Since we cannot use scripted fields in the opensearch anomaly detector plugin, I would like to compute small math operation within a Custom expression of my feature.
Now, it feels like it shouldn't be too complicated but I can't find a piece of information on where to start and what my query should look like.
So far, by default, it looks like that :
{
"aggregation_name": {
"sum": {
"field": "field_name"
}
}
}
And I don't know where to begin to make a change on this one. I've read the doc , which simply refers the Query DSL doc, but I don't find any info about math op on fetch data.
The closest doc I found so far is this Pipeline Aggs doc. But I'm quite stuck here.
My question is how do I get a custom field that looks like that :
{
"aggregation_name": {
"sum": {
"field": "field_name1 / (field_name1 + field_name2)"
}
}
}
Thanks.
