How to loop over aggregated search?

Jan_Pisl · March 6, 2018, 10:16am

I have the following query:

  query = {
        "aggs" : {
            "by_minute" : {
                "date_histogram" : {
                    "field" : "@timestamp",
                    "interval" : "minute"
                },
                "aggs":{
                    "max": { "max": { "field": "duration" } },
                    "min": { "min": { "field": "duration" } },
                    "avg": { "avg": { "field": "duration" } },
                }
            }
        },
        "query" : {
            "bool" : {
                "filter": [
                    { "query_string" : { "query" : "audit_type:REQ AND req_backend_name:service" } },
                    { "range" : { "@timestamp" : { "gte" : "now-24h", "lt" :  "now" } } },
                ]
            }
        }
    }

What is does now is that it fetches data from last 24 hours and then groups them by minute. What I need, however, is this type of data for every 24 hours for the last year separately.

system · April 3, 2018, 10:16am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Aggregate every field Elasticsearch	1	306	January 9, 2021
Thanks to everyone, but another question Elasticsearch	2	463	January 18, 2018
Time-range search query help Elasticsearch	2	358	August 27, 2020
Aggregating by hour Elasticsearch	4	5935	July 6, 2017
How to put a filter in an aggs? Elasticsearch	1	403	July 6, 2017

How to loop over aggregated search?

Related topics