1,116 questions
-1
votes
0
answers
11
views
Why is this 5 Hour Date Histogram bucket starting at 3am?
So I know that Date Histograms can be quite tricky, so I have tested this in as easy of an environment as possible.
I have an index with 1 document. This document has a date field "2025-04-25T05:...
- 2,603
0
votes
0
answers
13
views
How can my elasticsearch query be optimized?
My query is taking more than a minute to execute most of the time. The index being queried also receives frequent write updates — at least 500 requests per minute. This is the query I am talking about:...
- 898
1
vote
1
answer
23
views
elastalert2 aggregation send alert to email includes repeating texts after table
I am sending count of statusCode in access log from elasticsearch using elastalert2.
i am able to send and receive alert via email, but i am receiving repeating texts after the table. (the repeating ...
- 11
1
vote
0
answers
38
views
Why is my new Elasticsearch index slower under load despite optimized mapping?
We've created a new Elasticsearch index (test-events-v4) with what we believed to be a more optimized mapping for storage. However, during load testing, we've observed significantly higher 99th ...
- 898
0
votes
0
answers
25
views
Does a high size value in Elasticsearch terms aggregation increase memory usage if fewer buckets are returned?
I'm using a terms aggregation in Elasticsearch and have a question about the size parameter.
If I set size: 1000 in the aggregation, but the actual number of buckets returned is always much lower—say ...
- 27
0
votes
1
answer
30
views
Elasticsearch Terms Aggregation query causes CPU spikes and too slow to respond
Quick info on my index and the data stores:
Index contains about 1.2 billion documents spread across 14 shards --> 350 GB of data and each shard having 25-30 GB of Data.
The index has a keyword ...
- 43
0
votes
0
answers
20
views
Elasticsearch date_range aggregation with +4w starts on Sunday instead of ISO week Monday — Bug or expected behavior?
I'm using an Elasticsearch date_range aggregation with weekly offsets like +4w, and I'm seeing what seems to be incorrect behavior: the range boundaries resolve to midnight on Sunday, rather than ...
0
votes
0
answers
22
views
Aggregation based on range and term
Problem: I want to have a bucket with range aggregation on win probability. But instead of having Bucket of "WON" based on win probability, have it on Constants.REVENUE_STATUS is "WON&...
- 399
0
votes
0
answers
10
views
Elasticsearch get values from multiple documents based on common value
I have to fetch the values from different documents in Elasticsearch.
Ex. documents like
BOOKS, AUTHORS, SALES
Books contains values like (id, name, pagecount, type, price, category... etc)
Authors ...
- 725
1
vote
0
answers
33
views
ElasticSearch: Need to aggregate on an aggregation to get count of status values based on last field for each session
We have a series of status updates for projects and the last update for a given project is the one we want to report on in several ways. For instance:
ProjectID
DateTime
EventDescription
001
2024-12-...
- 39
0
votes
0
answers
22
views
Elasticsearch Aggregations: Trying to use an alphabetical bucket sort within a terms aggregation
I am currently using Elasticsearch 8.15. I am in a bit of a conundrum trying to achieve outer and inner bucket sorting for strings (sorted asc or desc alphabetically). My index, hazard, looks a little ...
0
votes
0
answers
55
views
Terms/Multi-terms aggregation with null/missing values for a field
In terms aggregation, we need the count of null/missing documents as well with count of there values as well.
I know that we can use Terms aggregation with missing which requires us to provide a ...
0
votes
0
answers
26
views
how to use variables inside elastic search bucket script
I have a very simple data structure called View that is created every time a user watches a video on my page, churnTime contains the time the user left the video before it ended, if the user watched ...
0
votes
1
answer
34
views
Elastic search : multiple criterias on text search
I've a question to setting my index in elastic Search.
My index has 3 fields: desig, desigSec and idRef.
In my UI application, i've a single input to search in theses 3 fields.
So i've defined this ...
0
votes
1
answer
194
views
How to Create a Histogram of Summed Nested Fields in OpenSearch?
I am working with an OpenSearch index where each document represents a dispute and contains a nested array of transactions. My goal is to compute the sum of a specific field in the nested transactions ...
- 13.9k