logs2dataflow.py 文件源码

def get_log_aggregate(query, group_by, stats_field):
    # @see https://www.elastic.co/guide/en/elasticsearch/reference/2.0/search-aggregations.html
    # @see https://www.elastic.co/guide/en/elasticsearch/reference/2.0/search-aggregations-metrics-stats-aggregation.html
    # @see https://www.elastic.co/guide/en/elasticsearch/reference/2.0/search-aggregations-bucket-terms-aggregation.html
    aggs = {
        "aggregations": {
            "group_by_agg": {
                "terms": {
                    "field": group_by
                },
            },
            "aggregations": {
                "stats" : { "field" : stats_field }
            }
        }
    }

    res = get_log_messages(query, extra=aggs, limit=0, batch=0, return_raw=True)
    res = list(res)[0]

    aggs = res['aggregations']
    # print(aggs)

    # build stats
    buckets = {}
    for agg in aggs['group_by_agg']['buckets']:
        buckets[agg['key']] = agg['doc_count']

    stats = aggs['aggregations']

    return buckets, stats