Search in sources :

Example 16 with AggregationBuilder

use of org.graylog.shaded.elasticsearch6.org.elasticsearch.search.aggregations.AggregationBuilder in project graylog2-server by Graylog2.

the class ESStdDevHandler method doCreateAggregation.

@Nonnull
@Override
public Optional<AggregationBuilder> doCreateAggregation(String name, Pivot pivot, StdDev stddevSpec, ESPivot searchTypeHandler, ESGeneratedQueryContext queryContext) {
    final ExtendedStatsAggregationBuilder stddev = AggregationBuilders.extendedStats(name).field(stddevSpec.field());
    record(queryContext, pivot, stddevSpec, name, ExtendedStatsAggregation.class);
    return Optional.of(stddev);
}
Also used : ExtendedStatsAggregationBuilder(org.graylog.shaded.elasticsearch6.org.elasticsearch.search.aggregations.metrics.stats.extended.ExtendedStatsAggregationBuilder) Nonnull(javax.annotation.Nonnull)

Example 17 with AggregationBuilder

use of org.graylog.shaded.elasticsearch6.org.elasticsearch.search.aggregations.AggregationBuilder in project graylog2-server by Graylog2.

the class ESSumOfSquaresHandler method doCreateAggregation.

@Nonnull
@Override
public Optional<AggregationBuilder> doCreateAggregation(String name, Pivot pivot, SumOfSquares sumOfSquaresSpec, ESPivot searchTypeHandler, ESGeneratedQueryContext queryContext) {
    final ExtendedStatsAggregationBuilder sumOfSquares = AggregationBuilders.extendedStats(name).field(sumOfSquaresSpec.field());
    record(queryContext, pivot, sumOfSquaresSpec, name, ExtendedStatsAggregation.class);
    return Optional.of(sumOfSquares);
}
Also used : ExtendedStatsAggregationBuilder(org.graylog.shaded.elasticsearch6.org.elasticsearch.search.aggregations.metrics.stats.extended.ExtendedStatsAggregationBuilder) Nonnull(javax.annotation.Nonnull)

Example 18 with AggregationBuilder

use of org.graylog.shaded.elasticsearch6.org.elasticsearch.search.aggregations.AggregationBuilder in project graylog2-server by Graylog2.

the class ESMinHandler method doCreateAggregation.

@Nonnull
@Override
public Optional<AggregationBuilder> doCreateAggregation(String name, Pivot pivot, Min minSpec, ESPivot searchTypeHandler, ESGeneratedQueryContext queryContext) {
    final MinAggregationBuilder min = AggregationBuilders.min(name).field(minSpec.field());
    record(queryContext, pivot, minSpec, name, MinAggregation.class);
    return Optional.of(min);
}
Also used : MinAggregationBuilder(org.graylog.shaded.elasticsearch6.org.elasticsearch.search.aggregations.metrics.min.MinAggregationBuilder) Nonnull(javax.annotation.Nonnull)

Example 19 with AggregationBuilder

use of org.graylog.shaded.elasticsearch6.org.elasticsearch.search.aggregations.AggregationBuilder in project graylog2-server by Graylog2.

the class ESPivot method doGenerateQueryPart.

