Information Statistics Analysis-2

Range

Aggregate statistics by field of numeric type

{

"Query": {

"Match_all": {}

},

"Aggs": {

"Terms_sc-status": {

"Range": {

"Field": "Time-taken",

"Ranges": [

{

"Key": "Small",

"To": 200

},

{

"Key": "Medium",

"From": 200,

"To": 500

},

{

"Key": "Large",

"From": 500

}

]

},

"Aggs": {

"Avg_size": {

"Stats": {

"Field": "Time-taken"

}

}

}

}

},

"Size": 20

}

Date_range section statistics for time-type fields

{

"Query": {

"Match_all": {}

},

"Aggs": {

"Aggname": {

"Date_range": {

"Field": "@timestamp",

"Format": "Yyyy-mm-dd",

"Ranges": [

{

"To": "now-2d"//Statistic range: From farthest point to the first 2 days of the current date

},

{

"From": "now-2d"//Statistic range: from the first 2 days of the current date to the present

}

]

},

"Aggs": {

"Avg_size": {

"Stats": {

"Field": "Time-taken"

}

}

}

}

},

"Size": 20

}

Histogram statistics on fields by interval

{

"Query": {

"Match_all": {}

},

"Aggs": {

"Terms_sc-status": {

"Histogram": {

"Field": "Time-taken",

"Interval": 5000,

"Min_doc_count": 1//Get doc_count>=0 data

},

"Aggs": {

"Avg_size": {

"Stats": {

"Field": "Time-taken"

}

}

}

}

},

"Size": 20

}

Date_histogram for Date field statistics, you can use constants such as year (Y), month (m), Week (W), Day (d), hour (h), Minute (m) as the value of the Interval property

{

"Query": {

"Match_all": {}

},

"Aggs": {

"Aggname": {

"Date_histogram": {

"Field": "@timestamp",

"Format": "Yyyy-mm-dd",

"Interval": "1y",//Interval is 1 years,

"Keyed": true,//returns the value of key as the name of the JSON object

"Min_doc_count": 1

},

"Aggs": {

"Avg_size": {

"Stats": {

"Field": "Time-taken"

}

}

}

}

}

}

 

Information Statistics Analysis-2