Moving_avg is throwing parse exception

Elastic Stack Elasticsearch
1

New to ELK stack and facing some query issue.
My index has the following metadata :
{
"data": {
"properties": {
"timestamp": {
"format": "dateOptionalTime",
"type": "date"
},
"qname": {
"index": "not_analyzed",
"type": "string",
"doc_values": true
},
"outputproc": {
"index": "not_analyzed",
"type": "integer",
"doc_values": true
},
"inputproc": {
"index": "not_analyzed",
"type": "integer",
"doc_values": true
},
"depth": {
"index": "not_analyzed",
"type": "integer",
"doc_values": true
}
}
}
}

And I am trying to query and aggregate it with qname and then depth every hour, I will have to do some percentile calculation later so I am doing the moving average and there its failing

Query :
{
"query": {
"filtered": {
"filter": {
"range": {
"data.timestamp": {
"gte": "now-60d"
}
}
}
}
},
"size": "0",
"aggs": {
"metrics": {
"terms": {
"field": "data.depth"
},
"aggs": {
"queries": {
"terms": {
"field": "data.qname"
},
"aggs": {
"series": {
"date_histogram": {
"field": "data.timestamp",
"interval": "10m"
},
"aggs": {
"this_avg": {
"avg": {
"field": "data.depth"
}
},
"movavg": {
"moving_avg": {
"buckets_path": "this_avg",
"window": "24",
"model": "simple"
}
}
}
}
}
}
}
}
}
}

Error : I am continuously getting a parse error like :
"error": "SearchPhaseExecutionException[Failed
to execute phase [query], all shards failed; shardFailures
{[awrz_ucVQiSSuLJLQ3-CvA][trialc_mqstats][0]:
RemoteTransportException[[Data_3560_data][inet[/10.1.117.39:9304]][indices:data/read/search[phase/query]]];
nested: SearchParseException[[trialc_mqstats][0]:
query[ConstantScore(+cache(_type:data)
+no_cache(timestamp:[1445637454220 TO *]))],from[-1],size[0]: Parse
Failure [Failed to parse source
[{"query":{"filtered":{"filter":{"range":{"data.timestamp":{"gte":"now-60d"}}}}},"size":"0","aggs":{"metrics":{"terms":{"field":"data.depth"},"aggs":{"queries":{"terms":{"field":"data.qname"},"aggs":{"series":{"date_histogram":{"field":"data.timestamp","interval":"10m"},"aggs":{"this_avg":{"avg":{"field":"data.depth"}},"movavg":{"moving_avg":{"buckets_path":"this_avg","window":"24","model":"simple"}}}}}}}}}}]]];
nested: SearchParseException[[trialc_mqstats][0]:
query[ConstantScore(+cache(_type:data)
+no_cache(timestamp:[1445637454220 TO *]))],from[-1],size[0]: Parse
Failure [Could not find aggregator type [moving_avg] in [movavg]]];

can some one please point out my mistake here. I think its a syntax issue
ES version : 2.1.0

2

Apologies -- my ES version was old, I upgraded to 2.1.0 and now its supporting. We can close this.