Delta based on running total

danfranks · March 30, 2018, 12:41am

Hello,

I'm a bit new to elastic and am probably missing something simple.

I'm trying to figure out how to display a range of dates with their associated numerical values plus one calculated field that takes the difference between yesterdays totals and today's totals to create a delta that represents the change between the two days.

I've been reading up on the various functions and haven't come across anything to do this yet. Can someone please point me in the right direction?

Thanks in advance,
Dan

dadoonet · March 30, 2018, 1:43am

I think that you have to use a pipeline aggregation for this.

https://www.elastic.co/guide/en/elasticsearch/reference/current/search-aggregations-pipeline.html

I don't have a concrete example at hand but thought that it could help.

danfranks · March 30, 2018, 3:26am

Thanks! So maybe the Serial Differencing Aggregation?

https://www.elastic.co/guide/en/elasticsearch/reference/current/search-aggregations-pipeline-serialdiff-aggregation.html

I'm trying to find decent examples of it in use to understand it better and determine if it would work.

system · April 27, 2018, 3:26am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.