Date with the max count grouped by a term

crimson589 · June 16, 2022, 10:00am

I'm currently getting this results

message1 | 2022-06-09 | 250
message1 | 2022-06-08 | 300
message2 | 2022-06-09 | 400
message2 | 2022-06-08 | 200

And my current setting is like this

What do I need to add here to just get the dates with the highest count like tis

message1 | 2022-06-08 | 300
message2 | 2022-06-09 | 400

bhavyarm · June 17, 2022, 8:40pm

Hello,

So your interval is daily and you are seeing results for that. I am not sure how to tweak this? I will buzz you back.

Thanks,
Bhavya

Tomo_M · June 20, 2022, 8:43am

There is no such function to filter date histogram buckets.

One option is to create a runtime field to calculate the date of @timestamp and then use terms aggregation with size 1 on that runtime field.

system · July 18, 2022, 8:43am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Bucket Aggregation - Using Filters + Date Histo Kibana	2	244	March 22, 2022
Date histogram that doesn't look at the entire date bucket? Kibana	1	155	November 9, 2022
Getting Peak day and corresponding count based on last 30 days data Kibana	1	245	April 30, 2023
Keeping only latest "Date Histogram" aggregation in a datatable Kibana	5	2959	March 9, 2018
Aggregation bucket sum + max group by time with filtering Kibana	3	767	March 22, 2021