Elasticsearch API操作01

最新推荐文章于 2023-07-19 15:01:04 发布
最新推荐文章于 2023-07-19 15:01:04 发布
阅读量2.8k 收藏 1
点赞数
分类专栏: Elasticsearch 文章标签: elasticsearch
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/jiao_fuyou/article/details/50547535
版权

基本操作

集群健康度检查
GET http://172.16.18.114:9200/_cluster/health
判断索引是否存在
HEAD http://172.16.18.114:9200/logstash-2016.01.07
创建索引
PUT http://172.16.18.116:9200/test
{
    "settings" : {
        "index" : {
            "number_of_shards" : 3,
            "number_of_replicas" : 2
        }
    }
}
查看索引映射信息
GET http://172.16.18.116:9200/cdr-2015-08-30/_mappings
修改索引映射
PUT http://172.16.18.116:9200/logstash-2015.11.17/heartbeat/_mappings
{
        "_ttl": {
            "enabled": true,
            "default": "3d"
        },
        "properties": {
            "message": {
                "index": "no",
                "type": "string"
            },
            "@timestamp": {
                "format": "dateOptionalTime",
                "type": "date"
            },
            "host": {
                "index": "no",
                "type": "string"
            }
        },
        "_all": {
            "enabled": false
        }
}
查看索引属性
GET http://172.16.18.114:9200/logstash-2015.12.30/_settings
设置索引属性
PUT http://172.16.18.116:9200/.marvel-kibana/_settings
{
        "index" : {
            "number_of_replicas" : 0
        }
}
查看索引信息
GET http://172.16.18.116:9200/cdr-2015-08-30/_stats
关闭索引(使用时再_open)
POST http://172.16.18.114:9200/logstash-2015.11*/_close
列出所有节点简要状态信息
GET http://172.16.18.116:9200/_nodes/stats/indices/search
查看节点配置情况
GET http://172.16.18.116:9200/_nodes/elasticsearch_114/settings
列出节点存储信息
GET http://172.16.18.114:9200/_stats/store
查看节点插件
GET http://172.16.18.114:9200/_nodes/elasticsearch_114/plugins?pretty=true
列出节点详细信息
GET http://172.16.18.116:9200/_stats
查询特定字段
POST http://172.16.18.116:9200/my_index/_search?fields=_all,_source,full_name
{
      "query": {
        "match": {
          "_all": "John Smith"
        }
      },
      "highlight": {
        "fields": {
          "_all": {},
          "full_name": {}
        }
      }
}
查询索引下数据
GET http://172.16.18.116:9200/kibana-int/_search
查看某一索引/类型下文档总数
GET http://172.16.18.116:9200/cdr-2015-10-21/u2_gcdr/_count
单词搜索
POST http://172.16.18.116:9200/jfyindex/_search
{
      "query" : {
        "match" : {
          "_all": "rock climbing"
        }
      }
}
简单搜索
GET http://172.16.18.116:9200/jfy*/_search
短语搜索
GET http://172.16.18.116:9200/jfyindex/_search?q="rock climbing"
短语搜索
POST http://172.16.18.116:9200/jfyindex/_search?q="rock climbing"
{
      "query" : {
        "match_phrase" : {
          "_all": "rock climbing"
        }
      }
}
搜索清单号码(全词匹配)
POST http://172.16.18.116:9200/cdr*/_search
{
      "query" : {
        "match" : {
          "msisdn": "85267944762"
        }
      }
}
分析查询文本
POST http://172.16.18.116:9200/logstash-2015.08.01/_analyze
O_Str[9]=20150630-111344
Explan Query
POST http://172.16.18.116:9200//_validate/query?explain 
    {
      "query": {
        "query_string": {
          "query": "abc"
        }
      }
    }
定义模板
PUT http://172.16.18.116:9200/_template/cdr
{
        "order": 0,
        "template": "cdr*",
        "settings": {
            "index.refresh_interval": "30m",
            "index.number_of_replicas": "1",
            "index.number_of_shards": "1",
            "index.translog.flush_threshold_ops": "100000"
        },
        "mappings": {
            "_default_": {
                "dynamic_templates": [
                    {
                        "string_fields": {
                            "mapping": {
                                "index": "not_analyzed",
                                "omit_norms": true,
                                "type": "string"
                            },
                            "match": "*",
                            "match_mapping_type": "string"
                        }
                    }
                ],
                "_all": {
                    "enabled": true
                },
                "date_detection": false
            },
            "hjscdr": {
                "properties": {
                    "starttime": {
                        "index": "not_analyzed",
                        "type": "string"
                    },
                    "msisdn": {
                        "index": "not_analyzed",
                        "type": "string"
                    },
                    "rectype": {
                        "index": "no",
                        "type": "string"
                    },
                    "pdp_address": {
                        "index": "not_analyzed",
                        "type": "string"
                    },
                    "roaming_charge": {
                        "type": "long"
                    },
                    "unit": {
                        "type": "long"
                    },
                    "totallink": {
                        "type": "long"
                    },
                    "@timestamp": {
                        "type": "long"
                    },
                    "startdate": {
                        "index": "not_analyzed",
                        "type": "string"
                    },
                    "charging_item": {
                        "index": "not_analyzed",
                        "type": "string"
                    },
                    "sgsn": {
                        "index": "not_analyzed",
                        "type": "string"
                    },
                    "imsi": {
                        "index": "not_analyzed",
                        "type": "string"
                    },
                    "apn": {
                        "index": "not_analyzed",
                        "type": "string"
                    },
                    "uplink": {
                        "type": "long"
                    },
                    "ggsn": {
                        "index": "not_analyzed",
                        "type": "string"
                    },
                    "downlink": {
                        "type": "long"
                    }
                }
            }
        }
}
logstash模板示例
PUT http://172.16.18.116:9200/_template/logstash
{
        "order": 99,
        "template": "logstash-*",
        "settings": {        
          "index.refresh_interval": "5s",
          "index.number_of_replicas": "1",
          "index.number_of_shards": "1",
          "index.translog.flush_threshold_ops": "5000"          
        },
        "mappings": {
            "_default_": {
              "_all": {
                "enabled": true,
                "omit_norms": true
              },
              "dynamic_templates": [
                {
                  "message_field": {
                    "match": "message",
                    "match_mapping_type": "string",
                    "mapping": {
                      "type": "string",
                      "index": "analyzed",
                      "omit_norms": true
                    }
                  }
                },
                {
                  "string_fields": {
                    "match": "*",
                    "match_mapping_type": "string",
                    "mapping": {
                      "type": "string",
                      "index": "analyzed",
                      "omit_norms": true,
                      "fields": {
                        "raw": {
                          "type": "string",
                          "index": "not_analyzed",
                          "ignore_above": 256
                        }
                      }
                    }
                  }
                }
              ],
              "properties": {
                "@version": {
                  "type": "string",
                  "index": "not_analyzed"
                },
                "geoip": {
                  "type": "object",
                  "dynamic": true,
                  "properties": {
                    "location": {
                      "type": "geo_point"
                    }
                  }
                }
              }
            }
          }
      }
}

