I have a dataset loaded in the below csv format
time, totalnumber, correctnumber, location
I need to do a query similar to below sql
select sum(totalnumber)- sum(correctnumber) group by time, location
Is this possible in elastic search kibana, I am currently have a scripted field Totalnumber-currentnumber and am currently displaying SUM of this in a line graph split by location and time.
But it would really help if I can display sum(totalnumber)- sum(correctnumber)
Easiest way to do this would be in Timelion.
Just create a chart with this function:
.es(*,metric='sum:totalnumber').subtract(.es(*,metric='sum:correctnumber')
Is there a way to group this is timelion for me it would be like difference
at a particular time for a particular location.
I would like to do this kind of thing but term by term, something like:
average(user.t2 - user.t1)
and not
average(user.t2) - average(user.t1)
is there a way to do it?
Are user.t1 and user.t2 present in every document? If so, then average(user.t2 - user.t1) will be the same as average(user.t2) - average(user.t1)
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.