es实现聚合
es通过agg实现聚合,详情可见 es文档
有时候查询es数据的时候可能需要实现多字段group by的功能,例如:
SELECT sum(item_count) from A group by field1, field2, field3要实现多个维度的聚合,需要嵌套的agg查询语句:
{
"query": {
},
"aggs": {
"field1": {
"terms": {
"field": "field1",
"size": 2147483647 #设置一个大的分桶数,防止一次统计不完整
},
"aggs": {
"field2": {
"terms": {
"field": "field2",
"size": 2147483647
},
"aggs": {
"field3": {
"terms": {
"field": "field3",
"size": 2147483647
},
"aggs": {
"sum_field": {
"sum": {
"field": "sum_field"
}
}
}
}
}
}
}
}
},
"size": 0
}用函数构建聚合语句的agg部分:
def build_query_aggs(fields, sum_field):
agg_data = {}
curr_field = agg_data
for item in fields:
curr_field[item] = {
"terms": {
"field": item,
"size": 2147483647
},
"aggs": {}
}
curr_field = curr_field[item]["aggs"]
curr_field[sum_field] = {
"sum": {
"field": sum_field
}
}
return agg_data处理得到的数据,将其组织成list:
def build_es_aggs_data(data, fields, sum_field):
curr_field = None
res_data = []
if len(fields) > 0:
curr_field = fields[0]
else:
return
curr_buckets = data[curr_field]['buckets']
for item in curr_buckets:
if len(fields) == 1:
curr_data= {}
curr_data[curr_field] = item['key']
curr_data[sum_field] = item[sum_field]["value"]
res_data.append(curr_data)
else:
pre_data = deepcopy(build_es_aggs_data(item, fields[1:], sum_field))
for pre_item in pre_data:
pre_item[curr_field] = item['key']
res_data.append(pre_item)
return res_data
python
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。