ElasticSearch
文章平均质量分 79
As Search Engine for research work
PerpetualLearner
这个作者很懒,什么都没留下…
展开
-
ElasticSearch案例:Monitor a Java application 解析
Overview对于新手而言,ElasticSearch是一个庞大的系统,知识体系庞杂,无从下手。了解了基础的document,index,sharp,DSL … 之类的基础知识之后,官方文档中给出的关于Observability Tutorials中的monitor a java application这个案例,是最佳入手途径,一步步带着用户安装、启动、解析log…把其中涉及到的概念一个个搞懂,想必就可以学会使用ElasticSearch了。Java基础elasticsearch基于Lu..原创 2021-01-23 09:30:56 · 250 阅读 · 1 评论 -
再次理解ElasticSearch
OverviewA module in Filebeat is a way to parse a specific log file format for a particular software.PipelineA pipeline is a definition of a series of processors that are to be executed in the same order as they are declared.A pipeline consists of t..原创 2021-01-22 20:46:12 · 202 阅读 · 0 评论 -
理解suricata.eve.timestamp
OverviewFrom Elasticsearch, suricata.eve.timestamp is one field name.SuricataSuricata is an open source-based intrusion detection system (IDS) and intrusion prevention system (IPS).It was developed by the Open Security Foundation (OSF).Suricata is..原创 2021-01-22 20:45:07 · 356 阅读 · 0 评论 -
再识ElasticSearch API
REST APIsElasticSearch exposes REST APIs that used by the UI components and can be called directly to configure and access Elasticsearch features.Search APIGET /<target>/_searchGET /_searchPOST /<target1, target2, ...>/_searchPOST /_s..原创 2021-01-22 20:38:03 · 190 阅读 · 0 评论 -
理解ECS(Elastic Common Schema)
Elastic Common SchemaThe Elastic Common Schema (ECS) is an open source specification, developed with support from the Elastic user community.ECS defines a common set of fields to be used when storing event data in Elasticsearch, such as logs and metric..原创 2021-01-01 21:44:28 · 949 阅读 · 1 评论 -
深入理解Elasticsearch-Filebeat: config and mechanism
How Filebeat WorksFilebeat consists of two main components: input and harvesters.HarvesterA harvester is responsible for reading the content of a single file.The harvester reads each file, line by line, and sends the content to the output.One harv..原创 2020-12-25 21:47:36 · 293 阅读 · 0 评论 -
(20201222已解决)config file (“filebeat.yml“) must be owned by the user identifier (uid=0) or root
问题描述在Filebeat 容器内运行:./filebeat modules list出现错误:Error initializing beat: error loading config file: config file (“filebeat.yml”) must be owned by the user identifier (uid=0) or root解决方案ll查看filebeat.yml权限为配置文件中的登录用户。From Config File Ownership ..原创 2020-12-25 21:42:39 · 5872 阅读 · 1 评论 -
Elasticsearch学习资料汇总
OverviewElasticsearch是一个独立的系统,内容庞大,自成一家。官方文档写得不错,如果英文够好,会学的很快;如果英文不够,可以先看一下官方公开课的视频。文本Elasticsearch DocsElastic中国社区官方博客视频Bilibili : Elastic搜索官方公开课 :这个网络上提到的比较少,但是质量很高。快速上手《Elastic产品更新及技术展望》了解Elastic框架,有助于在阅读文档之前预先构建认知框架。《使用 Elastic Stack..原创 2020-12-25 21:41:35 · 273 阅读 · 0 评论 -
深入理解Elasticsearch专题:Text Analysis
OverviewAll the words come from Elasticsearch Reference 7.0, for study.Text Analysis is the process of converting unstructed text, like the body of an email or a product description, into a structured format that’s opetimized for search.Tokenization..原创 2020-12-25 21:34:24 · 177 阅读 · 0 评论 -
深入理解ElasticSearch关键词(二)
real-time pipelining capabilitiesCodecsCodecs are basically stream filters that can operate as part of the input or output.Codes enable you to easily separate the transport of your messages from the serialization process.Popular codecs include json..原创 2020-12-25 21:31:07 · 310 阅读 · 0 评论 -
