }

pictures are :

image1010×866 98.1 KB

image920×935 80.4 KB

@Allwyn sorry to disturb , I have been stuck at here for days , (can not found anything from google and official doc )

Read this and specifically the "Also be patient" part.

It's fine to answer on your own thread after 2 or 3 days (not including weekends) if you don't have an answer.

OK， thanks for your patience

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.