Skip to content

Commit 74d219d

Browse files
limotovalimotova
authored
[ES|QL] Add more timeseries CSV tests (#132873)
This PR adds CSV tests for avg-, count-, count-distinct-, first-, last-, and sum-over-time tests, and adds a few more fields to the k8s/-downsampled data sets (4 geospatial types used in the count-over-time tests)
1 parent 9877bab commit 74d219d

14 files changed

+2687
-1209
lines changed

x-pack/plugin/esql/qa/testFixtures/src/main/resources/data/k8s-downsampled.csv

Lines changed: 28 additions & 28 deletions
Large diffs are not rendered by default.

x-pack/plugin/esql/qa/testFixtures/src/main/resources/data/k8s.csv

Lines changed: 201 additions & 201 deletions
Large diffs are not rendered by default.

x-pack/plugin/esql/qa/testFixtures/src/main/resources/k8s-downsampled-mappings.json

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,18 @@
3131
"events_received": {
3232
"type": "long"
3333
},
34+
"event_city": {
35+
"type": "geo_point"
36+
},
37+
"event_city_boundary": {
38+
"type": "geo_shape"
39+
},
40+
"event_shape": {
41+
"type": "shape"
42+
},
43+
"event_location": {
44+
"type": "point"
45+
},
3446
"network": {
3547
"properties": {
3648
"bytes_in": {

x-pack/plugin/esql/qa/testFixtures/src/main/resources/k8s-mappings.json

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,18 @@
2727
"events_received": {
2828
"type": "long"
2929
},
30+
"event_city": {
31+
"type": "geo_point"
32+
},
33+
"event_city_boundary": {
34+
"type": "geo_shape"
35+
},
36+
"event_shape": {
37+
"type": "shape"
38+
},
39+
"event_location": {
40+
"type": "point"
41+
},
3042
"network": {
3143
"properties": {
3244
"bytes_in": {

x-pack/plugin/esql/qa/testFixtures/src/main/resources/k8s-timeseries-avg-over-time.csv-spec

Lines changed: 251 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,251 @@
1+
avg_over_time_of_double_no_grouping
2+
required_capability: metrics_command
3+
required_capability: avg_over_time
4+
TS k8s
5+
| STATS cost=sum(avg_over_time(network.cost)) BY time_bucket = bucket(@timestamp,1minute)
6+
| SORT cost DESC, time_bucket DESC | LIMIT 10;
7+
8+
cost:double | time_bucket:datetime
9+
69.6875 | 2024-05-10T00:09:00.000Z
10+
56.5625 | 2024-05-10T00:08:00.000Z
11+
49.5 | 2024-05-10T00:17:00.000Z
12+
48.3125 | 2024-05-10T00:22:00.000Z
13+
45.8125 | 2024-05-10T00:15:00.000Z
14+
40.4375 | 2024-05-10T00:06:00.000Z
15+
39.54166666666667 | 2024-05-10T00:13:00.000Z
16+
37.9375 | 2024-05-10T00:12:00.000Z
17+
36.6875 | 2024-05-10T00:19:00.000Z
18+
36.375 | 2024-05-10T00:11:00.000Z
19+
;
20+
21+
avg_over_time_of_integer
22+
required_capability: metrics_command
23+
required_capability: avg_over_time
24+
required_capability: k8s_dataset_additional_fields
25+
TS k8s | STATS clients = avg(avg_over_time(network.eth0.currently_connected_clients)) BY time_bucket = bucket(@timestamp,1minute) | SORT time_bucket | LIMIT 10;
26+
27+
clients:double | time_bucket:datetime
28+
640.0 | 2024-05-10T00:00:00.000Z
29+
418.25 | 2024-05-10T00:01:00.000Z
30+
508.9166666666667 | 2024-05-10T00:02:00.000Z
31+
526.5 | 2024-05-10T00:03:00.000Z
32+
425.2222222222222 | 2024-05-10T00:04:00.000Z
33+
705.3333333333333 | 2024-05-10T00:05:00.000Z
34+
617.75 | 2024-05-10T00:06:00.000Z
35+
638.6666666666666 | 2024-05-10T00:07:00.000Z
36+
555.6041666666666 | 2024-05-10T00:08:00.000Z
37+
454.07407407407413 | 2024-05-10T00:09:00.000Z
38+
;
39+
40+
avg_over_time_of_integer_grouping
41+
required_capability: metrics_command
42+
required_capability: avg_over_time
43+
required_capability: k8s_dataset_additional_fields
44+
TS k8s | STATS clients = avg(avg_over_time(network.eth0.currently_connected_clients)) BY cluster, time_bucket = bucket(@timestamp,1minute) | SORT time_bucket, cluster | LIMIT 10;
45+
46+
clients:double | cluster:keyword | time_bucket:datetime
47+
689.0 | prod | 2024-05-10T00:00:00.000Z
48+
615.5 | staging | 2024-05-10T00:00:00.000Z
49+
396.5 | prod | 2024-05-10T00:01:00.000Z
50+
440.0 | qa | 2024-05-10T00:01:00.000Z
51+
646.0 | prod | 2024-05-10T00:02:00.000Z
52+
565.0 | qa | 2024-05-10T00:02:00.000Z
53+
315.75 | staging | 2024-05-10T00:02:00.000Z
54+
742.0 | prod | 2024-05-10T00:03:00.000Z
55+
430.75 | qa | 2024-05-10T00:03:00.000Z
56+
514.5 | staging | 2024-05-10T00:03:00.000Z
57+
;
58+
59+
avg_over_time_of_aggregate_metric_double
60+
required_capability: metrics_command
61+
required_capability: avg_over_time
62+
TS k8s-downsampled | STATS tx = sum(avg_over_time(network.eth0.tx)) BY time_bucket = bucket(@timestamp, 10minute) | SORT time_bucket | LIMIT 10;
63+
tx:double | time_bucket:datetime
64+
4362.2 | 2024-05-09T23:30:00.000Z
65+
5643.666666666666 | 2024-05-09T23:40:00.000Z
66+
4574.5 | 2024-05-09T23:50:00.000Z
67+
;
68+
69+
avg_over_time_of_aggregate_metric_double_grouping
70+
required_capability: metrics_command
71+
required_capability: avg_over_time
72+
TS k8s-downsampled | STATS tx = sum(avg_over_time(network.eth0.tx)) BY cluster, time_bucket = bucket(@timestamp, 10minute) | SORT time_bucket, cluster | LIMIT 10;
73+
74+
tx:double | cluster:keyword | time_bucket:datetime
75+
1065.0 | prod | 2024-05-09T23:30:00.000Z
76+
1817.0 | qa | 2024-05-09T23:30:00.000Z
77+
1480.2 | staging | 2024-05-09T23:30:00.000Z
78+
1623.0 | prod | 2024-05-09T23:40:00.000Z
79+
2637.0 | qa | 2024-05-09T23:40:00.000Z
80+
1383.6666666666667 | staging | 2024-05-09T23:40:00.000Z
81+
1675.0 | prod | 2024-05-09T23:50:00.000Z
82+
1449.5 | qa | 2024-05-09T23:50:00.000Z
83+
1450.0 | staging | 2024-05-09T23:50:00.000Z
84+
;
85+
86+
avg_over_time_with_filtering
87+
required_capability: metrics_command
88+
required_capability: avg_over_time
89+
TS k8s | WHERE pod == "one" | STATS tx = sum(avg_over_time(network.bytes_in)) BY cluster, time_bucket = bucket(@timestamp, 10minute) | SORT time_bucket, cluster | LIMIT 10;
90+
91+
tx:double | cluster:keyword | time_bucket:datetime
92+
293.0 | prod | 2024-05-10T00:00:00.000Z
93+
482.6666666666667 | qa | 2024-05-10T00:00:00.000Z
94+
494.1666666666667 | staging | 2024-05-10T00:00:00.000Z
95+
601.5454545454545 | prod | 2024-05-10T00:10:00.000Z
96+
496.14285714285717 | qa | 2024-05-10T00:10:00.000Z
97+
441.6 | staging | 2024-05-10T00:10:00.000Z
98+
633.3333333333334 | prod | 2024-05-10T00:20:00.000Z
99+
440.0 | qa | 2024-05-10T00:20:00.000Z
100+
493.5 | staging | 2024-05-10T00:20:00.000Z
101+
;
102+
103+
avg_over_time_older_than_10d
104+
required_capability: metrics_command
105+
required_capability: avg_over_time
106+
TS k8s-downsampled | WHERE cluster == "qa" AND @timestamp < now() - 10 day | STATS cost = avg(avg_over_time(network.eth0.rx)) BY pod, time_bucket = bucket(@timestamp, 10minute) | SORT time_bucket, pod | LIMIT 5;
107+
108+
cost:double | pod:keyword | time_bucket:datetime
109+
420.0 | one | 2024-05-09T23:30:00.000Z
110+
1.0 | three | 2024-05-09T23:30:00.000Z
111+
425.0 | two | 2024-05-09T23:30:00.000Z
112+
885.0 | one | 2024-05-09T23:40:00.000Z
113+
744.7 | three | 2024-05-09T23:40:00.000Z
114+
;
115+
116+
eval_on_avg_over_time
117+
required_capability: metrics_command
118+
required_capability: avg_over_time
119+
TS k8s | STATS max_bytes = avg(avg_over_time(network.bytes_in)) BY cluster, time_bucket = bucket(@timestamp, 10minute) | EVAL kb_minus_offset = (max_bytes - 100) / 1000.0 | LIMIT 10 | SORT time_bucket, cluster ;
120+
121+
max_bytes:double | cluster:keyword | time_bucket:datetime | kb_minus_offset:double
122+
402.05 | prod | 2024-05-10T00:00:00.000Z | 0.30205
123+
499.9386724386725 | qa | 2024-05-10T00:00:00.000Z | 0.3999386724386725
124+
497.18888888888887 | staging | 2024-05-10T00:00:00.000Z | 0.39718888888888887
125+
552.5218855218856 | prod | 2024-05-10T00:10:00.000Z | 0.45252188552188555
126+
495.03679653679654 | qa | 2024-05-10T00:10:00.000Z | 0.3950367965367965
127+
445.2519480519481 | staging | 2024-05-10T00:10:00.000Z | 0.3452519480519481
128+
718.6666666666666 | prod | 2024-05-10T00:20:00.000Z | 0.6186666666666666
129+
778.8333333333334 | qa | 2024-05-10T00:20:00.000Z | 0.6788333333333334
130+
400.4555555555555 | staging | 2024-05-10T00:20:00.000Z | 0.30045555555555553
131+
;
132+
133+
avg_over_time_multi_values
134+
required_capability: metrics_command
135+
required_capability: avg_over_time
136+
required_capability: k8s_dataset_additional_fields
137+
TS k8s | WHERE @timestamp < "2024-05-10T00:10:00.000Z" | STATS events = sum(avg_over_time(events_received)) by pod, time_bucket = bucket(@timestamp, 1minute) | SORT events desc, time_bucket | LIMIT 10;
138+
139+
events:double | pod:keyword | time_bucket:datetime
140+
19.00952380952381 | one | 2024-05-10T00:09:00.000Z
141+
18.0 | one | 2024-05-10T00:01:00.000Z
142+
16.875 | one | 2024-05-10T00:08:00.000Z
143+
15.5 | two | 2024-05-10T00:02:00.000Z
144+
14.85 | two | 2024-05-10T00:09:00.000Z
145+
14.733333333333334 | three | 2024-05-10T00:06:00.000Z
146+
14.535714285714285 | two | 2024-05-10T00:08:00.000Z
147+
14.2 | three | 2024-05-10T00:09:00.000Z
148+
13.0 | three | 2024-05-10T00:00:00.000Z
149+
10.25 | three | 2024-05-10T00:08:00.000Z
150+
;
151+
152+
avg_over_time_null_values
153+
required_capability: metrics_command
154+
required_capability: avg_over_time
155+
required_capability: k8s_dataset_additional_fields
156+
TS k8s | WHERE @timestamp > "2024-05-10T00:10:00.000Z" and @timestamp < "2024-05-10T00:15:00.000Z" | STATS events = sum(avg_over_time(events_received)) by pod, time_bucket = bucket(@timestamp, 1minute) | SORT events desc, time_bucket | LIMIT 10;
157+
158+
events:double | pod:keyword | time_bucket:datetime
159+
null | one | 2024-05-10T00:12:00.000Z
160+
null | two | 2024-05-10T00:13:00.000Z
161+
20.0 | two | 2024-05-10T00:14:00.000Z
162+
17.0 | two | 2024-05-10T00:12:00.000Z
163+
16.5 | one | 2024-05-10T00:13:00.000Z
164+
16.0 | one | 2024-05-10T00:14:00.000Z
165+
11.0 | one | 2024-05-10T00:10:00.000Z
166+
9.0 | one | 2024-05-10T00:11:00.000Z
167+
7.0 | two | 2024-05-10T00:10:00.000Z
168+
7.0 | three | 2024-05-10T00:12:00.000Z
169+
;
170+
171+
avg_over_time_all_value_types
172+
required_capability: metrics_command
173+
required_capability: avg_over_time
174+
required_capability: k8s_dataset_additional_fields
175+
TS k8s | STATS events = sum(avg_over_time(events_received)) by pod, time_bucket = bucket(@timestamp, 10minute) | SORT events desc, pod, time_bucket | LIMIT 10 ;
176+
177+
events:double | pod:keyword | time_bucket:datetime
178+
19.01010101010101 | one | 2024-05-10T00:10:00.000Z
179+
17.7 | three | 2024-05-10T00:20:00.000Z
180+
17.0 | one | 2024-05-10T00:20:00.000Z
181+
16.944444444444443 | two | 2024-05-10T00:10:00.000Z
182+
15.746543778801843 | one | 2024-05-10T00:00:00.000Z
183+
15.396284829721363 | three | 2024-05-10T00:00:00.000Z
184+
15.045454545454547 | three | 2024-05-10T00:10:00.000Z
185+
14.199942045783832 | two | 2024-05-10T00:00:00.000Z
186+
11.5 | two | 2024-05-10T00:20:00.000Z
187+
;
188+
189+
avg_over_time_aggregate_metric_double_implicit_casting
190+
required_capability: metrics_command
191+
required_capability: avg_over_time
192+
required_capability: k8s_dataset_additional_fields
193+
required_capability: aggregate_metric_double_implicit_casting_in_aggs
194+
TS k8s* | STATS bytes = sum(avg_over_time(network.eth0.rx)) by time_bucket = bucket(@timestamp, 10minute) | SORT bytes desc, time_bucket | LIMIT 10 ;
195+
196+
bytes:double | time_bucket:datetime
197+
8785.733333333334 | 2024-05-10T00:20:00.000Z
198+
6398.744877344877 | 2024-05-10T00:10:00.000Z
199+
5693.833333333333 | 2024-05-09T23:50:00.000Z
200+
4827.833333333333 | 2024-05-09T23:30:00.000Z
201+
4306.366666666667 | 2024-05-09T23:40:00.000Z
202+
2382.5180014430016 | 2024-05-10T00:00:00.000Z
203+
;
204+
205+
avg_over_time_aggregate_metric_double_implicit_casting_grouping
206+
required_capability: metrics_command
207+
required_capability: avg_over_time
208+
required_capability: k8s_dataset_additional_fields
209+
required_capability: aggregate_metric_double_implicit_casting_in_aggs
210+
TS k8s* | STATS bytes = sum(avg_over_time(network.eth0.rx)) by pod, time_bucket = bucket(@timestamp, 10minute) | SORT bytes desc, pod, time_bucket | LIMIT 10 ;
211+
212+
bytes:double | pod:keyword | time_bucket:datetime
213+
3095.5 | one | 2024-05-10T00:20:00.000Z
214+
2924.9 | three | 2024-05-10T00:20:00.000Z
215+
2765.333333333333 | two | 2024-05-10T00:20:00.000Z
216+
2284.581818181818 | one | 2024-05-10T00:10:00.000Z
217+
2229.0 | three | 2024-05-09T23:50:00.000Z
218+
2222.0 | one | 2024-05-09T23:30:00.000Z
219+
2063.253968253968 | two | 2024-05-10T00:10:00.000Z
220+
2050.909090909091 | three | 2024-05-10T00:10:00.000Z
221+
1806.3333333333333 | two | 2024-05-09T23:50:00.000Z
222+
1760.8666666666668 | three | 2024-05-09T23:40:00.000Z
223+
;
224+
225+
avg_over_time_nested_expression
226+
required_capability: metrics_command
227+
required_capability: avg_over_time
228+
required_capability: k8s_dataset_additional_fields
229+
TS k8s | STATS sum = sum(avg_over_time(network.eth0.rx % 2)) by pod, time_bucket = bucket(@timestamp, 1minute) | SORT sum desc, pod, time_bucket | LIMIT 5;
230+
231+
sum:double | pod:keyword | time_bucket:datetime
232+
3.0 | three | 2024-05-10T00:17:00.000Z
233+
2.333333333333333 | one | 2024-05-10T00:18:00.000Z
234+
2.0 | three | 2024-05-10T00:02:00.000Z
235+
2.0 | three | 2024-05-10T00:09:00.000Z
236+
2.0 | three | 2024-05-10T00:12:00.000Z
237+
;
238+
239+
avg_over_time_nested_expression_in_grouping_with_alias
240+
required_capability: metrics_command
241+
required_capability: avg_over_time
242+
required_capability: k8s_dataset_additional_fields
243+
TS k8s | STATS min = min(avg_over_time(network.bytes_in)) by rx = (network.eth0.rx + 2000), time_bucket = bucket(@timestamp, 1minute) | SORT rx desc, time_bucket | LIMIT 5;
244+
245+
min:double | rx:long | time_bucket:datetime
246+
557.0 | 3398 | 2024-05-10T00:21:00.000Z
247+
206.0 | 3398 | 2024-05-10T00:22:00.000Z
248+
557.0 | 3300 | 2024-05-10T00:21:00.000Z
249+
312.0 | 3262 | 2024-05-10T00:18:00.000Z
250+
312.0 | 3206 | 2024-05-10T00:18:00.000Z
251+
;

0 commit comments

Comments
 (0)