进阶操作

刷新数据到磁盘
POST http://172.16.18.116:9200/_flush
设置索引刷新频率
PUT http://172.16.18.116:9200/cdr*/_settings
    {
      "index.translog.flush_threshold_ops": 5000,
      "index.refresh_interval": "5s"
    }
查看node segment的memory
GET http://172.16.18.179:9200/_cat/nodes?v=&h=name,port,sm
查看fielddata占用内存情况(查询时es会把fielddata信息load进内存)
GET http://172.16.18.114:9200/_stats/fielddata
aggs max(求某个索引类型一段时间内某一字段最大值)
POST http://172.16.18.116:9200/logstash-2015.11.17/heartbeat/_search
    {  
      "query": {
        "range": {
          "@timestamp": {
            "from": 1547330883236,
            "to": 1547330883236
          }
        }
      },
      "size": 0,
      "aggs": {
        "max_time": {
          "max": {
            "field": "@timestamp"
          }
        }
      }
    }
监控FieldData
GET http://172.16.18.114:9200//_nodes/stats/indices/fielddata?fields=*
cat fielddata

https://www.elastic.co/guide/en/elasticsearch/reference/current/cat-fielddata.html

GET http://172.16.18.179:9200/_cat/fielddata?v
多列聚合操作

实现如mysql的group by功能:
select yearmon(createtime) yearmon,method,status,count(*) from test group by yearmon,method,status

