elasticsearch,kibana,Java,Json,elasticsearch,Kibana" /> elasticsearch,kibana,Java,Json,elasticsearch,Kibana" />
Fatal编程技术网
  • java/
  • Java 从文档中计算一天中不同的小时数

Java 从文档中计算一天中不同的小时数

java json kibana

Java 从文档中计算一天中不同的小时数,java,json,elasticsearch,kibana,Java,Json,elasticsearch,Kibana,我有时间戳字段(yyyy-mm-dd-T hh:mm:ss)。我想计算在给定的一天中每个设备id有多少不同的小时。在kibana中如何做到这一点 这是我的真实档案 比如说 Doc1= { name = "heart_beat" date= "2019-06-05 T 12:10:00" "device_id" = "abc" } Doc2= { name="heart_beat" date="2019-06-05 T 09:10:00" "d

我有时间戳字段(yyyy-mm-dd-T hh:mm:ss)。我想计算在给定的一天中每个设备id有多少不同的小时。在kibana中如何做到这一点

这是我的真实档案

比如说

 Doc1=
 {
   name = "heart_beat"
   date= "2019-06-05 T 12:10:00"
   "device_id" = "abc"
 }
 Doc2=
 {
    name="heart_beat"
    date="2019-06-05 T 09:10:00"
    "device_id" = "xyz"
  }
  Doc3=
  {
    name="heart_beat"
    date="2019-06-05 T 12:15:00"
    "device_id" = "pqr"
  }
  Doc4=
  {
     name="heart_beat"
     date="2019-06-05 T 07:10:00"
     "device_id" = "def"
  }
  Doc5=
 {
    name="heart_beat"
    date="2019-06-07 T 09:10:00"
    "device_id" = "xyz"
  }
  Doc6=
  {
    name="heart_beat"
    date="2019-06-07 T 12:15:00"
    "device_id" = "pqr"
  }
答案应该是

  • “2019-06-05”装置-“abc”小时数-1

  • “2019-06-05”装置-“pqr”小时数-1

  • “2019-06-05”装置-“xyz”小时数-1

  • “2019-06-05”装置-“def”小时数-1

  • “2019-06-07”装置-“xyz”小时数-1

  • “2019-06-07”装置-“pqr”小时数-1
    • 我使用脚本来获得不同的时间。 查询有2个聚合 1.术语聚合-提供所有不同的小时数和其中的文档数 2.基数聚合——给出不同小时数的计数

    根据您的要求,您可以保留其中一个或两个

    映射:

    PUT testindex4/_mapping
{
  "properties": {
    "name":{
      "type":"text"
    }, 
    "date":
    {
      "type":"date",
      "format":"YYYY-MM-DD'T'HH:mm:ss"
    }
  }
}
    查询:

    GET testindex4/_search
{
  "size":0,
  "aggs": {
    "byHours": {    ---> if you need doc count in distinct hours
      "terms": {
        "script": {
          "source": "doc[params.date_field].value.hourOfDay;",
          "params": {
            "date_field": "date"
          }
        }
      }
    },
    "distinct_hours": {      ---> count of distinct hours
      "cardinality": {
        "script": {
          "lang": "painless",
          "source": "doc[params.date_field].value.hourOfDay;",
          "params": {
            "date_field": "date"
          }
        }
      }
    }
  }
}
    完整数据

        "hits" : [
      {
        "_index" : "testindex4",
        "_type" : "_doc",
        "_id" : "ZjyHc2sB36IvcvW_wPNu",
        "_score" : 1.0,
        "_source" : {
          "name" : "heart_beat",
          "date" : "2019-06-05T12:10:00"
        }
      },
      {
        "_index" : "testindex4",
        "_type" : "_doc",
        "_id" : "ZzyIc2sB36IvcvW_DPMn",
        "_score" : 1.0,
        "_source" : {
          "name" : "heart_beat",
          "date" : "2019-06-05T12:15:00"
        }
      },
      {
        "_index" : "testindex4",
        "_type" : "_doc",
        "_id" : "ajyPc2sB36IvcvW_0fOc",
        "_score" : 1.0,
        "_source" : {
          "name" : "heart_beat",
          "date" : "2019-06-05T01:15:00"
        }
      }
    ]
    结果:

    "aggregations" : {
    "distinct_hours" : {
      "value" : 2
    },
    "byHours" : {
      "doc_count_error_upper_bound" : 0,
      "sum_other_doc_count" : 0,
      "buckets" : [
        {
          "key" : "12",
          "doc_count" : 2
        },
        {
          "key" : "1",
          "doc_count" : 1
        }
      ]
    }
  }
    编辑:用于获取每个设备的记录 映射