@Override
public void doGenerateQueryPart(SearchJob job, Query query, Pivot pivot, ESGeneratedQueryContext queryContext) {
    LOG.debug("Generating aggregation for {}", pivot);
    final SearchSourceBuilder searchSourceBuilder = queryContext.searchSourceBuilder(pivot);
    final Map<Object, Object> contextMap = queryContext.contextMap();
    final AggTypes aggTypes = new AggTypes();
    contextMap.put(pivot.id(), aggTypes);
    // holds the initial level aggregation to be added to the query
    AggregationBuilder topLevelAggregation = null;
    // holds the last complete bucket aggregation into which subsequent buckets get added
    AggregationBuilder previousAggregation = null;
    // add global rollup series if those were requested
    if (pivot.rollup()) {
        seriesStream(pivot, queryContext, "global rollup").forEach(previousAggregation != null ? previousAggregation::subAggregation : searchSourceBuilder::aggregation);
    }
    final Iterator<BucketSpec> rowBuckets = pivot.rowGroups().iterator();
    while (rowBuckets.hasNext()) {
        final BucketSpec bucketSpec = rowBuckets.next();
        final String name = queryContext.nextName();
        LOG.debug("Creating row group aggregation '{}' as {}", bucketSpec.type(), name);
        final ESPivotBucketSpecHandler<? extends PivotSpec, ? extends Aggregation> handler = bucketHandlers.get(bucketSpec.type());
        if (handler == null) {
            throw new IllegalArgumentException("Unknown row_group type " + bucketSpec.type());
        }
        final Optional<AggregationBuilder> generatedAggregation = handler.createAggregation(name, pivot, bucketSpec, this, queryContext, query);
        if (generatedAggregation.isPresent()) {
            final AggregationBuilder aggregationBuilder = generatedAggregation.get();
            if (topLevelAggregation == null) {
                topLevelAggregation = aggregationBuilder;
            }
            // always insert the series for the final row group, or for each one if explicit rollup was requested
            if (!rowBuckets.hasNext() || pivot.rollup()) {
                seriesStream(pivot, queryContext, !rowBuckets.hasNext() ? "leaf row" : "row rollup").forEach(aggregationBuilder::subAggregation);
            }
            if (previousAggregation != null) {
                previousAggregation.subAggregation(aggregationBuilder);
            } else {
                searchSourceBuilder.aggregation(aggregationBuilder);
            }
            previousAggregation = aggregationBuilder;
        }
    }
    final Iterator<BucketSpec> colBuckets = pivot.columnGroups().iterator();
    while (colBuckets.hasNext()) {
        final BucketSpec bucketSpec = colBuckets.next();
        final String name = queryContext.nextName();
        LOG.debug("Creating column group aggregation '{}' as {}", bucketSpec.type(), name);
        final ESPivotBucketSpecHandler<? extends PivotSpec, ? extends Aggregation> handler = bucketHandlers.get(bucketSpec.type());
        if (handler == null) {
            throw new IllegalArgumentException("Unknown column_group type " + bucketSpec.type());
        }
        final Optional<AggregationBuilder> generatedAggregation = handler.createAggregation(name, pivot, bucketSpec, this, queryContext, query);
        if (generatedAggregation.isPresent()) {
            final AggregationBuilder aggregationBuilder = generatedAggregation.get();
            // always insert the series for the final row group, or for each one if explicit rollup was requested
            if (!colBuckets.hasNext() || pivot.rollup()) {
                seriesStream(pivot, queryContext, !colBuckets.hasNext() ? "leaf column" : "column rollup").forEach(aggregationBuilder::subAggregation);
            }
            if (previousAggregation != null) {
                previousAggregation.subAggregation(aggregationBuilder);
            } else {
                searchSourceBuilder.aggregation(aggregationBuilder);
            }
            previousAggregation = aggregationBuilder;
        }
    }
    final MinAggregationBuilder startTimestamp = AggregationBuilders.min("timestamp-min").field("timestamp");
    final MaxAggregationBuilder endTimestamp = AggregationBuilders.max("timestamp-max").field("timestamp");
    searchSourceBuilder.aggregation(startTimestamp);
    searchSourceBuilder.aggregation(endTimestamp);
    if (topLevelAggregation == null) {
        LOG.debug("No aggregations generated for {}", pivot);
    }
}
Also used : MinAggregationBuilder(org.graylog.shaded.elasticsearch6.org.elasticsearch.search.aggregations.metrics.min.MinAggregationBuilder) MaxAggregationBuilder(org.graylog.shaded.elasticsearch6.org.elasticsearch.search.aggregations.metrics.max.MaxAggregationBuilder) AggregationBuilder(org.graylog.shaded.elasticsearch6.org.elasticsearch.search.aggregations.AggregationBuilder) BucketSpec(org.graylog.plugins.views.search.searchtypes.pivot.BucketSpec) SearchSourceBuilder(org.graylog.shaded.elasticsearch6.org.elasticsearch.search.builder.SearchSourceBuilder) MaxAggregationBuilder(org.graylog.shaded.elasticsearch6.org.elasticsearch.search.aggregations.metrics.max.MaxAggregationBuilder) MinAggregationBuilder(org.graylog.shaded.elasticsearch6.org.elasticsearch.search.aggregations.metrics.min.MinAggregationBuilder)