POST http://172.16.18.116:9200/test/_search
    {
        "size": 0,
        "aggs" : {
            "day_total" : {
                "date_histogram":{
                    "field": "CreateTime",
                    "interval": "day",
                    "format": "yyyyMMdd"
                },
                "aggs": {
                    "method_total":{
                        "terms": {"field": "method"},
                        "aggs":{                    
                            "status_total":{
                                "terms": {"field": "status"}
                            }
                        }                      
                    }      
                }
            }
        }
    }
设置文档_ttl值
PUT http://172.16.18.116:9200/_template/template_logstash
    {
      "template" : "logstash*",
      "settings" : {
          "number_of_shards" : 1,
          "number_of_replicas": 1      
      },
      "mappings" : {
        "hostapd.log":{
          "_ttl" : { "enabled" : true, "default" : "30d" }
        },
        "hostapd1.log":{
          "_ttl" : { "enabled" : true, "default" : "30d" }
        }    
      }
    }
Indices shard stores(2.0以上)
GET http://172.16.18.114:9200//logstash-2016.01.07/_shard_stores
节点jvm信息
GET http://172.16.18.114:9200/_nodes/*/stats/jvm
暂停集群的shard自动均衡
PUT http://172.16.18.116:9200/_cluster/settings
    {
        "transient" : {
            "cluster.routing.allocation.enable" : "none"
        }
    }
恢复集群的shard自动均衡
PUT http://172.16.18.179:9200/_cluster/settings
    {
        "transient" : {
            "cluster.routing.allocation.enable" : "all"
        }
    }
重启节点
POST http://172.16.18.116:9200/_cluster/nodes/elasticsearch_114/_shutdown
查看索引Segments信息
GET http://172.16.18.116:9200//logstash-2016.01.07/_segments
scan-and-scroll
POST http://172.16.18.116:9200/_search/scroll?scroll=1m
c2NhbjsxOzU3NzIzOmZpVXBnR0VDUl9lRFF3ejBJUjBkOVE7MTt0b3RhbF9oaXRzOjE5OTc2ODs=
Limiting Memory Usage(fielddata-size)

https://www.elastic.co/guide/en/elasticsearch/guide/current/_limiting_memory_usage.html#fielddata-size

