数据集:
1. 莎士比亚的所有著作,合适地解析成了各个字段:shakespeare.json。
https://www.elastic.co/guide/en/kibana/3.0/snippets/shakespeare.json
2. 随机生成的虚构账号数据:accounts.json
https://github.com/bly2k/files/blob/master/accounts.zip?raw=true
3. 随机生成的日志文件:logs.jsonl
https://download.elastic.co/demos/kibana/gettingstarted/logs.jsonl.gz
将他们加载入ES。
先解压缩,然后使用命令批量加载。
莎士比亚数据集由如下数据格式组织
{
"line_id": INT,
"play_name": "String",
"speech_number": INT,
"line_number": "String",
"speaker": "String",
"text_entry": "String",
}
账户数据集由如下数据格式组织
{
"account_number": INT,
"balance": INT,
"firstname": "String",
"lastname": "String",
"age": INT,
"gender": "M or F",
"address": "String",
"employer": "String",
"email": "String",
"city": "String",
"state": "String"
}
日志数据有几十个不同的字段,但是在教程中关注的字段如下:
{
"memory": INT,
"geo.coordinates": "geo_point"
"@timestamp": "date"
}