Home Explore Help
Sign In
lqb
/
elasticsearch
mirror of https://gitee.com/mirrors/elasticsearch.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: 1364f50cbf
Branches Tags
elasticsearch
/
docs
/
reference
/
sql
/
functions
/
grouping.asciidoc

grouping.asciidoc 4.5 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104 
  1. [role="xpack"]
    2. 

  2. [[sql-functions-grouping]]
    3. 

  3. === Grouping Functions
    4. 

  4. 

  5. Functions for creating special __grouping__s (also known as _bucketing_); as such these need to be used
    6. 

  6. as part of the <<sql-syntax-group-by, grouping>>.
    7. 

  7. 

  8. [[sql-functions-grouping-histogram]]
    9. 

  9. ==== `HISTOGRAM`
    10. 

  10. 

  11. .Synopsis:
    12. 

  12. [source, sql]
    13. 

  13. ----
    14. 

  14. HISTOGRAM(
    15. 

  15.     numeric_exp,        <1>
    16. 

  16.     numeric_interval)   <2>
    17. 

  17. 

  18. HISTOGRAM(
    19. 

  19.     date_exp,           <3>
    20. 

  20.     date_time_interval) <4>
    21. 

  21. ----
    22. 

  22. 

  23. *Input*:
    24. 

  24. 

  25. <1> numeric expression (typically a field). If this field contains only `null`
    26. 

  26. values, the function returns `null`. Otherwise, the function ignores `null`
    27. 

  27. values in this field.
    28. 

  28. <2> numeric interval. If `null`, the function returns `null`.
    29. 

  29. <3> date/time expression (typically a field). If this field contains only `null`
    30. 

  30. values, the function returns `null`. Otherwise, the function ignores `null`
    31. 

  31. values in this field.
    32. 

  32. <4> date/time <<sql-functions-datetime-interval, interval>>. If `null`, the
    33. 

  33. function returns `null`.
    34. 

  34. 

  35. *Output*: non-empty buckets or groups of the given expression divided according to the given interval
    36. 

  36. 

  37. *Description*: The histogram function takes all matching values and divides them into buckets with fixed size matching the given interval, using (roughly) the following formula:
    38. 

  38. 

  39. [source, sql]
    40. 

  40. ----
    41. 

  41. bucket_key = Math.floor(value / interval) * interval
    42. 

  42. ----
    43. 

  43. 

  44. [NOTE]
    45. 

  45. The histogram in SQL does *NOT* return empty buckets for missing intervals as the traditional <<search-aggregations-bucket-histogram-aggregation, histogram>> and  <<search-aggregations-bucket-datehistogram-aggregation, date histogram>>. Such behavior does not fit conceptually in SQL which treats all missing values as `null`; as such the histogram places all missing values in the `null` group.
    46. 

  46. 

  47. `Histogram` can be applied on either numeric fields:
    48. 

  48. 

  49. 

  50. [source, sql]
    51. 

  51. ----
    52. 

  52. include-tagged::{sql-specs}/docs/docs.csv-spec[histogramNumeric]
    53. 

  53. ----
    54. 

  54. 

  55. or date/time fields:
    56. 

  56. 

  57. [source, sql]
    58. 

  58. ----
    59. 

  59. include-tagged::{sql-specs}/docs/docs.csv-spec[histogramDateTime]
    60. 

  60. ----
    61. 

  61. 

  62. Expressions inside the histogram are also supported as long as the
    63. 

  63. return type is numeric:
    64. 

  64. 

  65. [source, sql]
    66. 

  66. ----
    67. 

  67. include-tagged::{sql-specs}/docs/docs.csv-spec[histogramNumericExpression]
    68. 

  68. ----
    69. 

  69. 

  70. Do note that histograms (and grouping functions in general) allow custom expressions but cannot have any functions applied to them in the `GROUP BY`. In other words, the following statement is *NOT* allowed:
    71. 

  71. 

  72. [source, sql]
    73. 

  73. ----
    74. 

  74. include-tagged::{sql-specs}/docs/docs.csv-spec[expressionOnHistogramNotAllowed]
    75. 

  75. ----
    76. 

  76. 

  77. as it requires two groupings (one for histogram followed by a second for applying the function on top of the histogram groups).
    78. 

  78. 

  79. Instead one can rewrite the query to move the expression on the histogram _inside_ of it:
    80. 

  80. 

  81. [source, sql]
    82. 

  82. ----
    83. 

  83. include-tagged::{sql-specs}/docs/docs.csv-spec[histogramDateTimeExpression]
    84. 

  84. ----
    85. 

  85. 

  86. [IMPORTANT]
    87. 

  87. When the histogram in SQL is applied on **DATE** type instead of **DATETIME**, the interval specified is truncated to
    88. 

  88. the multiple of a day. E.g.: for `HISTOGRAM(CAST(birth_date AS DATE), INTERVAL '2 3:04' DAY TO MINUTE)` the interval
    89. 

  89. actually used will be `INTERVAL '2' DAY`. If the interval specified is less than 1 day, e.g.:
    90. 

  90. `HISTOGRAM(CAST(birth_date AS DATE), INTERVAL '20' HOUR)` then the interval used will be `INTERVAL '1' DAY`.
    91. 

  91. 

  92. [IMPORTANT]
    93. 

  93. All intervals specified for a date/time HISTOGRAM will use a <<search-aggregations-bucket-datehistogram-aggregation,fixed interval>>
    94. 

  94. in their `date_histogram` aggregation definition, with the notable exceptions of `INTERVAL '1' YEAR`, `INTERVAL '1' MONTH` and `INTERVAL '1' DAY`  where a calendar interval is used.
    95. 

  95. The choice for a calendar interval was made for having a more intuitive result for YEAR, MONTH and DAY groupings. In the case of YEAR, for example, the calendar intervals consider a one year
    96. 

  96. bucket as the one starting on January 1st that specific year, whereas a fixed interval one-year-bucket considers one year as a number
    97. 

  97. of milliseconds (for example, `31536000000ms` corresponding to 365 days, 24 hours per day, 60 minutes per hour etc.). With fixed intervals,
    98. 

  98. the day of February 5th, 2019 for example, belongs to a bucket that starts on December 20th, 2018 and {es} (and implicitly {es-sql}) would
    99. 

  99. have returned the year 2018 for a date that's actually in 2019. With calendar interval this behavior is more intuitive, having the day of
    100. 

  100. February 5th, 2019 actually belonging to the 2019 year bucket. 
    101. 

  101. 

  102. [IMPORTANT]
    103. 

  103. Histogram in SQL cannot be applied on **TIME** type.
    104. 

  104. E.g.: `HISTOGRAM(CAST(birth_date AS TIME), INTERVAL '10' MINUTES)` is currently not supported.
    105.