Sorting based on scripted metrics aggregation

Abbass · January 27, 2021, 3:05pm

Hello!

I faced a limitation on sorting buckets of a term aggrigation, based on a scripted metrics sub aggregation values.

This issue clearly states that it is not possible to do this in elasticsearch.

However, i managed to do this using Bucket Sort aggregation.
Results make sense as far i can tell.
I want to know am i missing something? is my approach correct?
Query:

{
  "aggs": {
    "by-method-name": {
      "terms": {
        "field": "event_name.keyword"
      },
      "aggs": {
        "percentages_calc": {
          "scripted_metric": {
            "init_script": "state.errors = 0; state.t = 0;",
            "map_script": "if (doc['event_outcome.keyword'].value == 'ERROR') { state.errors += 1;state.t += 1} state.t += 1",
            "combine_script": "return state",
            "reduce_script": "double failureT = 0;double total = 0; for (s in states) {failureT += s.errors; total += s.t} return (failureT/total) * 100;"
          }
        },
        "sort_by_percentage": {
          "bucket_sort": {
            "sort": [
              {
                "percentages_calc.value": {
                  "order": "desc"
                }
              }
            ]
          }
        }
      }
    }
  },
  "size": 0
}

Abbass · February 2, 2021, 10:24am

One more note is that i am hardcoding a large enough size & shard_size parameters for terms aggregation to ensure zero doc_count_error_upper_bound. So the query is actually:

{
  "aggs": {
    "by-method-name": {
      "terms": {
        "field": "event_name.keyword",
        "size": 5000000,
        "shard_size":5000000
      },
      "aggs": {
        "percentages_calc": {
          "scripted_metric": {
            "init_script": "state.errors = 0; state.t = 0;",
            "map_script": "if (doc['event_outcome.keyword'].value == 'ERROR') { state.errors += 1;state.t += 1} state.t += 1",
            "combine_script": "return state",
            "reduce_script": "double failureT = 0;double total = 0; for (s in states) {failureT += s.errors; total += s.t} return (failureT/total) * 100;"
          }
        },
        "sort_by_percentage": {
          "bucket_sort": {
            "sort": [
              {
                "percentages_calc.value": {
                  "order": "desc"
                }
              }
            ]
          }
        }
      }
    }
  },
  "size": 0
}

Abbass · February 23, 2021, 9:45am

Anybody can comment here ?
Thanks!!

system · March 23, 2021, 9:45am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Terms aggregation bucket sort order based on scripted metric aggregation Elasticsearch	2	2716	July 6, 2017
Sort aggregation buckets based on Keyword field/Scripted Non Metric Field Elasticsearch	1	341	August 5, 2020
Bucket sort by a scripted metric Elasticsearch	1	403	August 5, 2020
Scripting aggregation order Elasticsearch	1	189	December 9, 2021
Scripted metric aggregations & sorting Elasticsearch	4	1963	September 10, 2018

Sorting based on scripted metrics aggregation

Related Topics