I have a query with an aggregation of a date histogram that creates buckets per 10 seconds for a full day, on that aggregation I perform a sum of a field and at the end I use the max_bucket aggregation to extract the highest sum of those buckets.
Consider this query:
{
"size": 0,
"aggs": {
"mos": {
"terms": {
"field": "mo_id",
"size": 0
},
"aggs": {
"histogram": {
"date_histogram": {
"field": "time_stamp",
"interval": "10s",
"min_doc_count": 1
},
"aggs": {
"sum_per_interval": {
"sum": {
"field": "throughput"
}
}
}
},
"peak_throughput": {
"max_bucket": {
"buckets_path": "histogram>sum_per_interval"
}
}
}
}
},
"query": {
"filtered": {
"filter": {
"range": {
"time_stamp": {
"gte": "2016-07-25T00:00:00",
"lt": "2016-07-26T00:00:00",
"format": "yyyy-MM-dd'T'HH:mm:ss"
}
}
}
}
}
}
My problem is that the actual response from the server is too large to handle, and I'm only interested in the results of the peak_throughput value. Is there a way to calculate the date_histogram buckets but not to return these in the response? I thought about using scripted aggregations to achieve this but I could not find a scripted aggregation that would simulate the date_histogram that ES is running.