elasticsearch - 每天与前一天的计数的 Delta (Difference)
问题描述
我是 ELK Stack 的新手。我正在使用 Kibana 仪表板来查找每天与前一天的计数差异(差异)。所以,我们可以知道每天的销售额与前一天相比增加了多少
供参考:Present Dashboard 写了一个查询来查找每个日期的计数以及与版本号聚合的存储桶。
我的查询:
{
"aggs": {
"2": {
"date_histogram": {
"field": "install_date",
"interval": "1d",
"time_zone": "America/New_York",
"min_doc_count": 1
},
"aggs": {
"3": {
"terms": {
"field": "version.keyword",
"size": 50,
"order": {
"_key": "desc"
},
"script": "( _value.indexOf('-') > 0 ? _value.substring(0, _value.indexOf('-')+2) : _value )"
},
"aggs": {
"1": {
"sum_bucket": {
"buckets_path": "1-bucket>_count"
}
},
"1-bucket": {
"date_histogram": {
"field": "install_date",
"interval": "1d",
"time_zone": "America/New_York",
"min_doc_count": 1
}
}
}
}
}
}
},
"size": 0,
"_source": {
"excludes": []
},
"stored_fields": [
"*"
],
"script_fields": {},
"docvalue_fields": [
{
"field": "deploy_date_asset_tag",
"format": "date_time"
},
{
"field": "deploy_date_localtime",
"format": "date_time"
},
{
"field": "install_date",
"format": "date_time"
},
{
"field": "timestamp",
"format": "date_time"
},
{
"field": "ui_legacy_access",
"format": "date_time"
},
{
"field": "ui_satori_access",
"format": "date_time"
}
],
"query": {
"bool": {
"must": [
{
"match_all": {}
},
{
"match_all": {}
},
{
"range": {
"timestamp": {
"gte": 1408458089497,
"lte": 1566224489497,
"format": "epoch_millis"
}
}
}
],
"filter": [],
"should": [],
"must_not": []
}
}
}
解决方案
感谢您的回复。问题解决了!必须使用 date_histogram 的系列微分聚合。
推荐阅读
- spring-boot - SpringBoot @DataJpaTest 抛出 Failed to load ApplicationContext 异常
- javascript - 您如何理解 WebStorm 的功能接口?
- python - Azure DevOps Pipeline 上没有日志记录
- react-native - 如何在本机反应中将视频(从移动存储)转换为base64?
- c# - 如何清除隐藏的字符?
- python - 转置数据框后如何按组绘制线条?
- go - 如何为 golang/go cmd 模块设置 VSCode?
- sysv-ipc - python sysv-ipc 创建/附加/删除共享内存
- r - 避免使用 data.table 循环
- .net - 从集合中检索随机文档