Thanks for the reply @kumar8055,
I did not have any trouble finding the aggregations. What I am trying to understand is how I can compare 2 aggregations, when both aggregations are performed on the same field, just different time/date.
The field I am calculating on is in a index called swift-xxx. So what I am doing is creating a body with the aggregation(date/time specified in a bool query), and then calling the result as shown below.
Queries for the 2 aggregations
count = es.search(index='swift-xxx', body=2xxCount)
print(count)
count2 = es.search(index='swift-xxx', body=2xxLast2Days)
print(count2)
Note that these two are 2 seperate queries that result 2 seperate sum aggregations. Is there any way I can combine then into one body and compare the result - i.e. see which 2xx is greater and print it.