Menu
I want to get the sub aggregation.
"size" :0 ,
"aggs": {
"classification of day": {
"date_histogram": {
"field": "ALARM DATE",
"format" : "dd/MM/yyyy",
"interval": "day"
},
"aggs": {
"classification1": {
"terms": {
"field": "CLASSIFICATION",
"keyed":true
}
}
}
}
}
above json query returns the following output.
"aggregations": {
"classification of day": {
"buckets": [
{
"key_as_string": "25/02/2016",
"key": 1456358400000,
"doc_count": 166,
"classification1": {
"doc_count_error_upper_bound": 0,
"sum_other_doc_count": 0,
"buckets": [
{
"key": "attack",
"doc_count": 58
},
{
"key": "compromise",
"doc_count": 30
},
{
"key": "error",
"doc_count": 24
},
{
"key": "reconnaissance",
"doc_count": 20
},
{
"key": "suspicious",
"doc_count": 19
},
{
"key": "warning",
"doc_count": 14
},
{
"key": "misuse",
"doc_count": 2
}
]
}
},
{
"key_as_string": "26/02/2016",
"key": 1456444800000,
...
Java code I tried,
String aggregations1 = "CLASSIFICATION";
String field1 = "ALARM DATE";
DateHistogramInterval interval1 = DateHistogramInterval.DAY;
SearchResponse response = client.prepareSearch(index).setTypes(type)
.addAggregation(AggregationBuilders.dateHistogram("classification of day").field(field1)
.interval(interval1).format("dd/MM/yyyy")
.subAggregation(AggregationBuilders.terms("terms").field(aggregations1)))
.execute().actionGet();
Iterator<Aggregation> iter = response.getAggregations().iterator();// get("");
while (iter.hasNext()) {
Aggregation aggs=iter.next();
System.out.println(aggs.getName());
//aggs.
}
Issue is I get the aggregation values. here dates but I don't get the subaggregation. Basically I want to extract the CLASSIFICATION by date to a object.
401
This allows you to set up a range of criteria and sub-criteria with buckets, then place metrics to calculate values for your reports about each criteria.
Elasticsearch Aggregations provide you with the ability to group and perform calculations and statistics (such as sums and averages) on your data by using a simple search query. An aggregation can be viewed as a working unit that builds analytical information across a set of documents.
sum_other_doc_count is the number of documents that didn't make it into the the top size terms.
Nested aggregationeditA special single bucket aggregation that enables aggregating nested documents. For example, lets say we have an index of products, and each product holds the list of resellers - each having its own price for the product.
I managed to get this working. In case, someone find this helpful, I add my answer here.
String aggregations1 = "CLASSIFICATION";
String field1 = "ALARM DATE";
DateHistogramInterval interval1 = DateHistogramInterval.DAY;
SearchResponse sr = client.prepareSearch(index).setTypes(type)
.addAggregation(AggregationBuilders.dateHistogram("classification of day").field(field1)
.interval(interval1).format("dd/MM/yyyy")
.subAggregation(AggregationBuilders.terms("classifications").field(aggregations1)))
.execute().actionGet();
// sr is here your SearchResponse object
Histogram agg = sr.getAggregations().get("classification of day");
Collection<Histogram.Bucket> buckets = (Collection<Histogram.Bucket>) agg.getBuckets();
// For each entry
for (Histogram.Bucket bucket : buckets) {
if (bucket.getDocCount() != 0) {
System.out.println((int) bucket.getDocCount());
System.out.println(bucket.getKeyAsString());
Terms terms =bucket.getAggregations().get("classifications");
Collection<Terms.Bucket> bkts = terms.getBuckets();
for (Bucket b : bkts) {
if (b.getDocCount() != 0) {
//ESClassification classificaiton = new ESClassification();
System.out.println((int) b.getDocCount());
System.out.println(b.getKeyAsString());
} else {
//list = Collections.<ESClassification> emptyList();
}
}
} else {
//list = Collections.<ESClassification> emptyList();
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With