Path parameters
- id
string Required Identifier for the rollup job. This can be any alphanumeric string and uniquely identifies the data that is associated with the rollup job. The ID is persistent; it is stored with the rolled up data. If you create a job, let it run for a while, then delete the job, the data that the job rolled up is still be associated with this job ID. You cannot create a new job with the same ID since that could lead to problems with mismatched job configurations.
BodyRequired
- cron
string Required A cron string which defines the intervals when the rollup job should be executed. When the interval triggers, the indexer attempts to rollup the data in the index pattern. The cron pattern is unrelated to the time interval of the data being rolled up. For example, you may wish to create hourly rollups of your document but to only run the indexer on a daily basis at midnight, as defined by the cron. The cron pattern is defined just like a Watcher cron schedule.
- groups
object Required - index_pattern
string Required The index or index pattern to roll up. Supports wildcard-style patterns (
logstash-*). The job attempts to rollup the entire index or index-pattern. - metrics
array[object] Defines the metrics to collect for each grouping tuple. By default, only the doc_counts are collected for each group. To make rollup useful, you will often add metrics like averages, mins, maxes, etc. Metrics are defined on a per-field basis and for each field you configure which metric should be collected.
- page_size
number Required The number of bucket results that are processed on each iteration of the rollup indexer. A larger value tends to execute faster, but requires more memory during processing. This value has no effect on how the data is rolled up; it is merely used for tweaking the speed or memory cost of the indexer.
- rollup_index
string Required - timeout
string A duration. Units can be
nanos,micros,ms(milliseconds),s(seconds),m(minutes),h(hours) andd(days). Also accepts "0" without a unit and "-1" to indicate an unspecified value. - headers
object
PUT _rollup/job/sensor
{
"index_pattern": "sensor-*",
"rollup_index": "sensor_rollup",
"cron": "*/30 * * * * ?",
"page_size": 1000,
"groups": {
"date_histogram": {
"field": "timestamp",
"fixed_interval": "1h",
"delay": "7d"
},
"terms": {
"fields": [ "node" ]
}
},
"metrics": [
{
"field": "temperature",
"metrics": [ "min", "max", "sum" ]
},
{
"field": "voltage",
"metrics": [ "avg" ]
}
]
}curl \
--request PUT 'http://api.example.com/_rollup/job/{id}' \
--header "Authorization: $API_KEY" \
--header "Content-Type: application/json" \
--data '"{\n \"index_pattern\": \"sensor-*\",\n \"rollup_index\": \"sensor_rollup\",\n \"cron\": \"*/30 * * * * ?\",\n \"page_size\": 1000,\n \"groups\": {\n \"date_histogram\": {\n \"field\": \"timestamp\",\n \"fixed_interval\": \"1h\",\n \"delay\": \"7d\"\n },\n \"terms\": {\n \"fields\": [ \"node\" ]\n }\n },\n \"metrics\": [\n {\n \"field\": \"temperature\",\n \"metrics\": [ \"min\", \"max\", \"sum\" ]\n },\n {\n \"field\": \"voltage\",\n \"metrics\": [ \"avg\" ]\n }\n ]\n}"'{
"index_pattern": "sensor-*",
"rollup_index": "sensor_rollup",
"cron": "*/30 * * * * ?",
"page_size": 1000,
"groups": {
"date_histogram": {
"field": "timestamp",
"fixed_interval": "1h",
"delay": "7d"
},
"terms": {
"fields": [ "node" ]
}
},
"metrics": [
{
"field": "temperature",
"metrics": [ "min", "max", "sum" ]
},
{
"field": "voltage",
"metrics": [ "avg" ]
}
]
}{
"acknowledged": true
}