Date histogram error

Elastic Stack Elasticsearch
1

Hello, dear community.
Have an error with date histogram.
I have a cryptocurrency price base with a 5 minute interval (4 million records). Fields:

            {
                "_source": {
                    "time": 1357828800000,
                    "priceUsd": 13.89
                }
            },
            {
                "_source": {
                    "time": 1357831800000,
                    "priceUsd": 14.05
                }
            }

I want to make the output interval 1 day by this request:

POST /coin_charts/_search
{
    "aggs": {
        "bitcoin": {
            "date_histogram": {
                "field": "time",
                "fixed_interval": "1d"
            }
        }
    }
}

And i get this answer:

"error": {
        "root_cause": [
            {
                "type": "illegal_argument_exception",
                "reason": "[date_histogram] unknown field [fixed_interval], parser not found"
            }
        ],
        "type": "illegal_argument_exception",
        "reason": "[date_histogram] unknown field [fixed_interval], parser not found"
    },

What am I doing wrong? Everything was done according to the official tutorial. Help please :worried:

2

Which version of Elasticsearch are you using?

3

5.6.9

4

That's it, fixed_interval was implemented only in 7.2, you are using a very old version.

You should use interval, according to the documentation for your version.

2 Likes
5

Thank you for answer a lot. Update really helps me.
But maybe you can help with date_histogram? it doesn't work properly :frowning:
I use this request:

    "aggs": {
        "bitcoin": {
            "date_histogram": {
                "field": "date",
                "calendar_interval": "1w"
            }
        }
    }

But result without interval, the same as in the database (excluding the specified interval).

...
            {
                "_source": {
                    "time": 1357035900000,
                    "priceUsd": 13.44,
                    "date": "2013-01-01T10:25:00.000Z"
                }
            },
            {
                "_source": {
                    "time": 1357036200000,
                    "priceUsd": 13.44,
                    "date": "2013-01-01T10:30:00.000Z"
                }
            },
...

Records in my database every 5 minutes. And even after filtering by an interval, it gives me the same records from the database. Maybe I'm doing something wrong?
I will be very grateful for the answer.

6

Can you please explain what you are trying to achieve at a high level? Aggregation allow you to perform calculations over your data, e.g. provide a date histogram with the maximum and minimum price per day or week. Is that what you are looking to do?

7

No, I thought otherwise :frowning:

I have a database with 100k records and I want only every 50th record to be displayed.

That is, a database with a 5-minute timeframe, bitcoin price rates. I need to display points for the chart for the last year/month/week. At the same time, so that there are no more than 1000 results. Since the graphic chart cannot render more points.

8

Is there some difference from the previous topic?

If you need some last metrics other than last document, you can use top metrics aggregation sorted by time stamp.

9

Unfortunately, there are problems with that. I thought that I need to use other methods.
It turns out that what you recommended in that thread is what you need. But it doesn't work right for me.
For example, i have 5 records:

PUT /coin_charts/_search
            {
                "_source": {
                    "priceUsd": 45000,
                    "time": 1642716000000, //Just in case, I will clarify that I am aware of the same milliseconds. I just added a date field in a new clean database in order to experiment with it.
                    "date": "2022-01-01T16:23:09.55"
                }
            },
            {
                "_source": {
                    "priceUsd": 43000,
                    "time": 1642716000000,
                    "date": "2022-01-02T16:23:09.55"
                }
            },
            {
                "_source": {
                    "priceUsd": 40000,
                    "time": 1642716000000,
                    "date": "2022-01-03T16:23:09.55"
                }
            },
            {
                "_source": {
                    "priceUsd": 38000,
                    "time": 1642716000000,
                    "date": "2022-01-04T16:23:09.55"
                }
            },
            {
                "_source": {
                    "priceUsd": 36000,
                    "time": 1642716000000,
                    "date": "2022-01-05T16:23:09.55"
                }
            }

And for interval i'm use:

POST /coin_charts/_doc/_search
{
  "aggs": {
    "bitcoin": {
      "date_histogram": {
        "field": "date",//I tried to use first a field with milliseconds(time), it didn't work, then I decided to add a field with a date
        "fixed_interval": "2d" 
      }
    }
  }
}

I thought this should only print two results from my database (1 and 3), but it prints all 5 results. Maybe I'm wrote the request incorrectly?

10

Try using tophits or top metrics aggregation with date histogram aggregation, as I said.

1 Like
11

There are two types of aggregation: bucket
aggregations and metrics aggregation. Please see the documents to get detail. Bucket aggregation such as date histogram bucket aggregation only divide all documents into some buckets and did not select them. You can use metrics aggregations such as top hits or top metrics aggregation to retrieve some value or documents from each packets.

1 Like
12

I finally figured it out, thanks for the help :upside_down_face:

1 Like
13

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.