Elasticsearch arithmetic and nested aggregation -
i've kind of objects in elasticsearch:
"myobject": { "type": "blah", "events": [ { "code": "code1" "date": "2016-08-03 18:00:00" }, { "code": "code2" "date": "2016-08-03 20:00:00" } ] }
i'd compute average time spend in between events code "code1" , events type "code2". basically, need subtract date of "code2" date of "code1" each object , compute average.
thanks !
plan b better. can @ indexing time, should do. if know you'll need date difference, should compute @ indexing time , store field.
you should not worry storing redundant data, elasticsearch doesn't care. cluster better off storing few more fields doing heavy scripting during each query. users appreciate, too, won't have wait ages answer data grows.
so store instead (time_spent
number of milliseconds between second , first event):
"myobject": { "type": "blah", "time_spent": 7200000, "events": [ { "code": "code1" "date": "2016-08-03 18:00:00" }, { "code": "code2" "date": "2016-08-03 20:00:00" } ] }
then you'll able run simple aggregation query this:
{ "size": 0, "aggs": { "avg_duration": { "avg": { "field": "time_spent" } } } }
Comments
Post a Comment