lqb
/
elasticsearch
mirror of https://gitee.com/mirrors/elasticsearch.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216
							[[search-aggregations-metrics-sum-aggregation]]
=== Sum aggregation
++++
<titleabbrev>Sum</titleabbrev>
++++

A `single-value` metrics aggregation that sums up numeric values that are extracted from the aggregated documents.
These values can be extracted either from specific numeric or <<histogram,histogram>> fields in the documents,
or be generated by a provided script.

Assuming the data consists of documents representing sales records we can sum
the sale price of all hats with:

[source,console]
--------------------------------------------------
POST /sales/_search?size=0
{
  "query": {
    "constant_score": {
      "filter": {
        "match": { "type": "hat" }
      }
    }
  },
  "aggs": {
    "hat_prices": { "sum": { "field": "price" } }
  }
}
--------------------------------------------------
// TEST[setup:sales]

Resulting in:

[source,console-result]
--------------------------------------------------
{
  ...
  "aggregations": {
    "hat_prices": {
      "value": 450.0
    }
  }
}
--------------------------------------------------
// TESTRESPONSE[s/\.\.\./"took": $body.took,"timed_out": false,"_shards": $body._shards,"hits": $body.hits,/]

The name of the aggregation (`hat_prices` above) also serves as the key by which the aggregation result can be retrieved from the returned response.

==== Script

We could also use a script to fetch the sales price:

[source,console]
--------------------------------------------------
POST /sales/_search?size=0
{
  "query": {
    "constant_score": {
      "filter": {
        "match": { "type": "hat" }
      }
    }
  },
  "aggs": {
    "hat_prices": {
      "sum": {
        "script": {
          "source": "doc.price.value"
        }
      }
    }
  }
}
--------------------------------------------------
// TEST[setup:sales]

This will interpret the `script` parameter as an `inline` script with the `painless` script language and no script parameters. To use a stored script use the following syntax:

[source,console]
--------------------------------------------------
POST /sales/_search?size=0
{
  "query": {
    "constant_score": {
      "filter": {
        "match": { "type": "hat" }
      }
    }
  },
  "aggs": {
    "hat_prices": {
      "sum": {
        "script": {
          "id": "my_script",
          "params": {
            "field": "price"
          }
        }
      }
    }
  }
}
--------------------------------------------------
// TEST[setup:sales,stored_example_script]

===== Value Script

It is also possible to access the field value from the script using `_value`.
For example, this will sum the square of the prices for all hats:

[source,console]
--------------------------------------------------
POST /sales/_search?size=0
{
  "query": {
    "constant_score": {
      "filter": {
        "match": { "type": "hat" }
      }
    }
  },
  "aggs": {
    "square_hats": {
      "sum": {
        "field": "price",
        "script": {
          "source": "_value * _value"
        }
      }
    }
  }
}
--------------------------------------------------
// TEST[setup:sales]

==== Missing value

The `missing` parameter defines how documents that are missing a value should
be treated. By default documents missing the value will be ignored but it is
also possible to treat them as if they had a value. For example, this treats
all hat sales without a price as being `100`.

[source,console]
--------------------------------------------------
POST /sales/_search?size=0
{
  "query": {
    "constant_score": {
      "filter": {
        "match": { "type": "hat" }
      }
    }
  },
  "aggs": {
    "hat_prices": {
      "sum": {
        "field": "price",
        "missing": 100 <1>
      }
    }
  }
}
--------------------------------------------------
// TEST[setup:sales]

[[search-aggregations-metrics-sum-aggregation-histogram-fields]]
==== Histogram fields

When sum is computed on <<histogram,histogram fields>>, the result of the aggregation is the sum of all elements in the `values`
array multiplied by the number in the same position in the `counts` array.

For example, for the following index that stores pre-aggregated histograms with latency metrics for different networks:

[source,console]
--------------------------------------------------
PUT metrics_index/_doc/1
{
  "network.name" : "net-1",
  "latency_histo" : {
      "values" : [0.1, 0.2, 0.3, 0.4, 0.5], <1>
      "counts" : [3, 7, 23, 12, 6] <2>
   }
}

PUT metrics_index/_doc/2
{
  "network.name" : "net-2",
  "latency_histo" : {
      "values" :  [0.1, 0.2, 0.3, 0.4, 0.5], <1>
      "counts" : [8, 17, 8, 7, 6] <2>
   }
}

POST /metrics_index/_search?size=0
{
  "aggs" : {
    "total_latency" : { "sum" : { "field" : "latency_histo" } }
  }
}
--------------------------------------------------

For each histogram field the `sum` aggregation will multiply each number in the `values` array <1> multiplied by its associated count
in the `counts` array <2>. Eventually, it will add all values for all histograms and return the following result:

[source,console-result]
--------------------------------------------------
{
  ...
  "aggregations": {
    "total_latency": {
      "value": 28.8
    }
  }
}
--------------------------------------------------
// TESTRESPONSE[skip:test not setup]