A mounting and kibana es
See: https: //www.cnblogs.com/kakatadage/p/9922359.html
Second, check out the official use of the document
see: https: //www.elastic.co/guide/en/elasticsearch/reference/7.x/index.html
Three, index-related operations
Note: The following are the name of the index test
1. Create index
(1) The easiest way to create, use the default configuration parameters are
PUT /test
(2) can take three parameters: aliases, mappings and settings
- aliases: imparting to one or more additional alias index
eg:
to add an alias index single
POST /_aliases
{
"actions" : [
{
"add" : {
"index" : "test1", "alias" : "alias1"
}
}
]
}
or
PUT /test/_alias/alias1
Add an alias to multiple index
POST /_aliases
{
"actions" : [
{
"add" : {
"indices" : ["test1", "test2"], "alias" : "alias1"
}
}
]
}
Alias when creating an index
PUT /test
{
"aliases": {
"test-1": {}
}
}
- mappings: index index data structure inside like JAVA objects, which also includes such properties that (Field; Note: ES does not support modifying existing Filed name and type )
EG:
PUT /test/_mapping
{
"properties": {
"email": {
"type": "keyword"
}
}
}
Acquiring mapping
GET /test/_mapping
Acquiring mapping field
GET /test/_mapping/field/fieldName
Delete Field, Mapping
- Settings: parameters index has the following parameters:
- include_type_name (contains mapping type; default false; Note: mapping types are removed when 7.x, see the specific reasons: https: // www. elastic.co/guide/en/elasticsearch/reference/7.3/removal-of-types.html#_custom_type_field)
- wait_for_active_shards (waiting for a copy of the node are active only operate, or waits until a timeout; default 1, that is only waiting for the main fragment before continuing in the active state)
- timeout (timeout operation; default 30s)
- master_timeout (master node connection timeout; default 30s)
EG:
The PUT / Test
{
"Settings": {// release in 7.x: fragment number and the default number is backup. 1
"number_of_shards": ". 1",
"number_of_replicas": ". 1",
},
"Mappings": {
"Properties": {
"field1": { "type": "text"}
}
}
}
Note: Due to the 7.x time, mapping types is removed, so each index stores only one entity
2. Create Mapping
(1) created when the index is created
The PUT / Test
{
"Settings": {// release in 7.x: fragment number and the default number is backup. 1
"number_of_shards": ". 1",
"number_of_replicas": ". 1",
},
"Mappings": {
"Properties": {
"field1": { "type": "text"}
}
}
}
(2) create the existing index in
PUT /test/_mapping
{
"properties": {
"email": {
"type": "keyword"
}
}
}
Note: ES does not support modifying existing Filed name and type
3. Delete the index
(1) delete individual
DELETE /twitter
(2) delete multiple / all ( Note: This is very dangerous , so this operation is prohibited, is about to elasticsearch.yml action.destructive_requires_name settings configuration is true, this time to delete the index will need to indicate clearly the name of the index)
DELETE _all or DELETE xx *
4. Get Information index
(1) obtaining single
GET /test
(2) obtaining a plurality of / all
GET _all or GET xx *
The determination whether there is an index (200 returns exists; otherwise 404)
HEAD /test
Note: This test is an index name, but if the index named test does not exist, but there is an alias for the test also evaluates to true
6. Close / Open index (index once closed, can not read and write operations)
POST /test/_close
POST /test/_open
Note: You can also use _all and delete operations as fuzzy matching keywords or close multiple indexes, of course, you can disable this operation, that action.destructive_requires_name set to true. Operation is very close index take up disk space, so you can set cluster.indices.close.enable = false to disable index closed operations, the default is true.
