接上篇:Kibana 7.x 的安装与界面预览(阿里云Ubuntu)
系统环境
- 操作系统:Ubuntu 18.04 LTS(阿里云)
- 系统IP
# 内网,私有地址
172.内.内.内
# 外网,公有地址
112.外.外.外
- Elasticsearch 版本:7.2
- Kibana 版本:7.2
- Logstash 版本:7.2
安装与配置
- 官方文档:https://www.elastic.co/guide/...
- Logstash 不同于 Elasticsearch 和 Kibana,需要单独安装 Java 环境
~$ sudo apt install default-jdk
~$ java -version
openjdk version "11.0.3" 2019-04-16
OpenJDK Runtime Environment (build 11.0.3+7-Ubuntu-1ubuntu218.04.1)
OpenJDK 64-Bit Server VM (build 11.0.3+7-Ubuntu-1ubuntu218.04.1, mixed mode, sharing)
- 下载 logstash
wget https://artifacts.elastic.co/downloads/logstash/logstash-7.2.0.tar.gz
- 解压 logstash
tar -zxf logstash-7.2.0.tar.gz
- 后续操作在 logstash-7.2.0 内目录进行
cd logstash-7.2.0/
- 到 grouplens 下载 MovieLens 测试数据集
wget http://files.grouplens.org/datasets/movielens/ml-latest-small.zip
- 解压测试数据集
unzip ml-latest-small.zip
- 创建并编辑 logstash.conf 文件,添加如下内容(Ruby 语法)
input {
file {
path => "/home/walker/es/ml-latest-small/movies.csv"
start_position => "beginning"
sincedb_path => "/dev/null"
}
}
filter {
csv {
separator => ","
columns => ["id","content","genre"]
}
mutate {
split => { "genre" => "|" }
remove_field => ["path", "host","@timestamp","message"]
}
mutate {
split => ["content", "("]
add_field => { "title" => "%{[content][0]}"}
add_field => { "year" => "%{[content][2]}"}
}
mutate {
convert => {
"year" => "integer"
}
strip => ["title"]
remove_field => ["path", "host","@timestamp","message","content"]
}
}
output {
elasticsearch {
hosts => "http://172.18.193.52:9200"
index => "movies"
document_id => "%{id}"
}
stdout {}
}
- 导入数据,注意导入后不会自动退出,用 Ctrl-C 手动退出
# 个人路径有所不同
./bin/logstash -f /home/walker/es/ml-latest-small/logstash.conf
- Management 查看数据(Index 相当于关系型数据库的 Table)
- 关系型数据库与 Elasticsearch 的抽象与类比
- Dev tools 查看文档总数(即数据总条数)
# 查看数据总量
GET /movies/_count
# 控制台输出
{
"count" : 9743,
"_shards" : {
"total" : 1,
"successful" : 1,
"skipped" : 0,
"failed" : 0
}
}
- 查看 id 为 1 的数据
# 查看 id 为 1 的数据
GET /movies/_doc/1
# 控制台输出
{
"_index" : "movies",
"_type" : "_doc",
"_id" : "1",
"_version" : 1,
"_seq_no" : 121,
"_primary_term" : 1,
"found" : true,
"_source" : {
"@version" : "1",
"genre" : [
"Adventure",
"Animation",
"Children",
"Comedy",
"Fantasy"
],
"year" : 1995,
"id" : "1",
"title" : "Toy Story"
}
}
- 删除 movies 数据(Elasticsearch 的 Index 可对标关系型数据库的 Table)
# 删除命令
DELETE /movies
# 控制台输出
{
"acknowledged" : true
}
walker 的目录结构
$ tree /home/walker/es/ -L 2
/home/walker/es/
├── elasticsearch-7.2.0
│ ├── bin
│ ├── config
│ ├── data
│ ├── jdk
│ ├── lib
│ ├── LICENSE.txt
│ ├── logs
│ ├── modules
│ ├── NOTICE.txt
│ ├── plugins
│ └── README.textile
├── elasticsearch-7.2.0-linux-x86_64.tar.gz
├── kibana-7.2.0-linux-x86_64
│ ├── bin
│ ├── built_assets
│ ├── config
│ ├── data
│ ├── LICENSE.txt
│ ├── node
│ ├── node_modules
│ ├── NOTICE.txt
│ ├── optimize
│ ├── package.json
│ ├── plugins
│ ├── README.txt
│ ├── src
│ ├── target
│ ├── webpackShims
│ └── x-pack
├── kibana-7.2.0-linux-x86_64.tar.gz
├── logstash-7.2.0
│ ├── bin
│ ├── config
│ ├── CONTRIBUTORS
│ ├── data
│ ├── Gemfile
│ ├── Gemfile.lock
│ ├── lib
│ ├── LICENSE.txt
│ ├── logs
│ ├── logstash-core
│ ├── logstash-core-plugin-api
│ ├── modules
│ ├── NOTICE.TXT
│ ├── tools
│ ├── vendor
│ └── x-pack
├── logstash-7.2.0.tar.gz
├── ml-latest-small
│ ├── links.csv
│ ├── logstash.conf
│ ├── movies.csv
│ ├── ratings.csv
│ ├── README.txt
│ └── tags.csv
└── ml-latest-small.zip
本文是阮一鸣《 Elasticsearch核心技术与实战》的学习笔记。