Hi everyone,
I'm new to elastic, so this question could be quite trivial for you, but here I go:
I'm using kibana_sample_data_ecommerce, which documents have a mapping like this
{
...
"order_date" : <datetime>
"taxful_total_price" : <double>
...
}
And, I want to get a basic daily behavior of the data:
As far as I know, I have to split my data two times, first daily and then into the interval I wish (1h in this case). After that I have to sum the ocurrences on that time range (the little one) and to do a cumulative sum over the entire day for each day. To get something like this:
So here is my query code:
POST kibana_sample_data_ecommerce/_search
{
"size": 0,
"query": {
"bool": {
"must": [
{
"range": {
"order_date": {
"gt": "now-1M",
"lte": "now"
}
}
}
]
}
},
"aggs": {
"day_histo": {
"date_histogram": {
"field": "order_date",
"calendar_interval": "day"
},
"aggs": {
"qmin_histo": {
"date_histogram": {
"field": "order_date",
"calendar_interval": "hour"
},
"aggs": {
"qminute_sum": {
"sum": {
"field": "taxful_total_price"
}
},
"cumulative_qminute_sum": {
"cumulative_sum": {
"buckets_path": "qminute_sum"
}
}
}
}
}
}
}
}
After doing that, I just have to get "extended stats" iterating the hours list for all days, i.e.,
for hour in hours:
extended_stats(day1[hour], day2[hour], ... , day30[hour])
But this last step is driving me crazy because this process give me nested buckets, for each time interval... So the thing is, how can I do an extended stats aggregation over the month data, but only on each time window across every day?