I am excited to hear elasticsearch giving option to write query in SQL syntax but just curious about how can we achieve elasticsearch features like aggregate "extended_stats" through SQL syntax. I am looking for standard deviation.
Hi @jam1142,
What do you mean by "aggregating extended_stats"? If you could explain a bit the use case (not necessarily in technical terms, but more like business usage or user needs), that would help.
Thanks.
See below in DSL syntax which i am asking for SQL
{
"size": 0,
"aggs": {
"std Batch Requests per sec": {
"filter": {
"term": {
"counter_name.keyword": "Batch Requests per sec"
}
},
"aggs": {
"stats_value": {
"extended_stats": {
"field": "counter_value"
}
}
}
}
}
}
@jam1142 you won't get the output like ES would give it to you, but there are functions we support that have values extracted from extended_stats. Please see this section of the documentation for those functions.
Thenka Andrei. I am facing another problem please see if you can help me on this. Here is the link
No problem @jam1142. Unfortunately, I am not familiar enough with the filter plugin in Logstash and it's better to wait for someone monitoring that section to help you further.
Thanks Andrei.