Hi All,
Is there a way to store all field/column values in an array through painless script.
request to share some sample script.
i want to calculate count of each unique value in a column/field, similar to group by option.
Why not using this: https://www.elastic.co/guide/en/elasticsearch/reference/current/search-aggregations-metrics-cardinality-aggregation.html?
Hi David,
Thank you for revert... 
i am able to achieve this in elasticsearch console with DSL query + Script below is the code.
However the requirement is, field(riskscore) should be dynamic based on time period. because if time period change, value_count should also change hence facing challenge and thought to create a scripted field.
Request help..on how to store all field/column values in an array through painless script.
or any other workaround...
POST /sat4*/_search
{
"size": 0,
"aggs" : {
"dft" : {
"date_histogram" : {
"field" : "@timestamp",
"interval" : "day"
},
"aggs" : {
"total_count": {
"value_count": {
"field": "Anomaly.keyword"
}
},
"antype": {
"filter": {
"term": {
"Anomaly.keyword": "CSSRR"
}
},
"aggs": {
"mycount": {
"value_count": {
"field": "Anomaly.keyword"
}
}
}
},
"riskscore": {
"bucket_script": {
"buckets_path": {
"sc1": "antype>mycount",
"sc2": "total_count"
},
"script": "if (params.sc1 > 100) {10} else {1}"
}
}
}
}
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.