214 lines
5.6 KiB
Plaintext
214 lines
5.6 KiB
Plaintext
[[search-aggregations-metrics-sum-aggregation]]
|
|
=== Sum Aggregation
|
|
|
|
A `single-value` metrics aggregation that sums up numeric values that are extracted from the aggregated documents.
|
|
These values can be extracted either from specific numeric or <<histogram,histogram>> fields in the documents,
|
|
or be generated by a provided script.
|
|
|
|
Assuming the data consists of documents representing sales records we can sum
|
|
the sale price of all hats with:
|
|
|
|
[source,console]
|
|
--------------------------------------------------
|
|
POST /sales/_search?size=0
|
|
{
|
|
"query" : {
|
|
"constant_score" : {
|
|
"filter" : {
|
|
"match" : { "type" : "hat" }
|
|
}
|
|
}
|
|
},
|
|
"aggs" : {
|
|
"hat_prices" : { "sum" : { "field" : "price" } }
|
|
}
|
|
}
|
|
--------------------------------------------------
|
|
// TEST[setup:sales]
|
|
|
|
Resulting in:
|
|
|
|
[source,console-result]
|
|
--------------------------------------------------
|
|
{
|
|
...
|
|
"aggregations" : {
|
|
"hat_prices" : {
|
|
"value" : 450.0
|
|
}
|
|
}
|
|
}
|
|
--------------------------------------------------
|
|
// TESTRESPONSE[s/\.\.\./"took": $body.took,"timed_out": false,"_shards": $body._shards,"hits": $body.hits,/]
|
|
|
|
The name of the aggregation (`hat_prices` above) also serves as the key by which the aggregation result can be retrieved from the returned response.
|
|
|
|
==== Script
|
|
|
|
We could also use a script to fetch the sales price:
|
|
|
|
[source,console]
|
|
--------------------------------------------------
|
|
POST /sales/_search?size=0
|
|
{
|
|
"query" : {
|
|
"constant_score" : {
|
|
"filter" : {
|
|
"match" : { "type" : "hat" }
|
|
}
|
|
}
|
|
},
|
|
"aggs" : {
|
|
"hat_prices" : {
|
|
"sum" : {
|
|
"script" : {
|
|
"source": "doc.price.value"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
--------------------------------------------------
|
|
// TEST[setup:sales]
|
|
|
|
This will interpret the `script` parameter as an `inline` script with the `painless` script language and no script parameters. To use a stored script use the following syntax:
|
|
|
|
[source,console]
|
|
--------------------------------------------------
|
|
POST /sales/_search?size=0
|
|
{
|
|
"query" : {
|
|
"constant_score" : {
|
|
"filter" : {
|
|
"match" : { "type" : "hat" }
|
|
}
|
|
}
|
|
},
|
|
"aggs" : {
|
|
"hat_prices" : {
|
|
"sum" : {
|
|
"script" : {
|
|
"id": "my_script",
|
|
"params" : {
|
|
"field" : "price"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
--------------------------------------------------
|
|
// TEST[setup:sales,stored_example_script]
|
|
|
|
===== Value Script
|
|
|
|
It is also possible to access the field value from the script using `_value`.
|
|
For example, this will sum the square of the prices for all hats:
|
|
|
|
[source,console]
|
|
--------------------------------------------------
|
|
POST /sales/_search?size=0
|
|
{
|
|
"query" : {
|
|
"constant_score" : {
|
|
"filter" : {
|
|
"match" : { "type" : "hat" }
|
|
}
|
|
}
|
|
},
|
|
"aggs" : {
|
|
"square_hats" : {
|
|
"sum" : {
|
|
"field" : "price",
|
|
"script" : {
|
|
"source": "_value * _value"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
--------------------------------------------------
|
|
// TEST[setup:sales]
|
|
|
|
==== Missing value
|
|
|
|
The `missing` parameter defines how documents that are missing a value should
|
|
be treated. By default documents missing the value will be ignored but it is
|
|
also possible to treat them as if they had a value. For example, this treats
|
|
all hat sales without a price as being `100`.
|
|
|
|
[source,console]
|
|
--------------------------------------------------
|
|
POST /sales/_search?size=0
|
|
{
|
|
"query" : {
|
|
"constant_score" : {
|
|
"filter" : {
|
|
"match" : { "type" : "hat" }
|
|
}
|
|
}
|
|
},
|
|
"aggs" : {
|
|
"hat_prices" : {
|
|
"sum" : {
|
|
"field" : "price",
|
|
"missing": 100 <1>
|
|
}
|
|
}
|
|
}
|
|
}
|
|
--------------------------------------------------
|
|
// TEST[setup:sales]
|
|
|
|
[[search-aggregations-metrics-sum-aggregation-histogram-fields]]
|
|
==== Histogram fields
|
|
|
|
When sum is computed on <<histogram,histogram fields>>, the result of the aggregation is the sum of all elements in the `values`
|
|
array multiplied by the number in the same position in the `counts` array.
|
|
|
|
For example, for the following index that stores pre-aggregated histograms with latency metrics for different networks:
|
|
|
|
[source,console]
|
|
--------------------------------------------------
|
|
PUT metrics_index/_doc/1
|
|
{
|
|
"network.name" : "net-1",
|
|
"latency_histo" : {
|
|
"values" : [0.1, 0.2, 0.3, 0.4, 0.5], <1>
|
|
"counts" : [3, 7, 23, 12, 6] <2>
|
|
}
|
|
}
|
|
|
|
PUT metrics_index/_doc/2
|
|
{
|
|
"network.name" : "net-2",
|
|
"latency_histo" : {
|
|
"values" : [0.1, 0.2, 0.3, 0.4, 0.5], <1>
|
|
"counts" : [8, 17, 8, 7, 6] <2>
|
|
}
|
|
}
|
|
|
|
POST /metrics_index/_search?size=0
|
|
{
|
|
"aggs" : {
|
|
"total_latency" : { "sum" : { "field" : "latency_histo" } }
|
|
}
|
|
}
|
|
--------------------------------------------------
|
|
|
|
For each histogram field the `sum` aggregation will multiply each number in the `values` array <1> multiplied by its associated count
|
|
in the `counts` array <2>. Eventually, it will add all values for all histograms and return the following result:
|
|
|
|
[source,console-result]
|
|
--------------------------------------------------
|
|
{
|
|
...
|
|
"aggregations" : {
|
|
"total_latency" : {
|
|
"value" : 28.8
|
|
}
|
|
}
|
|
}
|
|
--------------------------------------------------
|
|
// TESTRESPONSE[skip:test not setup]
|