以下是我的问题陈述 我对弹性搜索有一个搜索调用,该搜索具有查询以计算某一字段上的99%百分位数聚合。作为回报,我得到的是汇总响应,其值是按百分比计算的。但是再次,我需要对百分位数的聚合值应用过滤器,使用“ bucket_selector”过滤掉这些值。例如,如果百分位数汇总值> 60,那么我需要在响应中包括在内。 以下是我的示例汇总请求json:
{
"aggs": {
"2": {
"terms": {
"field": "component",
"size": 500,
"order": {
"1": "desc"
}
},
"aggs": {
"1": {
"percentiles": {
"field": "field1",
"percents": [
99
],
"keyed": false
}
},
"filter_gt_than_60sec": {
"bucket_selector": {
"buckets_path": {
"value": "1"
},
"script": "params.value > 60L"
}
}
}
}
},
"size": 0,
"_source": {
"excludes": []
},
"stored_fields": [
"*"
],
"script_fields": {},
"query": {
"bool": {
"must": [
{
"match_all": {}
},
{
"range": {
"@timestamp": {
"gte": 1547889125683,
"lte": 1547975525684,
"format": "epoch_millis"
}
}
}
],
"filter": [],
"should": [],
"must_not": []
}
},
"timeout": "30000ms"
}
我得到的错误:
{
"error": {
"root_cause": [],
"type": "search_phase_execution_exception",
"reason": "",
"phase": "fetch",
"grouped": true,
"failed_shards": [],
"caused_by": {
"type": "aggregation_execution_exception",
"reason": "buckets_path must reference either a number value or a single value numeric metric aggregation, got: org.elasticsearch.search.aggregations.metrics.percentiles.tdigest.InternalTDigestPercentiles"
}
},
"status": 503
}
如果未应用存储桶选择器,则采样响应映射文档:
{
"aggregations": {
"2": {
"doc_count_error_upper_bound": 0,
"sum_other_doc_count": 0,
"buckets": [
{
"1": {
"values": [
{
"key": 99,
"value": 70
}
]
},
"key": "abc"
},
{
"1": {
"values": [
{
"key": 99,
"value": 10
}
]
},
"key": "abc1"
}
]
}}}
我从上述错误中了解到,我无法在“百分位数”字段上应用“ bucket_selector”,然后如何过滤出值大于60的百分位数聚合字段。我了解了“ percentile_bucket”,但是计算字段值的百分位数;但它不会在汇总的百分比字段中过滤掉。预先感谢。
答案 0 :(得分:0)
谢谢,问题现在已解决,并且可以通过使用以下buckets_path代码替换当前发布请求来访问百分位数值字段:
"bucket_selector": {
"buckets_path": {
"value": "1[99.0]"
},
"script": "params.value > 60L"
}