ELK 聚合查询

POST /lib4/items/_bulk
{"index":{"_id":1}}
{"price":40,"itemID":"ID100123","qty":50}
{"index":{"_id":2}}
{"price":50,"itemID":"ID100124","qty":50}
{"index":{"_id":3}}
{"price":25,"itemID":"ID100124","qty":40}
{"index":{"_id":4}}
{"price":30,"itemID":"ID100125","qty":40}
{"index":{"_id":5}}
{"price":null,"itemID":"ID100127","qty":30}

 

(1)  sum

GET /lib4/items/_search  { "size": 0,"aggs":{ "price_of_sum":{"sum":{ "field":"price"}} }
(2)  min

GET /lib4/items/_search  { "size": 0,"aggs":{ "price_of_min":{"min":{ "field":"price"}} }

(3)  max

GET /lib4/items/_search  { "size": 0,"aggs":{ "price_of_max":{"max":{ "field":"price"}} }

(4)  avg

GET /lib4/items/_search  { "size": 0,"aggs":{ "price_of_avg":{"avg":{ "field":"price"}} }

(5) cardinality 求基数

基数:互不相同的值的个数

比如说【性别】的值有 “男”,“女”,所以【性别】的基数为 2

GET /lib4/items/_search  { "size": 0,"aggs":{ "price_of_cardi":{"cardinality":{ "field":"price"}} }

(6) terms 分组

GET /lib4/items/_search  { "size": 0,"aggs":{ "price_group_by":{"terms":{ "field":"price"}} }

先按照【数量】分组,再求每个分组中文档的【价格】字段的平均值,并按照该 【平均值 】对分组降序排序。

ELK 聚合查询_第1张图片

 

ELK 聚合查询_第2张图片

 

 

你可能感兴趣的:(ELK)