How do I first do a timerange filter on date field then extract distinct elements of another field?

siddharthiyer · May 3, 2019, 12:04pm

I have a field cid that I need to get the distinct elements of. But I need the distinct elements based on when they were added to the database. I want to first do a timestamp range filter, then get the term aggregation of cid. I have tried this approach:

{
	"aggs": {
		"daterange": {
			"range": {
				"field": "@timestamp",
				"ranges": [
						{"from": "2019-05-02", "to": "2019-05-03"}
					]
			},
			"aggs": {
				"result": {
					"terms": {
						"field": "chat_id.keyword"
					}
				}
			}
		}
	},
	"_source":"chat_id"
}

But it doesnt aggregate on cid.

polyfractal · May 6, 2019, 4:49pm

What's not working?

I'd move that range aggregation into a range query instead, it will be more efficient and give a nicer response format.

You could also use a date_histogram aggregation instead, which will generate a bucket-per-time interval.

Otherwise your aggregation looks fine, it should be returning a bucket for each chat_id.keyword value.

system · June 3, 2019, 4:49pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.