Reputation: 3308
elasticsearch averaging a field on a bucket
I am a newbie to elasticsearch, trying to understand how aggregates and metrics work. I was particularly running an aggregate query to retrieve average num of bytesOut based on clientIPHash from an elasticsearch instance. The query I created (using kibana) is as follows:
{
"size": 0,
"query": {
"filtered": {
"query": {
"query_string": {
"query": "*",
"analyze_wildcard": true
}
},
"filter": {
"bool": {
"must": [
{
"range": {
"@timestamp": {
"gte": 1476177616965,
"lte": 1481361616965,
"format": "epoch_millis"
}
}
}
],
"must_not": []
}
}
}
},
"aggs": {
"2": {
"terms": {
"field": "ClientIP_Hash",
"size": 50,
"order": {
"1": "desc"
}
},
"aggs": {
"1": {
"avg": {
"field": "Bytes Out"
}
}
}
}
}
}
It gives me some output (supposed to be avg) grouped on clientIPHash like below:
ClientIP_Hash: Descending Average Bytes Out
64e6b1f6447fd044c5368740c3018f49 1,302,210
4ff8598a995e5fa6930889b8751708df 94,038
33b559ac9299151d881fec7508e2d943 68,527
c2095c87a0e2f254e8a37f937a68a2c0 67,083
...
The problem is, if I replace the avg with sum or min or any other metric type, I still get same values.
ClientIP_Hash: Descending Sum of Bytes Out
64e6b1f6447fd044c5368740c3018f49 1,302,210
4ff8598a995e5fa6930889b8751708df 94,038
33b559ac9299151d881fec7508e2d943 68,527
c2095c87a0e2f254e8a37f937a68a2c0 67,083
I checked the query generated by kibana, and it seems to correctly put the keyword 'sum' or 'avg' accordingly. I am puzzled why I get the same values for avg and sum or any other metric.
Upvotes: 0
Views: 47
Answers (1)
Reputation: 26
Could you see if the sample data set of yours have more values. As min, max and Avg remains the same if you have only one value.
Thanks
Upvotes: 1
Related Questions
- Find average aggregation of the top N buckets
- What is the best way to get the average number of documents per bucket in Elasticsearch?
- Sub aggregation with sum/average with Elasticsearch
- Average or Any other Aggregation on multiple fields of same type in Elastic Search
- Elasticsearch, group by field and calculate average value for another field
- Elasticsearch summing buckets
- Elastic Search: Aggregation sum on a particular field
- elasticsearch: how do I groupby a field and avg up totals?
- elasticsearch calculate average of unique values
- Elasticsearch: how to to calculate avg _score on each bucket?