Using Elasticsearch v. 6.2.4, I want to update a field in my document based on multiple aggregations done on a nested object. Something like this:
POST <my_index>/_doc/<doc_id>/_update
{
"script": {
"lang": "painless",
"source": """
ctx._source.field_to_update = my_aggregation_value;
""",
"params": {
"my_aggregation_value": <something>
}
},
"aggs": {
"<nested_object>": {
"nested": {
"path": "<nested_object>"
},
"aggs": {
"<time_range>": {
"filter": {
"range": {
"history.request_time": {
"gte": "now-7d/d",
"lte": "now"
}
}
},
"aggs": {
"bucket_by_day": {
"date_histogram": {
"field": "<nested_object>.<time_event>",
"interval": "day"
},
"aggs": {
"my_aggregation": {
"aggregation_type": {...}
}
}
}
}
}
}
}
}
}
So I have three problems:
- How do I update my document fields with aggregation values? Are there any way to set variables in params to aggregation values.
- How can I update the root with aggregations in nested objects?
- How can I select the last aggregation of the buckets?