ES|QL SUM_OVER_TIME function
field- the metric field to calculate the value for
window-
the time window over which to compute the sum over time
Calculates the sum over time value of a field.
| field | window | result |
|---|---|---|
| aggregate_metric_double | time_duration
|
double |
| double | time_duration
|
double |
| exponential_histogram
|
time_duration
|
double |
| integer | time_duration
|
long |
| long | time_duration
|
long |
| tdigest
|
time_duration
|
double |
TS k8s
| STATS sum_cost=SUM(SUM_OVER_TIME(network.cost)) BY cluster, time_bucket = TBUCKET(1minute)
| sum_cost:double | cluster:keyword | time_bucket:datetime |
|---|---|---|
| 67.625 | qa | 2024-05-10T00:17:00.000Z |
| 65.75 | staging | 2024-05-10T00:09:00.000Z |