Sum aggregation

Sum aggregation

A single-value metrics aggregation that sums up numeric values that are extracted from the aggregated documents. These values can be extracted either from specific numeric or histogram fields.

Assuming the data consists of documents representing sales records we can sum the sale price of all hats with:

  1. POST /sales/_search?size=0
  2. {
  3. "query": {
  4. "constant_score": {
  5. "filter": {
  6. "match": { "type": "hat" }
  7. }
  8. }
  9. },
  10. "aggs": {
  11. "hat_prices": { "sum": { "field": "price" } }
  12. }
  13. }

Resulting in:

  1. {
  2. ...
  3. "aggregations": {
  4. "hat_prices": {
  5. "value": 450.0
  6. }
  7. }
  8. }

The name of the aggregation (hat_prices above) also serves as the key by which the aggregation result can be retrieved from the returned response.

Script

If you need to get the sum for something more complex than a single field, run the aggregation on a runtime field.

  1. POST /sales/_search?size=0
  2. {
  3. "runtime_mappings": {
  4. "price.weighted": {
  5. "type": "double",
  6. "script": """
  7. double price = doc['price'].value;
  8. if (doc['promoted'].value) {
  9. price *= 0.8;
  10. }
  11. emit(price);
  12. """
  13. }
  14. },
  15. "query": {
  16. "constant_score": {
  17. "filter": {
  18. "match": { "type": "hat" }
  19. }
  20. }
  21. },
  22. "aggs": {
  23. "hat_prices": {
  24. "sum": {
  25. "field": "price.weighted"
  26. }
  27. }
  28. }
  29. }

Missing value

The missing parameter defines how documents that are missing a value should be treated. By default documents missing the value will be ignored but it is also possible to treat them as if they had a value. For example, this treats all hat sales without a price as being 100.

  1. POST /sales/_search?size=0
  2. {
  3. "query": {
  4. "constant_score": {
  5. "filter": {
  6. "match": { "type": "hat" }
  7. }
  8. }
  9. },
  10. "aggs": {
  11. "hat_prices": {
  12. "sum": {
  13. "field": "price",
  14. "missing": 100
  15. }
  16. }
  17. }
  18. }

Histogram fields

When sum is computed on histogram fields, the result of the aggregation is the sum of all elements in the values array multiplied by the number in the same position in the counts array.

For example, for the following index that stores pre-aggregated histograms with latency metrics for different networks:

  1. PUT metrics_index
  2. {
  3. "mappings": {
  4. "properties": {
  5. "latency_histo": { "type": "histogram" }
  6. }
  7. }
  8. }
  9. PUT metrics_index/_doc/1?refresh
  10. {
  11. "network.name" : "net-1",
  12. "latency_histo" : {
  13. "values" : [0.1, 0.2, 0.3, 0.4, 0.5],
  14. "counts" : [3, 7, 23, 12, 6]
  15. }
  16. }
  17. PUT metrics_index/_doc/2?refresh
  18. {
  19. "network.name" : "net-2",
  20. "latency_histo" : {
  21. "values" : [0.1, 0.2, 0.3, 0.4, 0.5],
  22. "counts" : [8, 17, 8, 7, 6]
  23. }
  24. }
  25. POST /metrics_index/_search?size=0&filter_path=aggregations
  26. {
  27. "aggs" : {
  28. "total_latency" : { "sum" : { "field" : "latency_histo" } }
  29. }
  30. }

For each histogram field, the sum aggregation will add each number in the values array, multiplied by its associated count in the counts array.

Eventually, it will add all values for all histograms and return the following result:

  1. {
  2. "aggregations": {
  3. "total_latency": {
  4. "value": 28.8
  5. }
  6. }
  7. }