IMPORTANT: No additional bug fixes or documentation updates
will be released for this version. For the latest information, see the
current release documentation.
Create rollup jobs APIedit
Creates a rollup job.
This functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.
Requestedit
PUT _rollup/job/<job_id>
Prerequisitesedit
-
If the Elasticsearch security features are enabled, you must have
manage
ormanage_rollup
cluster privileges to use this API. For more information, see Security privileges.
Descriptionedit
Jobs are created in a STOPPED
state. You can start them with the
start rollup jobs API.
Path parametersedit
-
job_id
- (Required, string) Identifier for the rollup job.
Request bodyedit
-
cron
- (Required, string) A cron string which defines when the rollup job should be executed.
-
groups
- (Required, object) Defines the grouping fields that are defined for this rollup job. See rollup job config.
-
index_pattern
-
(Required, string) The index or index pattern to roll up. Supports
wildcard-style patterns (
logstash-*
). -
metrics
- (Optional, object) Defines the metrics to collect for each grouping tuple. See rollup job config.
-
page_size
- (Required, integer) The number of bucket results that are processed on each iteration of the rollup indexer. A larger value tends to execute faster, but requires more memory during processing.
-
rollup_index
- (Required, string) The index that contains the rollup results. The index can be shared with other rollup jobs.
For more details about the job configuration, see Rollup job configuration.
Exampleedit
The following example creates a rollup job named "sensor", targeting the "sensor-*" index pattern:
PUT _rollup/job/sensor { "index_pattern": "sensor-*", "rollup_index": "sensor_rollup", "cron": "*/30 * * * * ?", "page_size" :1000, "groups" : { "date_histogram": { "field": "timestamp", "fixed_interval": "1h", "delay": "7d" }, "terms": { "fields": ["node"] } }, "metrics": [ { "field": "temperature", "metrics": ["min", "max", "sum"] }, { "field": "voltage", "metrics": ["avg"] } ] }
When the job is created, you receive the following results:
{ "acknowledged": true }