Hi All,
I wanted to know if there is any support for using scripted_metric aggregations in Kibana ? I wrote an elasticsearch query which uses scripted_metric, but I want to use it in visualizations. I am using Kibana/ElasticSearch versions 5.1.1.. You help will be really grateful.
Thanks,
Deepti
Could you provide the script you're using so we can see if there is a good way to accomplish it in Kibana?
Hello,
Thanks for replying. I am trying to find out the time spent on a test based on started and ended object.id (assuming for any student for a particular test, there are only two events : start and end)
Below is the scripted metric aggregation query.
GET test-data/_search
{
"from" : 0,
"size" : 0,
"aggregations" : {
"user-id" : {
"terms" : {
"field" : "user-id",
"size" : 200,
"shard_size" : -1,
"min_doc_count" : 1,
"shard_min_doc_count" : 0,
"show_term_doc_count_error" : false,
"order" : [
{
"_count" : "desc"
},
{
"_term" : "asc"
}
]
},
"aggregations" : {
"assessment_id" : {
"terms" : {
"field" : "testid",
"size" : 10,
"shard_size" : -1,
"min_doc_count" : 1,
"shard_min_doc_count" : 0,
"show_term_doc_count_error" : false,
"order" : [
{
"_count" : "desc"
},
{
"_term" : "asc"
}
]
},
"aggregations" : {
"timeontask": {
"scripted_metric": {
"init_script" : "params._agg.events = ",
"map_script" : "def sf = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss"); def t = sf.parse(sf.format(doc['timestamp'].value)).getTime(); params._agg.events.add(doc['object.id'].contains('started') ? -1 * t : t) ",
"combine_script" : "double totTime=0 ; for (t in params._agg.events) { totTime += t } return totTime",
"reduce_script" : "double totTime=0 ; for (a in params._aggs) { totTime += a } return totTime/60000 "
}
}
}
}
}
}
},
"ext" : { }
}
Unfortunately there isn't any way to accomplish this in Kibana. There's an open issue you can add your feedback to and follow for notifications here: https://github.com/elastic/kibana/issues/7879
Hi,
Is there a way to post these aggregated results to a new index in elasticsearch?
Probably I can create some visuals using new index fields. Just a thought.
Thanks,
Deepti Antony
Hmm, I don't know of anything to allow you to do that. There is a reindex API that allows using scripts, but from my understanding, the scripts execute on the document level, not on aggregations.
That being said, there's nothing preventing you from taking the results of the aggregation and manually indexing them into a new index.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.