"value"が0より大きいバケットの総数を計算するにはどうすればよいですか？

私はバケットあたりのイベントの数を計算するこのクエリを持っています。 valueが0より大きいバケットの総数を計算するにはどうすればよいですか？"value"が0より大きいバケットの総数を計算するにはどうすればよいですか？

GET myindex/_search? 
{ 
    "size": 0, 
    "query": { 
    "bool": { 
     "must": [ 
     { 
      "match": { 
      "PlateNumber": "111" 
      } 
     } 
     ] 
    } 
    }, 
    "aggs": { 
    "daily_intensity": { 
     "date_histogram": { 
     "field": "Datetime", 
     "interval": "day" 
     }, 
     "aggs": { 
     "count_of_events": { 
      "value_count": { 
      "field": "Monthday" 
      } 
     } 
     } 
    } 
    } 
}

これは私が得る出力です。期待される答えは26です。なぜなら、バケツには、0より大きいvalueの要素が全部で26個あるからです。基本的には、すべてのバケットの出力は必要ありません。この総数が必要です。

{ 
    "took": 237, 
    "timed_out": false, 
    "_shards": { 
    "total": 5, 
    "successful": 5, 
    "failed": 0 
    }, 
    "hits": { 
    "total": 98, 
    "max_score": 0, 
    "hits": [] 
    }, 
    "aggregations": { 
    "daily_intensity": { 
     "buckets": [ 
     { 
      "key_as_string": "2017-05-01T00:00:00.000Z", 
      "key": 1493596800000, 
      "doc_count": 3, 
      "count_of_events": { 
      "value": 3 
      } 
     }, 
     { 
      "key_as_string": "2017-05-02T00:00:00.000Z", 
      "key": 1493683200000, 
      "doc_count": 1, 
      "count_of_events": { 
      "value": 1 
      } 
     }, 
     { 
      "key_as_string": "2017-05-03T00:00:00.000Z", 
      "key": 1493769600000, 
      "doc_count": 4, 
      "count_of_events": { 
      "value": 4 
      } 
     }, 
     { 
      "key_as_string": "2017-05-04T00:00:00.000Z", 
      "key": 1493856000000, 
      "doc_count": 6, 
      "count_of_events": { 
      "value": 6 
      } 
     }, 
     { 
      "key_as_string": "2017-05-05T00:00:00.000Z", 
      "key": 1493942400000, 
      "doc_count": 0, 
      "count_of_events": { 
      "value": 0 
      } 
     }, 
     { 
      "key_as_string": "2017-05-06T00:00:00.000Z", 
      "key": 1494028800000, 
      "doc_count": 1, 
      "count_of_events": { 
      "value": 1 
      } 
     }, 
     { 
      "key_as_string": "2017-05-07T00:00:00.000Z", 
      "key": 1494115200000, 
      "doc_count": 5, 
      "count_of_events": { 
      "value": 5 
      } 
     }, 
     { 
      "key_as_string": "2017-05-08T00:00:00.000Z", 
      "key": 1494201600000, 
      "doc_count": 6, 
      "count_of_events": { 
      "value": 6 
      } 
     }, 
     { 
      "key_as_string": "2017-05-09T00:00:00.000Z", 
      "key": 1494288000000, 
      "doc_count": 2, 
      "count_of_events": { 
      "value": 2 
      } 
     }, 
     { 
      "key_as_string": "2017-05-10T00:00:00.000Z", 
      "key": 1494374400000, 
      "doc_count": 3, 
      "count_of_events": { 
      "value": 3 
      } 
     }, 
     { 
      "key_as_string": "2017-05-11T00:00:00.000Z", 
      "key": 1494460800000, 
      "doc_count": 0, 
      "count_of_events": { 
      "value": 0 
      } 
     }, 
     { 
      "key_as_string": "2017-05-12T00:00:00.000Z", 
      "key": 1494547200000, 
      "doc_count": 3, 
      "count_of_events": { 
      "value": 3 
      } 
     }, 
     { 
      "key_as_string": "2017-05-13T00:00:00.000Z", 
      "key": 1494633600000, 
      "doc_count": 0, 
      "count_of_events": { 
      "value": 0 
      } 
     }, 
     { 
      "key_as_string": "2017-05-14T00:00:00.000Z", 
      "key": 1494720000000, 
      "doc_count": 1, 
      "count_of_events": { 
      "value": 1 
      } 
     }, 
     { 
      "key_as_string": "2017-05-15T00:00:00.000Z", 
      "key": 1494806400000, 
      "doc_count": 3, 
      "count_of_events": { 
      "value": 3 
      } 
     }, 
     { 
      "key_as_string": "2017-05-16T00:00:00.000Z", 
      "key": 1494892800000, 
