You may be able to use a pivot transform with your two desired group_bys, date_histogram for the day and terms for the filename.
This issue has a similar request, and thread and answer may help craft the Transform you're looking for? Latest full document in transform
By default, the Transform will wait and calculate the previous day's status. This will limit the number of searches and writes the Transform needs to make to update the entity to 1. If you would like the Transform to continuously update the status throughout the day, you can disable settings.align_checkpoints, and the Transform will search every frequency and update the date_histogram bucket as new data is searched and observed.