I am excited to hear elasticsearch giving option to write query in SQL syntax but just curious about how can we achieve elasticsearch features like aggregate "extended_stats" through SQL syntax. I am looking for standard deviation.
Hi @jam1142,
What do you mean by "aggregating extended_stats"? If you could explain a bit the use case (not necessarily in technical terms, but more like business usage or user needs), that would help.
Thanks.
See below in DSL syntax which i am asking for SQL
{
"size": 0,
"aggs": {
"std Batch Requests per sec": {
"filter": {
"term": {
"counter_name.keyword": "Batch Requests per sec"
}
},
"aggs": {
"stats_value": {
"extended_stats": {
"field": "counter_value"
}
}
}
}
}
}
@jam1142 you won't get the output like ES would give it to you, but there are functions we support that have values extracted from extended_stats. Please see this section of the documentation for those functions.
Thenka Andrei. I am facing another problem please see if you can help me on this. Here is the link
No problem @jam1142. Unfortunately, I am not familiar enough with the filter plugin in Logstash and it's better to wait for someone monitoring that section to help you further.
Thanks Andrei.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.