    质疑

    结果

      "aggregations" : {
    "byDevice" : {
      "doc_count_error_upper_bound" : 0,
      "sum_other_doc_count" : 0,
      "buckets" : [
        {
          "key" : "VFD 720",
          "doc_count" : 3,
          "byDate" : {
            "doc_count_error_upper_bound" : 0,
            "sum_other_doc_count" : 0,
            "buckets" : [
              {
                "key" : "2019-06-06",
                "doc_count" : 2,
                "byHours" : {
                  "doc_count_error_upper_bound" : 0,
                  "sum_other_doc_count" : 0,
                  "buckets" : [
                    {
                      "key" : "12",
                      "doc_count" : 1
                    },
                    {
                      "key" : "15",
                      "doc_count" : 1
                    }
                  ]
                }
              },
              {
                "key" : "2019-06-05",
                "doc_count" : 1,
                "byHours" : {
                  "doc_count_error_upper_bound" : 0,
                  "sum_other_doc_count" : 0,
                  "buckets" : [
                    {
                      "key" : "12",
                      "doc_count" : 1
                    }
                  ]
                }
              }
            ]
          }
        },
        {
          "key" : "VFD 721",
          "doc_count" : 2,
          "byDate" : {
            "doc_count_error_upper_bound" : 0,
            "sum_other_doc_count" : 0,
            "buckets" : [
              {
                "key" : "2019-06-05",
                "doc_count" : 1,
                "byHours" : {
                  "doc_count_error_upper_bound" : 0,
                  "sum_other_doc_count" : 0,
                  "buckets" : [
                    {
                      "key" : "12",
                      "doc_count" : 1
                    }
                  ]
                }
              },
              {
                "key" : "2019-06-06",
                "doc_count" : 1,
                "byHours" : {
                  "doc_count_error_upper_bound" : 0,
                  "sum_other_doc_count" : 0,
                  "buckets" : [
                    {
                      "key" : "12",
                      "doc_count" : 1
                    }
                  ]
                }
              }
            ]
          }
        }
      ]
    }
  }
    这个答案可能会有帮助:@Val我想把这个数据放在图形Y轴:计数,X轴:天中。@Val我在哪里定义了6月5日之类的日子?我们是哪一天获得这些数据的?我应该在“doc[params.date_field].value.hourOfDay;”中写些什么,我的索引是“实习生26”,文档类型名称是“packets”,日期字段是“event_timestamp”。“params”:{“date_field”:“event_timestamp”}。脚本有两部分:源和参数,在源中我们可以给脚本(表达式)和参数,它们是您想要传递给源的任何参数。您还可以使用doc['']——脚本上的文档直接访问字段。我希望在图形上表示此数据。Y轴:计数,X轴:天。我不知道在kibana绘制图形。对不起,我帮不上忙 
    GET testindex4/_search
{
  "size": 0,
  "aggs": {
    "byDevice": {
      "terms": {
        "field": "device.model"
      },
      "aggs": {
        "byDate": {
          "terms": {
            "script": {
              "source": "doc[params.date_field].value.toString('yyyy-MM-dd')",
              "params": {
                "date_field": "date"
              }
            }
          },
          "aggs": {
            "byHours": {
              "terms": {
                "script": {
                  "source": "doc[params.date_field].value.getHour();",
                  "params": {
                    "date_field": "date"
                  }
                }
              }
            }
          }
        }
      }
    }
  }
}

      "aggregations" : {
    "byDevice" : {
      "doc_count_error_upper_bound" : 0,
      "sum_other_doc_count" : 0,
      "buckets" : [
        {
          "key" : "VFD 720",
          "doc_count" : 3,
          "byDate" : {
            "doc_count_error_upper_bound" : 0,
            "sum_other_doc_count" : 0,
            "buckets" : [
              {
                "key" : "2019-06-06",
                "doc_count" : 2,
                "byHours" : {
                  "doc_count_error_upper_bound" : 0,
                  "sum_other_doc_count" : 0,
                  "buckets" : [
                    {
                      "key" : "12",
                      "doc_count" : 1
                    },
                    {
                      "key" : "15",
                      "doc_count" : 1
                    }
                  ]
                }
              },
              {
                "key" : "2019-06-05",
                "doc_count" : 1,
                "byHours" : {
                  "doc_count_error_upper_bound" : 0,
                  "sum_other_doc_count" : 0,
                  "buckets" : [
                    {
                      "key" : "12",
                      "doc_count" : 1
                    }
                  ]
                }
              }
            ]
          }
        },
        {
          "key" : "VFD 721",
          "doc_count" : 2,
          "byDate" : {
            "doc_count_error_upper_bound" : 0,
            "sum_other_doc_count" : 0,
            "buckets" : [
              {
                "key" : "2019-06-05",
                "doc_count" : 1,
                "byHours" : {
                  "doc_count_error_upper_bound" : 0,
                  "sum_other_doc_count" : 0,
                  "buckets" : [
                    {
                      "key" : "12",
                      "doc_count" : 1
                    }
                  ]
                }
              },
              {
                "key" : "2019-06-06",
                "doc_count" : 1,
                "byHours" : {
                  "doc_count_error_upper_bound" : 0,
                  "sum_other_doc_count" : 0,
                  "buckets" : [
                    {
                      "key" : "12",
                      "doc_count" : 1
                    }
                  ]
                }
              }
            ]
          }
        }
      ]
    }
  }