Skip to content

Fix timechart OTHER category aggregation for non-cumulative functions #4594

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Fix timechart OTHER category aggregation for non-cumulative functions #4594

wants to merge 2 commits into from

Conversation

yuancu
Copy link
Collaborator

@yuancu yuancu commented Oct 17, 2025
edited
Loading

Description

The timechart command with limit parameter was incorrectly handling non-cumulative aggregations (max, min, earliest, latest, etc) in the "OTHER" category. Instead of applying the proper aggregation function, it was incorrectly summing all values from categories that exceeded the limit.

Example:
source=index | timechart limit=1 span=1d max(severityNumber) by severityText

  • Expected: OTHER category shows max(severityNumber) = 23 (the actual maximum value)
  • Actual: OTHER category shows max(severityNumber) = 276 (sum of all values)

Root Cause

The timechart implementation made an incorrect assumption that all aggregations are cumulative (like sum/count). For non-cumulative functions like max, min, earliest, and latest, the "OTHER" category should apply the same aggregation function rather than summing the values.

Solution

  1. Enhanced aggregation handling: Added buildAggCall() method that properly maps aggregation functions:
  • MIN, EARLIEST → relBuilder.min()
  • MAX, LATEST → relBuilder.max()
  • AVG → relBuilder.avg()
  • Others (sum, count, etc.) → relBuilder.sum() (existing behavior)
  1. Updated top category selection: Modified sorting logic to handle min aggregations correctly (ascending sort for min, descending for others)
  2. Fixed OTHER category calculation: Replaced hardcoded sum aggregations with dynamic function selection based on the original aggregation type

Limitation:

  • It still does not handle all aggregation functions. E.g. TAKE, STDDEV_SAMP, although the use case of them in timechart is rare.
  • For avg, the result for other is not accurate enough. This is because it is aggregating on an aggregated results, but the count of the original rows in each category in not kept.

Related Issues

Resolves #4582

Check List

  • New functionality includes testing.
  • New functionality has been documented.
  • New functionality has javadoc added.
  • New functionality has a user manual doc added.
  • New PPL command checklist all confirmed.
  • API changes companion pull request created.
  • Commits are signed per the DCO using --signoff or -s.
  • Public documentation issue/PR created.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@yuancu yuancu added the bug Something isn't working label Oct 17, 2025
@yuancu
Handle common agg functions for OTHER category for timechart
4d3875d 
Signed-off-by: Yuanchun Shen <yuanchu@amazon.com>
@yuancu
Fix timechart IT
6a4fa9d 
Signed-off-by: Yuanchun Shen <yuanchu@amazon.com>
@yuancu yuancu marked this pull request as ready for review October 17, 2025 09:40
@yuancu yuancu mentioned this pull request Oct 17, 2025
Draft
13 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ps48 ps48 Awaiting requested review from ps48 ps48 is a code owner

@kavithacm kavithacm Awaiting requested review from kavithacm kavithacm is a code owner

@derek-ho derek-ho Awaiting requested review from derek-ho derek-ho is a code owner

@joshuali925 joshuali925 Awaiting requested review from joshuali925 joshuali925 is a code owner

@dai-chen dai-chen Awaiting requested review from dai-chen dai-chen is a code owner

@YANG-DB YANG-DB Awaiting requested review from YANG-DB YANG-DB is a code owner

@mengweieric mengweieric Awaiting requested review from mengweieric mengweieric is a code owner

@vamsimanohar vamsimanohar Awaiting requested review from vamsimanohar vamsimanohar is a code owner

@Swiddis Swiddis Awaiting requested review from Swiddis Swiddis is a code owner

@penghuo penghuo Awaiting requested review from penghuo penghuo is a code owner

@seankao-az seankao-az Awaiting requested review from seankao-az seankao-az is a code owner

@MaxKsyunz MaxKsyunz Awaiting requested review from MaxKsyunz MaxKsyunz is a code owner

@Yury-Fridlyand Yury-Fridlyand Awaiting requested review from Yury-Fridlyand Yury-Fridlyand is a code owner

@anirudha anirudha Awaiting requested review from anirudha anirudha is a code owner

@forestmvey forestmvey Awaiting requested review from forestmvey forestmvey is a code owner

@acarbonetto acarbonetto Awaiting requested review from acarbonetto acarbonetto is a code owner

@GumpacG GumpacG Awaiting requested review from GumpacG GumpacG is a code owner

@ykmr1224 ykmr1224 Awaiting requested review from ykmr1224 ykmr1224 is a code owner

@LantaoJin LantaoJin Awaiting requested review from LantaoJin LantaoJin is a code owner

@noCharger noCharger Awaiting requested review from noCharger noCharger is a code owner

@qianheng-aws qianheng-aws Awaiting requested review from qianheng-aws qianheng-aws is a code owner

@RyanL1997 RyanL1997 Awaiting requested review from RyanL1997 RyanL1997 is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[BUG] timechart command returns incorrect results for non-cumulative aggregations

1 participant

@yuancu