I know that elasticsearch allows sub-aggregation (i.e. nested aggregation), however I would like to apply aggregation to the result of the “first” aggregation (or in the general case of any query - aggregation or not).
A specific example: I register events about user actions (for simplicity, I have documents with user_idand action). I can make a request that counts the number of actions performed by each user. However, I would like to know the percentage (or number) of active users (for example, users who completed more than 10 actions). Ideal result: histogram for all users showing how active the users are.
Is there any way to create such a query? Or is there any other approach I can take besides storing the aggregated results of the subquery and calculating the histogram from this?
Note. I examined the issue of Elastic Search and "sub query" , but it was about something else, and more than one and a half years have passed, and elasticsearch is actively developing.
In addition, it seems that in version 1.4, scripted aggregation of metrics will be available, but in any case, you will need to store a counter for each user until the reduction phase. And some kind of “rough solution” is good for me - it looks like ES uses internally for its aggregations .
sodik source
share