193 lines
5.0 KiB
Plaintext
193 lines
5.0 KiB
Plaintext
[[search-aggregations-metrics-max-aggregation]]
|
|
=== Max Aggregation
|
|
|
|
A `single-value` metrics aggregation that keeps track and returns the maximum
|
|
value among the numeric values extracted from the aggregated documents. These
|
|
values can be extracted either from specific numeric fields in the documents,
|
|
or be generated by a provided script.
|
|
|
|
NOTE: The `min` and `max` aggregation operate on the `double` representation of
|
|
the data. As a consequence, the result may be approximate when running on longs
|
|
whose absolute value is greater than +2^53+.
|
|
|
|
Computing the max price value across all documents
|
|
|
|
[source,console]
|
|
--------------------------------------------------
|
|
POST /sales/_search?size=0
|
|
{
|
|
"aggs": {
|
|
"max_price": { "max": { "field": "price" } }
|
|
}
|
|
}
|
|
--------------------------------------------------
|
|
// TEST[setup:sales]
|
|
|
|
Response:
|
|
|
|
[source,console-result]
|
|
--------------------------------------------------
|
|
{
|
|
...
|
|
"aggregations": {
|
|
"max_price": {
|
|
"value": 200.0
|
|
}
|
|
}
|
|
}
|
|
--------------------------------------------------
|
|
// TESTRESPONSE[s/\.\.\./"took": $body.took,"timed_out": false,"_shards": $body._shards,"hits": $body.hits,/]
|
|
|
|
As can be seen, the name of the aggregation (`max_price` above) also serves as
|
|
the key by which the aggregation result can be retrieved from the returned
|
|
response.
|
|
|
|
==== Script
|
|
|
|
The `max` aggregation can also calculate the maximum of a script. The example
|
|
below computes the maximum price:
|
|
|
|
[source,console]
|
|
--------------------------------------------------
|
|
POST /sales/_search
|
|
{
|
|
"aggs" : {
|
|
"max_price" : {
|
|
"max" : {
|
|
"script" : {
|
|
"source" : "doc.price.value"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
--------------------------------------------------
|
|
// TEST[setup:sales]
|
|
|
|
This will use the <<modules-scripting-painless, Painless>> scripting language
|
|
and no script parameters. To use a stored script use the following syntax:
|
|
|
|
[source,console]
|
|
--------------------------------------------------
|
|
POST /sales/_search
|
|
{
|
|
"aggs" : {
|
|
"max_price" : {
|
|
"max" : {
|
|
"script" : {
|
|
"id": "my_script",
|
|
"params": {
|
|
"field": "price"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
--------------------------------------------------
|
|
// TEST[setup:sales,stored_example_script]
|
|
|
|
==== Value Script
|
|
|
|
Let's say that the prices of the documents in our index are in USD, but we
|
|
would like to compute the max in EURO (and for the sake of this example, let's
|
|
say the conversion rate is 1.2). We can use a value script to apply the
|
|
conversion rate to every value before it is aggregated:
|
|
|
|
[source,console]
|
|
--------------------------------------------------
|
|
POST /sales/_search
|
|
{
|
|
"aggs" : {
|
|
"max_price_in_euros" : {
|
|
"max" : {
|
|
"field" : "price",
|
|
"script" : {
|
|
"source" : "_value * params.conversion_rate",
|
|
"params" : {
|
|
"conversion_rate" : 1.2
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
--------------------------------------------------
|
|
// TEST[setup:sales]
|
|
|
|
==== Missing value
|
|
|
|
The `missing` parameter defines how documents that are missing a value should
|
|
be treated. By default they will be ignored but it is also possible to treat
|
|
them as if they had a value.
|
|
|
|
[source,console]
|
|
--------------------------------------------------
|
|
POST /sales/_search
|
|
{
|
|
"aggs" : {
|
|
"grade_max" : {
|
|
"max" : {
|
|
"field" : "grade",
|
|
"missing": 10 <1>
|
|
}
|
|
}
|
|
}
|
|
}
|
|
--------------------------------------------------
|
|
// TEST[setup:sales]
|
|
|
|
<1> Documents without a value in the `grade` field will fall into the same
|
|
bucket as documents that have the value `10`.
|
|
|
|
[[search-aggregations-metrics-max-aggregation-histogram-fields]]
|
|
==== Histogram fields
|
|
|
|
When `max` is computed on <<histogram,histogram fields>>, the result of the aggregation is the maximum
|
|
of all elements in the `values` array. Note, that the `counts` array of the histogram is ignored.
|
|
|
|
For example, for the following index that stores pre-aggregated histograms with latency metrics for different networks:
|
|
|
|
[source,console]
|
|
--------------------------------------------------
|
|
PUT metrics_index/_doc/1
|
|
{
|
|
"network.name" : "net-1",
|
|
"latency_histo" : {
|
|
"values" : [0.1, 0.2, 0.3, 0.4, 0.5], <1>
|
|
"counts" : [3, 7, 23, 12, 6] <2>
|
|
}
|
|
}
|
|
|
|
PUT metrics_index/_doc/2
|
|
{
|
|
"network.name" : "net-2",
|
|
"latency_histo" : {
|
|
"values" : [0.1, 0.2, 0.3, 0.4, 0.5], <1>
|
|
"counts" : [8, 17, 8, 7, 6] <2>
|
|
}
|
|
}
|
|
|
|
POST /metrics_index/_search?size=0
|
|
{
|
|
"aggs" : {
|
|
"min_latency" : { "min" : { "field" : "latency_histo" } }
|
|
}
|
|
}
|
|
--------------------------------------------------
|
|
|
|
The `max` aggregation will return the maximum value of all histogram fields:
|
|
|
|
[source,console-result]
|
|
--------------------------------------------------
|
|
{
|
|
...
|
|
"aggregations": {
|
|
"min_latency": {
|
|
"value": 0.5
|
|
}
|
|
}
|
|
}
|
|
--------------------------------------------------
|
|
// TESTRESPONSE[skip:test not setup]
|