按日期拆分查询结果

时间:2019-04-05 02:08:37

标签: database mongodb redash

我正在尝试在MongoDB中聚合一组数据以在Redash中使用。我想根据集合中包含的日期将汇总结果分为四个结果。

数据样本集

{ "_id" : ObjectId("5ca6a9219a6c64190bfbe397"), "threatlevel" : 4, "timestamp" : "1522891861", "devicename" : "abc", "alertsource" : "p1" }
{ "_id" : ObjectId("5ca6a9249a6c64190bfbe3c9"), "threatlevel" : 3, "timestamp" : "1523064661", "devicename" : "acb", "alertsource" : "p1" }
{ "_id" : ObjectId("5ca6a9249a6c64190bfbe3d8"), "threatlevel" : 5, "timestamp" : "1524965461", "devicename" : "bcd", "alertsource" : "wine" }
{ "_id" : ObjectId("5ca6a9249a6c64190bfbe3db"), "threatlevel" : 4, "timestamp" : "1525483861", "devicename" : "abc", "alertsource" : "av" }
{ "_id" : ObjectId("5ca6a9259a6c64190bfbe3e4"), "threatlevel" : 4, "timestamp" : "1525829461", "devicename" : "def", "alertsource" : "av" }
{ "_id" : ObjectId("5ca6a9259a6c64190bfbe3e9"), "threatlevel" : 5, "timestamp" : "1526088661", "devicename" : "bcd", "alertsource" : "wine" }
{ "_id" : ObjectId("5ca6a9239a6c64190bfbe3b7"), "threatlevel" : 2, "timestamp" : "1526520661", "devicename" : "def", "alertsource" : "wine" }
{ "_id" : ObjectId("5ca6a9239a6c64190bfbe3b8"), "threatlevel" : 2, "timestamp" : "1527298261", "devicename" : "def", "alertsource" : "av" }
{ "_id" : ObjectId("5ca6a9239a6c64190bfbe3ba"), "threatlevel" : 1, "timestamp" : "1527816661", "devicename" : "abc", "alertsource" : "wine" }
{ "_id" : ObjectId("5ca6a9239a6c64190bfbe3b9"), "threatlevel" : 1, "timestamp" : "1528335061", "devicename" : "bcd", "alertsource" : "av" }
{ "_id" : ObjectId("5ca6a9269a6c64190bfbe410"), "threatlevel" : 2, "timestamp" : "1528507861", "devicename" : "abc", "alertsource" : "av" }
{ "_id" : ObjectId("5ca6a9259a6c64190bfbe3fe"), "threatlevel" : 2, "timestamp" : "1528939861", "devicename" : "def", "alertsource" : "wine" }
{ "_id" : ObjectId("5ca6a9259a6c64190bfbe3fc"), "threatlevel" : 5, "timestamp" : "1529112661", "devicename" : "abc", "alertsource" : "av" }
{ "_id" : ObjectId("5ca6a9279a6c64190bfbe429"), "threatlevel" : 5, "timestamp" : "1529371861", "devicename" : "def", "alertsource" : "av" }
{ "_id" : ObjectId("5ca6a9279a6c64190bfbe439"), "threatlevel" : 5, "timestamp" : "1530235861", "devicename" : "abc", "alertsource" : "wine" }
{ "_id" : ObjectId("5ca6a9269a6c64190bfbe409"), "threatlevel" : 3, "timestamp" : "1530667861", "devicename" : "def", "alertsource" : "pre" }
{ "_id" : ObjectId("5ca6a9269a6c64190bfbe40a"), "threatlevel" : 1, "timestamp" : "1531013461", "devicename" : "def", "alertsource" : "p1" }
{ "_id" : ObjectId("5ca6a9269a6c64190bfbe408"), "threatlevel" : 2, "timestamp" : "1531359061", "devicename" : "abc", "alertsource" : "wine" }
{ "_id" : ObjectId("5ca6a9259a6c64190bfbe3f5"), "threatlevel" : 2, "timestamp" : "1531704661", "devicename" : "def", "alertsource" : "wine" }
{ "_id" : ObjectId("5ca6a9279a6c64190bfbe425"), "threatlevel" : 4, "timestamp" : "1531877461", "devicename" : "bcd", "alertsource" : "av" }

关于基于“威胁级别”的汇总,我有一个有效的查询,它会针对每次“威胁级别”事件返回总计。 

{
    "collection": "threats",
    "$aggregate": [{"$group" : {"_id" : "$ThreatLevel", 
    "Total" : {"$sum" : 1}}},  
    {"$sort" : { "_id": 1 }}]
}

为了更好地解释,这就是我最后要说的。第一季度将在9-12个月前,第二季度3-6个月,第三季度6-9和第四季度3之间。 

ThreatLevel AlertSource Date    Qty
4                 p1    Q1  1
3                 p1    Q1  1
1                 p1    Q2  1
4                 av    Q1  2
2                 av    Q1  1
1                 av    Q2  1
2                 av    Q2  1
5                 av    Q2  2
4                 av    Q2  1
3                 pre   Q2  1
5                 wine  Q1  2
2                 wine  Q1  1
1                 wine  Q1  1
2                 wine  Q2  3
5                 wine  Q2  1

任何帮助都将真正地得到解决!

0 个答案:

没有答案
相关问题
最新问题