WARNING: Version 2.0 of Elasticsearch has passed its EOL date.

This documentation is no longer being maintained and may be removed. If you are running this version, we strongly advise you to upgrade. For the latest information, see the current release documentation.

« Stats Aggregation Top hits Aggregation »
Elastic Docs Elasticsearch Guide [2.0] Aggregations Metrics Aggregations

Sum Aggregation

edit

Sum Aggregation

edit

A single-value metrics aggregation that sums up numeric values that are extracted from the aggregated documents. These values can be extracted either from specific numeric fields in the documents, or be generated by a provided script.

Assuming the data consists of documents representing stock ticks, where each tick holds the change in the stock price from the previous tick.

{
    "query" : {
        "constant_score" : {
            "filter" : {
                "range" : { "timestamp" : { "from" : "now/1d+9.5h", "to" : "now/1d+16h" }}
            }
        }
    },
    "aggs" : {
        "intraday_return" : { "sum" : { "field" : "change" } }
    }
}

The above aggregation sums up all changes in the today’s trading stock ticks which accounts for the intraday return. The aggregation type is sum and the field setting defines the numeric field of the documents of which values will be summed up. The above will return the following:

{
    ...

    "aggregations": {
        "intraday_return": {
           "value": 2.18
        }
    }
}

The name of the aggregation (intraday_return above) also serves as the key by which the aggregation result can be retrieved from the returned response.

Script

edit

Computing the intraday return based on a script:

{
    ...,

    "aggs" : {
        "intraday_return" : { "sum" : { "script" : "doc['change'].value" } }
    }
}

This will interpret the script parameter as an inline script with the default script language and no script parameters. To use a file script use the following syntax:

{
    ...,

    "aggs" : {
        "intraday_return" : {
            "sum" : {
                "script" : {
                    "file": "my_script",
                    "params" : {
                        "field" : "change"
                    }
                }
            }
        }
    }
}

for indexed scripts replace the file parameter with an id parameter.

Value Script

edit

Computing the sum of squares over all stock tick changes:

{
    "aggs" : {
        ...

        "aggs" : {
            "daytime_return" : {
                "sum" : {
                    "field" : "change",
                    "script" : "_value * _value"
                }
            }
        }
    }
}

Missing value

edit

The missing parameter defines how documents that are missing a value should be treated. By default they will be ignored but it is also possible to treat them as if they had a value.

{
    "aggs" : {
        "total_time" : {
            "sum" : {
                "field" : "took",
                "missing": 100 
            }
        }
    }
}

Documents without a value in the took field will fall into the same bucket as documents that have the value 100.
« Stats Aggregation Top hits Aggregation »