Hi folks,
I'm using logstash with elasticsearch, whose indices store logs by days
When doing the date histogram across multiple days, It will involves same
number of indices.
Since I'm using D3 to visualize the chart, I want to do multiple ajax calls
to backend index by index (namely day by day) and populate the chart
gradually within several calls.
Here is the problem, there is an "interval" parameter for date histogram
which is size of each bucket.
If I put "5h" for interval and do a two-day facet,
for first day, the bucket will be 12am - 5am 5am-10am 10am-3pm 3pm-8pm
8pm-12am(which is short of one hour), the second day will have the same
distribution of buckets.
Since I can not combine these two arrays of buckets together (8pm-12am on
the first day is not a 5h bucket), is there any other way to achieve except
make sure that interval is divisor of a day?
The above distributions are my assumptions, plz correct me if i'm wrong.
Thanks.
--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.