深入理解ElasticSearch关键词
RelevanceFull-text queries find all documents that match the query string and return them sorted by relevance - how good a match they are for your search terms.By default, Elasticsearch sorts matching search results by relevance score, which measures h..原创 2020-12-21 09:35:34 · 349 阅读 · 1 评论 -
理解LDAP||Active Directory||PKI||RBAC||SAML||Kerberos
LDAPThe Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network.Directory services..原创 2020-12-21 09:35:45 · 498 阅读 · 1 评论 -
理解inverted index||full-text search||Search Engines
OverviewFrom Elasticsearch, It uses a data structuree called an inverted index that supports very fast full-text searches. An inverted index lists every unique word that appears in any document and identifies all of the documents each word occurs in...原创 2020-12-19 19:51:27 · 423 阅读 · 2 评论 -
理解Search Engine vs Traditional Database
OverviewThe exact words are : Full Text Search Engines vs. DBMSDatabase vs. Search EngineA database is a collection of information that is organized and stored to be accessed for later use.Focus on a particular source.A search engine uses computer..原创 2020-12-19 19:50:13 · 1161 阅读 · 2 评论 -
初次使用ElasticSearch:基础命令
安装$ docker pull docker.elastic.co/elasticsearch/elasticsearch:7.10.0 # 获取镜像$ docker run -d -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" docker.elastic.co/elasticsearch/elasticsearch:7.10.0 # 启动单节点容器$ curl "127.0.0.1:9200" # 确认容器启动正常常用..原创 2020-12-19 19:45:36 · 150 阅读 · 1 评论 -
(20201218已解决)Kibana server is not ready yet||如何登录Kibana
问题描述Elasticsearch 设置密码保护之后就出现如题错误,Kibana server is not ready yet.网上有些解决方案说修改Kibana.yml里的elasticsearch.hosts: [ "http://elasticsearch:9200" ],此方案只对于ElasticSearch尚未设置密码保护的情况会起作用。本例中无效。解决方案From Configure Kibana doc, If your Elasticsearch is protected ..原创 2020-12-19 19:43:09 · 1045 阅读 · 1 评论 -
(20201214已解决)elasticsearch下载curl: (7) Failed to connect to raw.githubusercontent.com port 443: Conn
问题描述curl请求某个文件出错:curl -L -O https://raw.githubusercontent.com/elastic/beats/7.10/deploy/docker/filebeat.docker.ymlcurl: (7) Failed to connect to raw.githubusercontent.com port 443: Connection refused解决方案网上提到的关于这个问题大多是因为安装homebrew时出现的.本例中,直接在浏览..原创 2020-12-19 19:41:49 · 215 阅读 · 1 评论 -
理解Elasticsearch||从docs入手
Overview《理解Elasticsearch及初步认知框架》elastic docsTerminology《Getting Started With Elasticsearch》《Elasticsearch Tutorial for Beginners | Learn the Elastic Stack Architecture | Frank Kane》InstallationThe full stack consists of : Beats, APM Server, El..原创 2020-12-12 11:47:45 · 566 阅读 · 0 评论 -
理解Elasticsearch及初步认知框架
OverviewElastic Stack核心产品介绍-Elasticsearch、Logstash和KibanaKibana(一张图片胜过千万行日志)ElasticSearch实战-日志监控平台GitBookElasticsearch的几个标签:大数据搜索平台。竞品有Splunk、Solr、Lucene等。数据库NotionsSearch engineA search engine is an information retrieval system de..原创 2020-12-12 11:46:07 · 229 阅读 · 0 评论 -
理解Apache Lucene
Apache LuceneApache Lucene is a free and open-source search engine software library, originally written completely in Java by Doug CUtting.HomepageLucene Core is a Java library providing powerful indexing and search features, as well as spellcheckin..原创 2020-12-11 20:42:40 · 146 阅读 · 1 评论