Maximum value of elastic search query aggs

Question

Maximum value of elastic search query aggs

I have data like this:

Name     Fees Collected     Date
Name1     100              2017-05-01T12:00:00
Name1     200              2017-05-02T12:00:00
Name2     500              2017-05-05T12:00:00
Name2     600              2017-05-06T12:00:00
Name3     1000             2017-05-010T12:00:00
Name3     1100             2017-05-011T12:00:00
Name4     1500             2017-05-011T12:00:00

How can I write a query to return the aggregation filtered / grouped at the maximum date with a minimum of 2 records for each group?

I am expecting the following output:

Name     Fees Collected   Date  
Name1     200             2017-05-02T12:00:00
Name2     600             2017-05-06T12:00:00
Name3     1100            2017-05-011T12:00:00

Finally, I would get the aggregation like this

"aggregations" {
    "Fees Collected " : "1900" //(200+600+1100)
    }

Is there anyway to achieve this in elastic search? Thank..

+3

search aggregation grouping elasticsearch

Alex Jul 19 17 at 6:07

source to share

1 answer

tomas · Answer 1 · 2017-07-19T21:29:04+0000

There is a way!

First you need to aggregate terms in the Name field with the addition of min_doc_count: 3. Then enter sub max_aggregation in the Date field.

somthing like this:

"aggs": {
 "split_by_name": {
  "terms": {
    "field": "Name",
    "min_doc_count": 3
  },
  "aggs": {
    "max_date": {
      "max": {
        "field": "Date"
        }
      }
    }
  }
}

Maximum value of elastic search query aggs

More articles: