Inaccurate values when calculating SUM or AVG aggregations #29345
Description
Elasticsearch version : 6.1.1-1
Plugins installed: X-pack
JVM version: java-1.8.0-openjdk-1.8.0.151-5.b12.el7_4.x86_64
OS version : RHEL 7.4
Description of the problem including expected versus actual behavior:
When running sum or avg aggregations within terms aggregation getting inaccurate results.
Steps to reproduce:
I run this query:
{
"size": 1000,
"_source": [
"tag.agent_host",
"tag.ifDescr",
"interface.ifHCInOctets"
],
"query": {
"bool": {
"filter": [{
"range": {
"@timestamp": {
"gte": "1522330307503",
"lte": "1522330607503",
"format": "epoch_millis"
}
}
}, {
"query_string": {
"analyze_wildcard": true,
"query": "tag.agent_host:testrouter1.testdomain.net AND tag.ifDescr:GigabitEthernet*0 AND _exists_:interface.ifHCInOctets"
}
}
]
}
},
"aggs": {
"DBF_Device": {
"terms": {
"field": "tag.agent_host",
"size": 10
},
"aggs": {
"DBF_Interface": {
"terms": {
"field": "tag.ifDescr",
"size": 10
},
"aggs": {
"DBF_Metric_SUM": {
"sum": {
"field": "interface.ifHCInOctets"
}
}
}
}
}
}
}
}
and get this response:
{
"took": 154,
"timed_out": false,
"_shards": {
"total": 1155,
"successful": 1155,
"skipped": 1123,
"failed": 0
},
"hits": {
"total": 5,
"max_score": 0,
"hits": [
{
"_index": "test-index-2018.03.29",
"_type": "metrics",
"_id": "QrH1cWIBrVLc4RYS48TM",
"_score": 0,
"_source": {
"tag": {
"agent_host": "testrouter1.testdomain.net",
"ifDescr": "GigabitEthernet0/0/0"
},
"interface": {
**"ifHCInOctets": 402423415108**
}
}
},
{
"_index": "test-index-2018.03.29",
"_type": "metrics",
"_id": "BsP4cWIBrVLc4RYSomgl",
"_score": 0,
"_source": {
"tag": {
"agent_host": "testrouter1.testdomain.net",
"ifDescr": "GigabitEthernet0/0/0"
},
"interface": {
**"ifHCInOctets": 402849967058**
}
}
},
{
"_index": "test-index-2018.03.29",
"_type": "metrics",
"_id": "x7f2cWIBrVLc4RYSzXP8",
"_score": 0,
"_source": {
"tag": {
"agent_host": "testrouter1.testdomain.net",
"ifDescr": "GigabitEthernet0/0/0"
},
"interface": {
**"ifHCInOctets": 402533814871**
}
}
},
{
"_index": "test-index-2018.03.29",
"_type": "metrics",
"_id": "e733cWIBrVLc4RYSt7HE",
"_score": 0,
"_source": {
"tag": {
"agent_host": "testrouter1.testdomain.net",
"ifDescr": "GigabitEthernet0/0/0"
},
"interface": {
**"ifHCInOctets": 402662297513**
}
}
},
{
"_index": "test-index-2018.03.29",
"_type": "metrics",
"_id": "wsn5cWIBrVLc4RYSjcrG",
"_score": 0,
"_source": {
"tag": {
"agent_host": "testrouter1.testdomain.net",
"ifDescr": "GigabitEthernet0/0/0"
},
"interface": {
**"ifHCInOctets": 402989750842**
}
}
}
]
},
"aggregations": {
"DBF_Device": {
"doc_count_error_upper_bound": 0,
"sum_other_doc_count": 0,
"buckets": [
{
"key": "testrouter1.testdomain.net",
"doc_count": 5,
"DBF_Interface": {
"doc_count_error_upper_bound": 0,
"sum_other_doc_count": 0,
"buckets": [
{
"key": "GigabitEthernet0/0/0",
"doc_count": 5,
"DBF_Metric_SUM": {
**"value": 2013459218432**
}
}
]
}
}
]
}
}
}
When calculating output by myself from hits section I get that SUM of ifHCInOctets fields is 2013459245392 but when elastic calculates its SUM aggregation result is 2013459218432 which is lesser by 26960.
I also tried adding various sorting or removing child element- result always remained inaccurate. Same problem appears with avg aggregation.