Histogram aggregation over unique IDs: possible with nested aggregations?

sandbender · September 30, 2020, 4:25pm

Hello,

I am trying to aggregate data for a heatmap visualisation in Vega-Lite. It is supposed to show the volume of communication (color) in volume ranges (y-axis) over time (x-axis).

Where I'm stuck at right now is: that I need to get a unique count of message IDs (since message events are spread across multiple documents) before aggregating them into a histogram. This I thought I could achieve by a cardinality agg which then feeds into a histogram agg. But that's not possible since there is no pipeline agg of the histogram flavour.

Would anyone have an idea how to achieve this?

The following code doesn't work but I hope it demonstrates what I'm trying to do:

{
  "aggs": {
    "msg_hour_of_week": {
      "histogram": {
        "field": "time.hourOfWeek",
        "interval": 1,
        "min_doc_count": 0
      },
      "aggs": {
        "unique_count": {
          "cardinality": {
            "field": "messageId"
          }
        },
        "msg_vol_histo": {
          "histogram": {
            "buckets_path": "unique_count",
            "interval": 100
          }
        }
      }
    }
  },
  "size": 0
}

sandbender · October 8, 2020, 6:07pm

In case anyone finds this in the archives: Using transforms seems the way to go, at least in my case where I want to automatically generate reports once a week or day.

system · November 5, 2020, 6:08pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.