POST http://172.16.18.116:9200//_cluster/settings
    {
        "persistent" : {
            "indices.fielddata.break.limit" : "80%",
            "indices.fielddata.cache.size" : "60%"
        }
    }
清理cache
POST http://172.16.18.114:9200//_cache/clear
优化索引
POST http://172.16.18.114:9200/_optimize?max_num_segments=1
nodes/hot_threads
GET http://172.16.18.114:9200/_nodes/hot_threads
刷新synced(1.7以上才支持)
    PUT http://172.16.18.116:9200/_flush/synced
    {
        "transient" : {
            "cluster.routing.allocation.enable" : "none"
        }
    }
段合并节流控制
PUT http://172.16.18.116:9200//_cluster/settings
    {
        "persistent" : {
            "indices.fielddata.break.limit" : "80%",
            "indices.fielddata.cache.size" : "60%"
        }
    }
查看segment的memory
GET http://172.16.18.179:9200/_cat/segments?v
深翻页(scan-and-scroll)
    POST http://172.16.18.116:9200/test_index/_search?search_type=scan&scroll=1m
    {
      "query": { 
        "match_all": {}
      }, 
      "size": 1000 
    }
集群性能优化
PUT http://172.16.18.116:9200//_cluster/settings
    {
        "persistent" : {
            "indices.store.throttle.type" : "none",
            "indices.store.throttle.max_bytes_per_sec" : "100mb",
            "indices.fielddata.break.limit" : "80%",
            "indices.fielddata.cache.size" : "60%"        
        }
    }
searchguard-auth
PUT http://172.16.18.114:9201/searchguard/ac/ac
    {"acl": [
        {
            "__Comment__": "Default is to execute all filters",
            "filters_bypass": [],
            "filters_execute": ["actionrequestfilter.deny"]
        },
        {
            "__Comment__": "This means that every requestor (regardless of the requestors hostname and username) which has the root role can do anything",
            "roles": ["root"],
            "filters_bypass": ["*"],
            "filters_execute": []
        },
        {
            "__Comment__": "172.16.18.171 can do anything",
            "hosts": ["172.16.18.171"],
            "filters_bypass": ["*"],
            "filters_execute": []
        },
        {
            "__Comment__": "172.16.18.114 readonly",
            "hosts": ["172.16.18.114"],
            "filters_bypass": ["actionrequestfilter.deny"],
            "filters_execute": ["actionrequestfilter.readonly"]
        },
        {
            "__Comment__": "172.16.18.114, index: *kibana*, can do anything",
            "hosts": ["172.16.18.114"],
            "indices": ["*kibana*"],
            "filters_bypass": ["*"],
            "filters_execute": []
        },
        {
            "__Comment__": "This means that for the user spock on index popstuff only the actionrequestfilter.readonly will be executed, no other",
            "users": ["user"],
            "indices": ["cdr*"],
            "filters_bypass": ["actionrequestfilter.deny"],
            "filters_execute": ["actionrequestfilter.readonly"]
        }
    ]}
笑天居士
关注
  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
ES学习记录9.2——请求体搜索(Search Type和Scroll)
jacksonary的博客
11-13 1271
9.1 搜索类型(Search Type)  ES执行分布式搜索时可以执行不同的执行路径,分布式搜索需要将搜分散到所有相关的碎片shards,然后收集所有结果。在执行分散/聚集类型操作时,有几种方法可以执行此操作,特别是使用搜索引擎。当执行分布式搜索时,有一个问题是从每个分片上搜索多少结果,例如,如果我们有10个分片,则第一个分片可能保持从0到10的最相关结果,其他分片结果排在其下方,因此,当执行...
ElasticSearch高级查询
xiaoyaGrace的博客
11-11 182
首先预览一下ES的几种查询方式: 1、模糊匹配 restful API格式:http://localhost:9200/索引/_search 请求格式:POST 关键词:match 以上篇文章中book索引为例,模糊匹配title字段: { "query":{ ...
ElasticSearch 最全详细使用教程
qq_40907977的博客
09-06 1万+
一、快速入门 查看集群的健康状况 http://localhost:9200/_cat http://localhost:9200/_cat/health?v 说明:v是用来要求在结果中返回表头 状态值说明 Green - everything is good (cluster is fully functional),即最佳状态 Yellow - all data is available but some replicas are not yet allocated (cluster is fu
ELK(elasticsearch+logstash+kibana+beats)
最新发布
CelineT的博客
07-19 784
