es 基本语法 使用 案例


[javascript]  view plain  copy
  1. elasticsearch 语法汇总  
  2.   
  3. 使用 es 已有段时间 今天 有时间 就把最近使用用到的知识点 记录下来,以备后续使用  
  4.   
  5. es  安装 和插件配置 等知识 这里就不在 累述  
  6.   
  7. 1 基本命令 使用  
  8.    
  9.   基于 curl 使用 命令   
  10.   
  11.     修改 副本信息  因为 index 一旦建成 分片个数就不能修改 只能修改 副本个数  
  12.     curl -XPUT 'http://localhost:9200/test/_settings' -d '{  
  13.         "index":{"number_of_replicas" : 0}  
  14.     }'  
  15.     同样(注意 mapping 一旦创建 只能新增 不能修改)  
  16.   
  17.   
  18.   
  19.   基于 DSL 语句  
  20.   
  21.   
  22.     查询 指定 数据   
  23.     term 完全匹配  
  24.     {  
  25.         "query":{  
  26.             "term":{  
  27.                 "id":1  
  28.             }  
  29.         }  
  30.     }  
  31.     match 使用  
  32.     {  
  33.         "query":{  
  34.             "match":{  
  35.                 "title":"bmw"  
  36.             }  
  37.         }  
  38.     }  
  39.      must 使用 必须   
  40.   
  41.     {  
  42.         "query":{  
  43.             "bool":{  
  44.                 "must":{  
  45.                     "title":"baidu"  
  46.                 }  
  47.             }  
  48.         }  
  49.     }  
  50.     must should must_not 综合使用 基本  
  51.     {  
  52.         "query":{  
  53.             "bool":{  
  54.                 "must":{  
  55.                     "title":"baidu"  
  56.                 },  
  57.                 "should":{  
  58.                     "name":"cdd"  
  59.                 },  
  60.                 "must_not":{  
  61.                     "age":23  
  62.                 }  
  63.             }  
  64.         }  
  65.     }  
  66.     must should must_not 综合使用 复杂  
  67.     {  
  68.         "query":{  
  69.             "bool":{  
  70.                 "must":[  
  71.                     {  
  72.                         "age":2  
  73.                     },  
  74.                     {  
  75.                         "name":"cdd"  
  76.                     }  
  77.                 ],  
  78.                 "should":[],//一样用法 不在举例  
  79.                 "must_not":[] //一样用法 不在举例  
  80.             }  
  81.         }  
  82.     }  
  83.   
  84.     聚合 使用 aggs   
  85.     max min 简单使用  
  86.     {  
  87.         "aggs":{  
  88.             "max_id":{  
  89.                "max":{  
  90.                   "field":"id"  
  91.                }  
  92.             },  
  93.             "min_id":{  
  94.                "min":{  
  95.                   "field":"id"  
  96.                }  
  97.             }  
  98.         }  
  99.     }  
  100.     terms 使用 基本  
  101.     {  
  102.         "aggs":{  
  103.             "title":{  
  104.                 "terms":{  
  105.                     "field":"name",  
  106.                     "size":10,  // 显示 个数 默认10个 ,0 代表所有 最好根据情况定  
  107.                 }  
  108.             }  
  109.         }  
  110.     }  
  111.     terms 使用 复杂   
  112.     {  
  113.         "aggs":{  
  114.             "title":{  
  115.                 "terms":{  
  116.                     "field":"name",  
  117.                     "size":10,  // 显示 个数 默认10个 ,0 代表所有 最好根据情况定  
  118.                     "order":{  
  119.                         "score":"desc"//asc  
  120.                     }  
  121.                 },  
  122.                 "aggs":{  
  123.                     "score":{  
  124.                         "max":{  
  125.                             "field":"score"  
  126.                         }  
  127.                     }  
  128.                 }  
  129.             }  
  130.         }  
  131.     }  
  132.   
  133.     cardinality 去重 使用 统计 title 不同的总个数  
  134.     {  
  135.         "aggs":{  
  136.             "title":{  
  137.                 "cardinality":{  
  138.                     "field":"title"  
  139.                 }  
  140.             }  
  141.         }  
  142.     }  
  143.   
  144.    DSL 满足各种情况 更加复杂 的aggs 统计 如何(案例)  
  145.    {    
  146.       "size": 0,    
  147.       "aggs": {    
  148.         "daterange": {    
  149.           "filter": {    
  150.             "range": {    
  151.               "date": {    
  152.                 "from""now-2M"    
  153.               }    
  154.             }    
  155.           },    
  156.           "aggs": {    
  157.             "publisher": {    
  158.               "terms": {    
  159.                 "field""publisher_na",    
  160.                 "size": 30,    
  161.                 "order": {    
  162.                   "ads""desc"    
  163.                 }    
  164.               },    
  165.               "aggs": {    
  166.                 "ads": {    
  167.                   "cardinality": {    
  168.                     "field""md5"    
  169.                   }    
  170.                 },    
  171.                 "date_num": {    
  172.                   "terms": {    
  173.                     "field""date_day",    
  174.                     "size": 0,    
  175.                     "order": {    
  176.                       "date_day""asc"    
  177.                     }    
  178.                   },    
  179.                   "aggs": {    
  180.                     "date_day": {    
  181.                       "max": {    
  182.                         "field""date_day"    
  183.                       }    
  184.                     }    
  185.                   }    
  186.                 }    
  187.               }    
  188.             }    
  189.           }    
  190.         }    
  191.       }    
  192.     }    
  193.   
  194.     更为复杂 和 个别语法  请参考官网  
  195.   
  196.     未完 待续  

你可能感兴趣的:(ELK)