If I am doing this query on timelion:.es(index = index_name, timefield = timestamp, metric = max:value, q = meter_id) it works for one meter. Because it is filtered to one meter, sum or max aggregation do the same thing.
What I want to do is, to sum up all MAX values of all devices (meter 1, meter 2, meter 3.. meter n) for every timestamp. Because values are gradually increasing, I am interested in seeing the graph of these summed values by time on timelion. Is it possible?
I am not sure, which of these two versions you want, but both should work rather fine:
If you want to have separate lines, each line representing the max value of one meter, you can use the following expression (shortened for index and timefield):
.es(metric=max:value, split=meter_id_field:5)
In that case you would get 5 lines for each of the top meters (indicated by the meter_id_field, and their respective max values.
If you want to have like the maximum value per meter in each timeslot and THAN have the sum of all of those, you can basically put the above expression into a .sum function:
thank you for your reply. It was very helpful and solved my question!
As a side quest, i wonder would it be possible to split also without specifying the top-n number for the groups? If my device number is increasing constantly at unpredicted level, how I proceed then?
this is unfortunately not possible. The second parameter is required and will be passed to the size parameter of the terms aggregation in Elasticsearch doing the splitting.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.