Elasticsearch(以下简称ES) 是一个分布式、RESTful 风格的搜索和数据分析引擎,能够解决不断涌现出的各种用例。ES是 Elastic Stack 的核心,采用集中式数据存储,可以通过机器学习来发现潜在问题。ES能够执行及合并多种类型的搜索(结构化数据、非结构化数据、地理位置、指标)。支持 PB级数据的秒级检索。:Kibana 是一个免费且开放的用户界面,能够让您对 Elasticsearch 数据进行可视化,并让您在 Elastic Stack 中进行导航。
Observability: 使用Elasticsearch,Kibana,Heartbeat 监控网站并使用 Slack 发出警报
Elastic 中国社区官方博客
05-24 3124
在之前的文章“使用Heartbeat进行Uptime监控”中,我介绍了使用 Uptime 来监控一个网站的运行情况。在之后的很多文章中我也介绍了如何使用 Elastic Alerts 来发送一个警报。如果你想了解更多,请参阅文章“Elastic: 创建一个 Elastic 邮件警报 - 7.7 发行版”。在今天的教程中,我将会把这两个用例串起来。使用 Elastic Stack 所提供的 Heartbeat 来监控一个网站的运行。当网站宕机的时候,它将自动发送一个警报到 Slack。 安装 E.
ElasticSearch Java API 中文文档
01-04
12. **ElasticSearch Java API版本操作**: 例如ElasticSearch 5.0.1的Java API操作。 13. **滚动搜索 (Scroll API)**: 在处理大量数据集时,可以通过Scroll API持续检索大范围的数据,而不需要一次性加载所有数据到...
Elasticsearch查询API
10-13
Elasticsearch查询API】是Elasticsearch中用于检索数据的核心功能,允许用户通过各种查询语句和过滤条件从索引中获取相关文档。本文将详细介绍Elasticsearch接口API的使用,特别是全文检索、查询匹配以及常用的...
elasticsearch java api 离线文档
11-06
在Java API中,Elasticsearch提供了多种操作方法,包括索引创建、文档的增删改查、搜索查询、聚合分析等。以下是几个核心概念和功能的详细解释: 1. **客户端(Client)** 客户端是与Elasticsearch集群进行通信的...
springboot 集成elasticsearch ,api的使用
08-02
在本文中,我们将深入探讨如何将Spring Boot与Elasticsearch集成,并使用其API进行数据操作Elasticsearch是一个流行的开源搜索引擎,它提供了实时、分布式、容错能力的搜索和数据分析功能。Spring Boot则是一个...
elasticsearch java操作api实例
09-29
Elasticsearch是一个分布式、RESTful风格的搜索和数据分析引擎,被广泛用于实时的索引和搜索,尤其在大数据分析和实时数据检索...同时,合理使用Java API提供的方法,可以有效提升Elasticsearch操作的效率和灵活性。
elasticsearch-header跨域访问ES问题 Access to XMLHttpRequest at 'http://localhost:9200/_cluster/health' fro
嘿!没错,我是李先生
12-03 1960
浏览器控制台报错: Access to XMLHttpRequest at 'http://localhost:9200/_cluster/health' from origin 'http://localhost:9100' has been blocked by CORS policy: Request header field content-type is not allowed by A...
Elasticsearch - Indices stats 获取索引级别的统计信息之二 【store】存储大小
BigManing的博客
01-22 1814
文章目录一、获取store大小1、获取所有索引的store大小2、获取指定索引的store大小3、获取同类索引的store大小二、输出结果三、结果详情1、_shards2、_all3、indices 转载请标明出处: http://blog.csdn.net/qq_27818541/article/details/112909702 本文出自:【BigManing的博客】 一、获取store大小 可以不指定索引 、也可以指定具体索引、也可以指定模糊索引 1、获取所有索引的store大小 http://l
ElasticSearch基本操作
SuperMap技术控
03-14 5678
作者:dominating 本文将介绍使用ElasticSearch提供的REST API来对ElasticSearch进行基础的操作。 安装curl 安装curl(https://curl.haxx.se/download.html)下载安装包,或者直接下载 wget http://curl.haxx.se/download/curl-7.20.0.tar.gz 解压到指定...
springDataElasticsearch +spring搭建
qq_15294055的博客
04-30 380
springdataelasticsearch +spring搭建前言遇到的坑spring XMLdao类开发Service类实体类导入数据sql分页整理的查询条件 前言 在写这个博客的时候,我是很迷茫的,因为网上这类教程实在是多如牛毛,同时我自己也是看了很多的demo,但是我想要整理处理的是一个特别详细的教程。 遇到的坑 java版本问题, 我这里使用的版本是:spring5.0.7.RELE...
Elasticsearch判断index是否存在--java实现
热门推荐
ZK_小小世界的专栏
09-02 2万+
在做Elasticsearch相关开发的时候,有个地方需要用java判断index在集群中是否存在,于是在Elasticsearch java api中找了半天,总算是找到了,记录下来,方便自己,也方便别人。 java实现代码: import java.net.InetAddress; import org.elasticsearch.action.admin.indices.exists.
ELK+filebeat+metricbeat+heartbeat+auditbeat安装配置及汉化
江南T雨
02-20 4041
一、基础环境介绍 Centos 7.5 x64 ElasticSearch 6.5.1 Logstash 6.5.1 Kibana 6.5.1 filebeat 6.5.1 metricbeat 6.5.1 heartbeat 6.5.1 auditbeat 6.5.1 Kibana_Hanization 6.5.1 二、ElasticSearch安装 安装JDK,配置J...
elasticsearch5.3.0 bulk index 性能调优实践
东境物语
10-23 9591
导语: 腾讯云CDN上每天产生大量回源日志,回源日志通常用在问题定位的时候比较有用。这里使用filebeat+logstash+elasticsearch的方案收集、存储日志数据并提供查询。当前的使用场景里,每天有70亿条日志需要存储,属于写多读少的场景。本文整理了在搭建elasticsearch集群的时候需要注意的配置项,通过对这些配置项的调整,期望提高elasticsearch写入的性能。
elasticsearch-java api之索引(index)的各种操作
赶路人儿
12-04 1万+
1、创建索引: 1)简单索引——没有指定mapping public static boolean createIndex(String indexName) { IndicesAdminClient indicesAdminClient = transportClient.admin() .indices(); CreateIndexResponse response = i
Linux上开发常见问题整理
会飞的狼
05-06 3044
Linux上开发常见问题整理1.java工程在linux上运行测试 ①首先要有一个main方法作为主类,程序的入口,右键-->Run As-->javaapplication生成配置文件入口 ②右键该工程-->Export-->Runnable JAR file-->选择上一步生成的配置文件作为该jar运行入口,确定即可 ③运行java  -jar  jar名+后缀(...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值