Example 20 with AggregationBuilder

use of org.graylog.shaded.elasticsearch6.org.elasticsearch.search.aggregations.AggregationBuilder in project graylog2-server by Graylog2.

the class ESCountHandler method doCreateAggregation.

@Nonnull
@Override
public Optional<AggregationBuilder> doCreateAggregation(String name, Pivot pivot, Count count, ESPivot searchTypeHandler, ESGeneratedQueryContext queryContext) {
    final String field = count.field();
    if (field == null) {
        // doc_count is always present in elasticsearch's bucket aggregations, no need to add it
        return Optional.empty();
    } else {
        // the request was for a field count, we have to add a value_count sub aggregation
        final ValueCountAggregationBuilder value = AggregationBuilders.count(name).field(field);
        record(queryContext, pivot, count, name, ValueCountAggregation.class);
        return Optional.of(value);
    }
}
Also used : ValueCountAggregationBuilder(org.graylog.shaded.elasticsearch6.org.elasticsearch.search.aggregations.metrics.valuecount.ValueCountAggregationBuilder) Nonnull(javax.annotation.Nonnull)

Aggregations

AggregationBuilder (org.elasticsearch.search.aggregations.AggregationBuilder)39 TermsAggregationBuilder (org.elasticsearch.search.aggregations.bucket.terms.TermsAggregationBuilder)28 Nonnull (javax.annotation.Nonnull)14 FilterAggregationBuilder (org.elasticsearch.search.aggregations.bucket.filter.FilterAggregationBuilder)13 BoolQueryBuilder (org.elasticsearch.index.query.BoolQueryBuilder)10 AbstractAggregationBuilder (org.elasticsearch.search.aggregations.AbstractAggregationBuilder)10 SumAggregationBuilder (org.elasticsearch.search.aggregations.metrics.SumAggregationBuilder)8 CardinalityAggregationBuilder (org.elasticsearch.search.aggregations.metrics.cardinality.CardinalityAggregationBuilder)8 ArrayList (java.util.ArrayList)7 RangeAggregationBuilder (org.elasticsearch.search.aggregations.bucket.range.RangeAggregationBuilder)7 DateRangeAggregationBuilder (org.elasticsearch.search.aggregations.bucket.range.date.DateRangeAggregationBuilder)7 Map (java.util.Map)6 SearchResponse (org.elasticsearch.action.search.SearchResponse)6 GeoGridAggregationBuilder (org.elasticsearch.search.aggregations.bucket.geogrid.GeoGridAggregationBuilder)6 DateHistogramAggregationBuilder (org.elasticsearch.search.aggregations.bucket.histogram.DateHistogramAggregationBuilder)6 HistogramAggregationBuilder (org.elasticsearch.search.aggregations.bucket.histogram.HistogramAggregationBuilder)6 PercentilesAggregationBuilder (org.elasticsearch.search.aggregations.metrics.percentiles.PercentilesAggregationBuilder)6 ExtendedStatsAggregationBuilder (org.elasticsearch.search.aggregations.metrics.stats.extended.ExtendedStatsAggregationBuilder)6 BucketSelectorPipelineAggregationBuilder (org.elasticsearch.search.aggregations.pipeline.bucketselector.BucketSelectorPipelineAggregationBuilder)6 HashMap (java.util.HashMap)5