Query Information
PPL Command/Query:
source=bounty-types | eventstats row_number() by str_field
source=bounty-types | streamstats rank() by int_field
source=bounty-types | eventstats dense_rank() by str_field
Expected Result:
Supported window functions should execute in eventstats/streamstats.
Actual Result:
Each query fails with HTTP 500 and Unexpected window function for row_number, rank, and dense_rank.
Dataset Information
Dataset/Schema Type
Index Mapping
{
"mappings": {
"properties": {
"int_field": { "type": "integer" },
"str_field": { "type": "keyword" }
}
}
}Sample Data
[
{ "int_field": 42, "str_field": "alpha" },
{ "int_field": -1, "str_field": "alpha" },
{ "int_field": 0, "str_field": "beta" }
]Bug Description
Issue Summary:
eventstats/streamstats rejects common window functions even though grammar accepts them.
Steps to Reproduce:
- Create index with
int_field and str_field.
- Insert sample rows.
- Run each query above.
- Observe HTTP 500
Unexpected window function errors.
Impact:
Window-based analytics pipelines cannot run using these standard functions.
Query Information
PPL Command/Query:
Expected Result:
Supported window functions should execute in
eventstats/streamstats.Actual Result:
Each query fails with HTTP 500 and
Unexpected window functionforrow_number,rank, anddense_rank.Dataset Information
Dataset/Schema Type
Index Mapping
{ "mappings": { "properties": { "int_field": { "type": "integer" }, "str_field": { "type": "keyword" } } } }Sample Data
[ { "int_field": 42, "str_field": "alpha" }, { "int_field": -1, "str_field": "alpha" }, { "int_field": 0, "str_field": "beta" } ]Bug Description
Issue Summary:
eventstats/streamstatsrejects common window functions even though grammar accepts them.Steps to Reproduce:
int_fieldandstr_field.Unexpected window functionerrors.Impact:
Window-based analytics pipelines cannot run using these standard functions.