      "doc_count": 0, 
      "count_of_events": { 
      "value": 0 
      } 
     }, 
     { 
      "key_as_string": "2017-05-17T00:00:00.000Z", 
      "key": 1494979200000, 
      "doc_count": 1, 
      "count_of_events": { 
      "value": 1 
      } 
     }, 
     { 
      "key_as_string": "2017-05-18T00:00:00.000Z", 
      "key": 1495065600000, 
      "doc_count": 3, 
      "count_of_events": { 
      "value": 3 
      } 
     }, 
     { 
      "key_as_string": "2017-05-19T00:00:00.000Z", 
      "key": 1495152000000, 
      "doc_count": 2, 
      "count_of_events": { 
      "value": 2 
      } 
     }, 
     { 
      "key_as_string": "2017-05-20T00:00:00.000Z", 
      "key": 1495238400000, 
      "doc_count": 1, 
      "count_of_events": { 
      "value": 1 
      } 
     }, 
     { 
      "key_as_string": "2017-05-21T00:00:00.000Z", 
      "key": 1495324800000, 
      "doc_count": 1, 
      "count_of_events": { 
      "value": 1 
      } 
     }, 
     { 
      "key_as_string": "2017-05-22T00:00:00.000Z", 
      "key": 1495411200000, 
      "doc_count": 5, 
      "count_of_events": { 
      "value": 5 
      } 
     }, 
     { 
      "key_as_string": "2017-05-23T00:00:00.000Z", 
      "key": 1495497600000, 
      "doc_count": 16, 
      "count_of_events": { 
      "value": 16 
      } 
     }, 
     { 
      "key_as_string": "2017-05-24T00:00:00.000Z", 
      "key": 1495584000000, 
      "doc_count": 4, 
      "count_of_events": { 
      "value": 4 
      } 
     }, 
     { 
      "key_as_string": "2017-05-25T00:00:00.000Z", 
      "key": 1495670400000, 
      "doc_count": 6, 
      "count_of_events": { 
      "value": 6 
      } 
     }, 
     { 
      "key_as_string": "2017-05-26T00:00:00.000Z", 
      "key": 1495756800000, 
      "doc_count": 1, 
      "count_of_events": { 
      "value": 1 
      } 
     }, 
     { 
      "key_as_string": "2017-05-27T00:00:00.000Z", 
      "key": 1495843200000, 
      "doc_count": 5, 
      "count_of_events": { 
      "value": 5 
      } 
     }, 
     { 
      "key_as_string": "2017-05-28T00:00:00.000Z", 
      "key": 1495929600000, 
      "doc_count": 4, 
      "count_of_events": { 
      "value": 4 
      } 
     }, 
     { 
      "key_as_string": "2017-05-29T00:00:00.000Z", 
      "key": 1496016000000, 
      "doc_count": 5, 
      "count_of_events": { 
      "value": 5 
      } 
     }, 
     { 
      "key_as_string": "2017-05-30T00:00:00.000Z", 
      "key": 1496102400000, 
      "doc_count": 2, 
      "count_of_events": { 
      "value": 2 
      } 
     }, 
     { 
      "key_as_string": "2017-05-31T00:00:00.000Z", 
      "key": 1496188800000, 
      "doc_count": 4, 
      "count_of_events": { 
      "value": 4 
      } 
     } 
     ] 
    } 
    } 
}

出典

2017-10-22 Dinosaurius

あなたはこれを達成するためにBucket Script Aggregation & Sum Bucket Aggregationを使用することができます。以下の質問をお試しください。

GET myindex/_search? 
{ 
    "size": 0, 
    "query": { 
    "bool": { 
     "must": [ 
     { 
      "match": { 
      "PlateNumber": "111" 
      } 
     } 
     ] 
    } 
    }, 
    "aggs": { 
    "daily_intensity": { 
     "date_histogram": { 
     "field": "Datetime", 
     "interval": "day" 
     }, 
     "aggs": { 
     "count_of_events": { 
      "value_count": { 
      "field": "Monthday" 
      } 
     }, 
     "check": { 
      "bucket_script": { 
      "buckets_path": { 
       "count": "count_of_events" 
      }, 
      "script": "return (params.count > 0 ? 1 : 0)" 
      } 
     } 
     } 
    }, 
    "bucket_count": { 
     "sum_bucket": { 
     "buckets_path": "daily_intensity>check" 
     } 
    } 
    } 
}

出典

2017-10-22 12:28:38

"value"が0より大きいバケットの総数を計算するにはどうすればよいですか？

答えて

関連する問題