elasticsearch,Grouping,Aggregation" />
elasticsearch,grouping,aggregation,Filter,Filter elasticsearch查询aggs排序的最大日期
我有如下数据: IdGroupId更新日期Filter elasticsearch查询aggs排序的最大日期,filter,
elasticsearch,grouping,aggregation,Filter,
112013-11-15T12:00:00
212013-11-20T12:00:00
322013-12-01T12:00:00
422013-13-01T12:00:00
522013-11-01T12:00:00
632013-10-01T12:00:00
如何编写查询以将筛选/分组的列表返回到max UpdateDate foreach组?最后一个列表按UpdateDate对desc进行排序 我预计这一产出: IdGroupId更新日期
422013-13-01T12:00:00
212013-11-20T12:00:00
632013-10-01T12:00:00
谢谢:)是的,这在elasticsearch中是可能的,但数据将采用JSON格式,需要按照上面显示的格式进行展平。下面是我如何使用Marvel Sense完成的 批量装载数据:
POST myindex/mytype/_bulk
{"index":{}}
{"id":1,"GroupId":1,"UpdateDate":"2013-11-15T12:00:00"}
{"index":{}}
{"id":2,"GroupId":1,"UpdateDate":"2013-11-20T12:00:00"}
{"index":{}}
{"id":3,"GroupId":2,"UpdateDate":"2013-12-01T12:00:00"}
{"index":{}}
{"id":4,"GroupId":2,"UpdateDate":"2013-12-01T12:00:00"}
{"index":{}}
{"id":5,"GroupId":2,"UpdateDate":"2013-11-01T12:00:00"}
{"index":{}}
{"id":6,"GroupId":3,"UpdateDate":"2013-10-01T12:00:00"}
GET myindex/mytype/_search?search_type=count
{
"aggs": {
"NAME": {
"terms": {
"field": "GroupId"
},
"aggs": {
"NAME": {
"max": {
"field": "UpdateDate"
}
}
}
}
}
}
{
...
"aggregations": {
"NAME": {
"buckets": [
{
"key": 2,
"doc_count": 3,
"NAME": {
"value": 1385899200000
}
},
{
"key": 1,
"doc_count": 2,
"NAME": {
"value": 1384948800000
}
},
{
"key": 3,
"doc_count": 1,
"NAME": {
"value": 1380628800000
}
}
]
}
}
...
}
POST myindex/mytype/_bulk
{"index":{}}
{"id":1,"GroupId":1,"UpdateDate":"2013-11-15T12:00:00"}
{"index":{}}
{"id":2,"GroupId":1,"UpdateDate":"2013-11-20T12:00:00"}
{"index":{}}
{"id":3,"GroupId":2,"UpdateDate":"2013-12-01T12:00:00"}
{"index":{}}
{"id":4,"GroupId":2,"UpdateDate":"2013-12-01T12:00:00"}
{"index":{}}
{"id":5,"GroupId":2,"UpdateDate":"2013-11-01T12:00:00"}
{"index":{}}
{"id":6,"GroupId":3,"UpdateDate":"2013-10-01T12:00:00"}
GET myindex/mytype/_search?search_type=count
{
"aggs": {
"NAME": {
"terms": {
"field": "GroupId"
},
"aggs": {
"NAME": {
"max": {
"field": "UpdateDate"
}
}
}
}
}
}
{
...
"aggregations": {
"NAME": {
"buckets": [
{
"key": 2,
"doc_count": 3,
"NAME": {
"value": 1385899200000
}
},
{
"key": 1,
"doc_count": 2,
"NAME": {
"value": 1384948800000
}
},
{
"key": 3,
"doc_count": 1,
"NAME": {
"value": 1380628800000
}
}
]
}
}
...
}
POST myindex/mytype/_bulk
{"index":{}}
{"id":1,"GroupId":1,"UpdateDate":"2013-11-15T12:00:00"}
{"index":{}}
{"id":2,"GroupId":1,"UpdateDate":"2013-11-20T12:00:00"}
{"index":{}}
{"id":3,"GroupId":2,"UpdateDate":"2013-12-01T12:00:00"}
{"index":{}}
{"id":4,"GroupId":2,"UpdateDate":"2013-12-01T12:00:00"}
{"index":{}}
{"id":5,"GroupId":2,"UpdateDate":"2013-11-01T12:00:00"}
{"index":{}}
{"id":6,"GroupId":3,"UpdateDate":"2013-10-01T12:00:00"}
GET myindex/mytype/_search?search_type=count
{
"aggs": {
"NAME": {
"terms": {
"field": "GroupId"
},
"aggs": {
"NAME": {
"max": {
"field": "UpdateDate"
}
}
}
}
}
}
{
...
"aggregations": {
"NAME": {
"buckets": [
{
"key": 2,
"doc_count": 3,
"NAME": {
"value": 1385899200000
}
},
{
"key": 1,
"doc_count": 2,
"NAME": {
"value": 1384948800000
}
},
{
"key": 3,
"doc_count": 1,
"NAME": {
"value": 1380628800000
}
}
]
}
}
...
}
最大日期作为Linux时间返回,需要转换回可读的日期格式 是否可以使用elasticsearch?如果要按聚合值排序,请将以下内容添加到术语中:
“术语”:{“字段”:“GroupId”,“order”:{“NAME”:“desc”}}