Search your data(文档)
search query(query),是对 Elasticsearch 数据流或索引中的数据进行信息请求的操作。
Track total hits:精确获取超过 10000 的匹配结果数量(文档)
GET /my-index-000001/_search
{
"track_total_hits": true,
"query": {
"match" : {
"user.id" : "elkbee"
}
}
}
Filter serach results:使用布尔条件过滤查询结果(文档)
GET /shirts/_search
{
"query": {
"bool": {
"filter": [
{
"term": {
"color": "red" }},
{
"term": {
"brand": "gucci" }}
]
}
}
}
Retrieve selected fields from a search:筛选查询结果所需字段(文档)
GET /_search
{
"_source": false,
"query": {
"match": {
"user.id": "kimchy"
}
}
}
GET /_search
{
"_source": "obj.*",
"query": {
"match": {
"user.id": "kimchy"
}
}
}
GET /_search
{
"_source": [ "obj1.*", "obj2.*" ],
"query": {
"match": {
"user.id": "kimchy"
}
}
}
GET /_search
{
"_source": {
"includes": [ "obj1.*", "obj2.*" ],
"excludes": [ "*.description" ]
},
"query": {
"term": {
"user.id": "kimchy"
}
}
}
Sort search results:查询结果排序(文档)
GET /my-index-000001/_search
{
"sort" : [
{
"post_date" : {
"order" : "asc", "format": "strict_date_optional_time_nanos"}},
"user",
{
"name" : "desc" },
{
"age" : "desc" },
"_score"
],
"query" : {
"term" : {
"user" : "kimchy" }
}
}
Query DSL(文档)
Query DSL 是 Elasticsearch 中用于在 JSON 格式中编写查询语句的领域特定语言(DSL)。
Query and filter context:查询和过滤语法(文档)
GET /_search
{
"query": {
"bool": {
"must": [
{ "match": { "title": "Search" }},
{ "match": { "content": "Elasticsearch" }}
],
"filter": [
{ "term": { "status": "published" }},
{ "range": { "publish_date": { "gte": "2015-01-01" }}}
]
}
}
}
Term-level queries
wildcard:通配符查询(文档)
GET /_search
{
"query": {
"wildcard": {
"user.id": {
"value": "ki*y",
"boost": 1.0,
"rewrite": "constant_score"
}
}
}
}
Aggregations
Bucket aggregations
Terms Aggregation:为每一个唯一值构建一个桶(文档)
GET /my-index-000001/_search
{
"aggs": {
"genres": {
"terms": {
"field": "genre" }
}
}
}
Example:在 my-index-000001 索引中使用 script 脚本生成字段聚合
GET /my-index-000001/_search?
{
"size": 0,
"aggs": {
"result": {
"terms": {
"script": {
"inline": "doc['<field1>']+','+doc['<field2>']+','+doc['<field3>']"
},
"size": 200
}
}
},
"track_total_hits": true
}
Metrics Aggregations
Cardinality:基数聚合(统计唯一值数量)(文档)
POST /sales/_search?size=0
{
"aggs": {
"type_count": {
"cardinality": {
"field": "type"
}
}
}
}
REST APIs
Document APIs
Update By Query API:更新文档(文档)
POST /<target>/_update_by_query
POST my-index-000001/_update_by_query?conflicts=proceed
Example:将 my-index-000001 索引中 MARKER 字段为 3 的更改为 2
POST /my-index-000001/_update_by_query
{
"query": {
"bool": {
"must": [{
"term": {
"MARKER": "3"
}
}]
}
},
"script": {
"lang": "painless",
"source": "ctx._source.MARKER=2"
}
}
Example:在 my-index-000001 中添加 TYPE_CODE 字段并令其等于 TYPECODE
POST /my-index-000001/_update_by_query
{
"query": {
"bool": {
"must_not": [{
"exists": {
"field": "TYPE_CODE"
}
}]
}
},
"script": {
"lang": "painless",
"source": "ctx._source.TYPE_CODE=ctx._source.TYPECODE"
}
}
Index APIs
Close Index API:关闭索引(文档)
POST /<index>/_close
POST /my-index-000001/_close
Open Index API:打开索引(文档)
POST /<target>/_open
POST /my-index-000001/_open
将 Kibana 请求转换为 Curl 命令
curl -XPOST [集群信息]/请求信息 -H 'Content-Type:application/json' -d '[请求体]'
Example:
curl -XPOST zxtech:[email protected]:19200/power_old_meter_idx/_search?pretty -H 'Content-Type:application/json' -d '{"size": 0,"aggs": {"res1": {"terms": {"field": "ABSO","size": 50},"aggs": {"res2": {"terms": {"field": "USAGE","size": 50}}}}},"track_total_hits": true}'
curl -XPOST zxtech:[email protected]:19200/*yc_meter_archives*/_search?pretty -H 'Content-Type:application/json' -d '{"size": 0,"aggs": {"res1": {"terms": {"field": "CMP_WIRING_MODE","size": 50}}},"track_total_hits": true}'