ELK由Elasticsearch、Logstash和Kibana三部分组件组成;
Elasticsearch是个开源分布式搜索引擎,它的特点有:分布式,零配置,自动发现,索引自动分片,索引副本机制,restful风格接口,多数据源,自动搜索负载等。
Logstash是一个完全开源的工具,它可以对你的日志进行收集、分析,并将其存储供以后使用
kibana 是一个开源和免费的工具,它可以为 Logstash 和 ElasticSearch 提供的日志分析友好的 Web 界面,可以帮助您汇总、分析和搜索重要数据日志。
Elasticsearch demo
pom.xml
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.mkfree</groupId>
<artifactId>elasticsearchTest</artifactId>
<version>0.0.1-SNAPSHOT</version>
<dependencies>
<dependency>
<groupId>org.elasticsearch</groupId>
<artifactId>elasticsearch</artifactId>
<version>2.1.1</version>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.10</version>
</dependency>
</dependencies>
</project>ESClient:
package com.c4c.test;
import java.io.IOException;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.Map;
import java.util.Set;
import org.elasticsearch.action.delete.DeleteResponse;
import org.elasticsearch.action.get.GetResponse;
import org.elasticsearch.action.search.SearchRequestBuilder;
import org.elasticsearch.action.search.SearchResponse;
import org.elasticsearch.action.search.SearchType;
import org.elasticsearch.client.Client;
import org.elasticsearch.client.transport.TransportClient;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.transport.InetSocketTransportAddress;
import org.elasticsearch.common.xcontent.XContentBuilder;
import org.elasticsearch.common.xcontent.XContentFactory;
import org.elasticsearch.index.query.QueryBuilders;
import org.elasticsearch.search.SearchHit;
import org.elasticsearch.search.SearchHits;
import org.junit.After;
import org.junit.Before;
public class ESClient {
private Client client;
/**
* 初始化客户端连接
*/
@Before
public void initESClient() {
// 配置你的es,现在这里只配置了集群的名,默认是elasticsearch,跟服务器的相同
Settings settings = Settings.settingsBuilder().put("cluster.name","elasticsearch").build();
// 这里可以同时连接集群的服务器,可以多个,并且连接服务是可访问的
try {
client = TransportClient.builder().settings(settings).build()
.addTransportAddress(new InetSocketTransportAddress(InetAddress.getByName("localhost"),9300));
// .addTransportAddress(new InetSocketTransportAddress(InetAddress.getByName("172.26.40.75"),9300));
} catch (UnknownHostException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
System.out.println("连接成功!");
}
@After
public void closeESClient() {
client.close();
System.out.println("连接关闭!");
}
public static void main(String args[]){
System.out.println("ES集群连接测试");
ESClient esc = new ESClient();
esc.initESClient();
// esc.createIndex();
// esc.search();
// esc.getIndex();
// esc.get();
esc.delete();
// esc.closeESClient();
}
/**
* 创建索引
*/
private void createIndex() {
// TODO Auto-generated method stub
for(int i=0; i<10; i++){
//id+title是存储内容
//id
String id = "id"+i;
//title
String title = "this is title" + i;
//prepareIndex("index-索引", "type-类型")
client.prepareIndex("blog", "post").setSource(getBuilderJson(id, title)).execute().actionGet();
}
System.out.println("索引创建成功!");
}
/**
* 存储内容的
* @param id
* @param title
* @return
*/
private String getBuilderJson(String id,String title){
String json = "";
try {
XContentBuilder contentBuilder = XContentFactory.jsonBuilder().startObject();
contentBuilder.field("id",id);
contentBuilder.field("title",title);
json = contentBuilder.endObject().string();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return json;
}
/**
* 查询某个索引中的内容 根据索引id查询
*/
public void getIndex() {
GetResponse res = client.prepareGet().setIndex("blog")
.setType("post").setId("AWByseCM4HvbVyPQPuxC").execute().actionGet();
System.out.println(res.getSource());
}
/**
* 搜索索引
*/
public void search(){
//创建查询索引
SearchRequestBuilder searchRequestBuilder = client.prepareSearch("test_27");
//设置查询索引类型
searchRequestBuilder.setTypes("logs");
//设置查询类型
//1.SearchType.DFS_QUERY_THEN_FETCH = 精确查询
// 2.SearchType.SCAN = 扫描查询,无序
// 3.SearchType.COUNT = 不设置的话,这个为默认值,还有的自己去试试吧
searchRequestBuilder.setSearchType(SearchType.DFS_QUERY_THEN_FETCH);
//设置查询关键字
// fieldQuery 这个必须是你的索引字段哦,不然查不到数据,这里我只设置两个字段 id ,title
searchRequestBuilder.setQuery(QueryBuilders.termQuery("message", "test"));
// 设置查询数据的位置,分页用吧
searchRequestBuilder.setFrom(0);
// 设置查询结果集的最大条数
searchRequestBuilder.setSize(60);
// 设置是否按查询匹配度排序
searchRequestBuilder.setExplain(true);
// 最后就是返回搜索响应信息
SearchResponse response = searchRequestBuilder.execute().actionGet();
// System.out.println(response);
//获取搜索文档的结果
SearchHits searchHits = response.getHits();
SearchHit[] hits = searchHits.getHits();
System.out.println("命中记录条数"+hits.length);
for (int i = 0; i < hits.length; i++) {
SearchHit hit = hits[i];
Map result = hit.getSource();
System.out.println(result);
}
System.out.println("查询索引完毕!");
}
/**
* 获取索引
*/
public void get(){
GetResponse response = client.prepareGet("blog", "post", "AVJjRJVqW-UsQoTouwCF")
.execute().actionGet();
//下面是不在多线程操作,他默认为.setOperationThreaded(true)
//GetResponse response = client.prepareGet("blog", "post", "AVJjRJVqW-UsQoTouwCF")
// .setOperationThreaded(false).execute().actionGet();
//Map headers = (Map) response.getHeaders();
Set<String> headers = response.getHeaders();
System.out.println(headers);//获取请求头
boolean exists = response.isExists();
System.out.println(exists);//判断索引是否存在
String sourceString = response.getSourceAsString();
System.out.println(sourceString);//获取索引,并打印出索引内容
String id = response.getId();
System.out.println(id);//获取索引id
boolean sourceEmpty = response.isSourceEmpty();
System.out.println(sourceEmpty);//获取索引的内容是否为空
}
/**
* 删除索引
*/
public void delete(){
DeleteResponse response = client.prepareDelete("blog", "post", "AVJjRJVqW-UsQoTouwCF")
.execute().actionGet();
//下面是不在多线程操作,他默认为.setOperationThreaded(true)
//GetResponse response = client.prepareDelete("blog", "post", "AVJjRJVqW-UsQoTouwCF")
// .setOperationThreaded(false).execute().actionGet();
boolean isFound = response.isFound();
System.out.println(isFound);//返回索引是否存在,存在删除
}
}
扫一扫
315
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
