Elasticsearch先聚合再按时间排序返回需要的字段

{
"query": {
"bool": {
"must": [
{
"term": {
"area_code": "abc"
}
},
{
"terms": {
"person_id": [
"",
""
]
}
},
{
"term": {
"identity_id": ""
}
},
{
"term": {
"request_uri": "/test/getUserInfo"
}
}
]
}
},
"aggs": {
"group_by_person": {
"terms": {
"field": "person_id"
},
"aggs": {
"result_top_hits": {
"top_hits": {
"_source": {
"includes": [
"ip","location.city"
]
},
"sort": [
{
"request_time": {
"order": "asc"
}
}
],
"size":
}
}
}
}
},
"size":
}

返回

{
"took": ,
"timed_out": false,
"_shards": {
"total": ,
"successful": ,
"skipped": ,
"failed":
},
"hits": {
"total": ,
"max_score": ,
"hits": []
},
"aggregations": {
"group_by_person": {
"doc_count_error_upper_bound": ,
"sum_other_doc_count": ,
"buckets": [
{
"key": "",
"doc_count": ,
"result_top_hits": {
"hits": {
"total": ,
"max_score": null,
"hits": [
{
"_index": "nginxLog",
"_type": "doc",
"_id": "sWIKp2QBFB_dp-Y1Asto",
"_score": null,
"_source": {
"ip": "111.199.0.125",
"location": {
"city": "NVpTUTViR3g="
}
},
"sort": [ ]
}
]
}
}
},
{
"key": "",
"doc_count": ,
"result_top_hits": {
"hits": {
"total": ,
"max_score": null,
"hits": [
{
"_index": "nginx-access-log",
"_type": "doc",
"_id": "Bn0tqGQBFB_dp-Y1lN6A",
"_score": null,
"_source": {
"ip": "111.2.201.116",
"location": {
"city": "NWI2MzViZWU="
}
},
"sort": [ ]
}
]
}
}
}
]
}
}
}
上一篇:DB2数据库常用命令


下一篇:DB2数据库常用命令数据库学习