7. contraction index . (Moved to an index of a master slice index less, but the number of fragments of a target index, the index must be a number of sources, such as fragmentation factor, the number of source index fragments are: 8, then destination index number of fragments may be: 4, 2, 1;)
(1) and the index is set to read-only copies of all moved to the same node (shrink Prerequisites: copy must be in the same node)
The PUT / my_source_index / _settings
{
"Settings": {
"index.routing.allocation.require._name":
"shrink_node_name", // force the copy of each tile shrink_node_name relocated to a node named
"index.blocks. write ": true // read-only
}
}
(2) create a target index (copy of source-based index)
? My_source_index the POST / _shrink / my_target_index to true copy_settings =
{
"Settings": {
"index.routing.allocation.require._name": null, // remove each copy source index forcibly relocated to slice the named shrink_node_name node configuration
"index.blocks.write": null // Clear the source index is set to read-only configuration
}
}
(3) migration
? My_source_index the POST / _shrink / my_target_index to true copy_settings =
{
"Settings": {
"index.number_of_replicas":. 1, // number of copies
"index.number_of_shards": 1, // fractal sheet
"index.codec": "best_compression "// optimum compression only when writing a new index into effect, e.g. forcibly combined into a single time slice segment
},
" aliases ": {
" my_search_indices ": {}
}
}
8. expansion index (contraction and vice versa)
split rule: The index can be split several times, but the maximum number of fragments split by creating an index is the number_of_routing_shards decision. The number of fragments is required number_of_routing_shards split factor, i.e. a fractal number_of_routing_shards piece after multiple split.
For example, the original master slice 5, the index 30 number_of_routing_shards =, situations can be resolved as follows:
5 → 10 → 30 (Split by 2, by the then. 3)
5 → 15 → 30 (by Split. 3, the then 2 by)
. 5 → 30 (by Split. 6)
(. 1) is set to read only the source index
PUT /my_source_index/_settings
{
"settings": {
"index.blocks.write": true
}
}
(2) migration
POST my_source_index/_split/my_target_index
{
"settings": {
"index.number_of_shards": 3
}
}
Note: Split the conditions must be met:
- there must not be a target index
- the main debris index must be less than the target index.
- Main target number of fragments must be the index number of the main fragments a source index factor.
- processing node splitting process must have enough free disk space to accommodate a second copy of an existing index
9. Using the alias automatically redirected to abandon the old index and the new index
(1) to create an index and bring alias
PUT /logs-000001
{
"aliases": {
"logs_write": {}
}
}
(2) is provided to generate a new index rules
POST /logs_write/_rollover
{
"conditions": {
"max_age": "7d", // 7天
"max_docs": 1000, // 1000行
"max_size": "5gb" // 5GB
}
}
Since that is logs-000001 file inception survived seven days or maximum number of documents indexed more than 10 or more than 5GB maximum master slice is created automatically logs-000002 its index generation rule: If the name of an existing index to - and end with a number, For example logs-000001, and then the name of the new index will follow the same pattern, incrementing number (logs-000002). If not to - end with a number and you need to customize the name
POST /logs_write/_rollover/my_new_index_name
{
"conditions": {
"max_age": "7d",
"max_docs": 1000,
"max_size": "5gb"
}
}
10. The freeze / thaw index (frozen index can not write to)
POST /my_index/_freeze
POST /my_index/_unfreeze
Fourth, the data related to the operation (in accordance with the base operation ID)
1. Insert data
altogether four ways: _doc and _create difference is that, _doc is inserted if the data already exists is updated, but only inserted _create there is no data ; default if the inserted index is created automatically and no mapping exists, may not be allowed to automatically created by setting, to set the parameters: action.auto_create_index
PUT /<index>/_doc/<_id> POST /<index>/_doc/ PUT /<index>/_create/<_id> POST /<index>/_create/<_id>
(1) ID inserted increment (using a POST request)
POST my-index/_doc
{
"age": 0
}
(2) insertion to create their own ID (a PUT request)
PUT my-index/_doc/2
{
"age": 0
}
2. Data Find
a total of four ways: GET data acquisition, data exists to verify whether HEAD; default is refreshed each time the GET index to ensure that data is up to date, you can turn this feature off by setting: realtime = false achieved; _source return only Fields (specify which field returns) returns the index of all the information _doc;
GET <index>/_doc/<_id> HEAD <index>/_doc/<_id> GET <index>/_source/<_id> HEAD <index>/_source/<_id>
3. Delete Data
DELETE /<index>/_doc/<_id>
4. Update Data
POST /<index>/_update/<_id>
(1) General modifications, of course, can also override the data field insert mode
POST test/_update/1
{
"doc" : {
"name" : "new_name"
}
}
(2) modify the script to use (default is to use ES script)
POST test/_update/1
{
"script" : {
"source": "ctx._source.counter +=
params.count",
"lang": "painless",
"params" : {
"count" : 4
}
}
}
V. query
1. In accordance with the conditions paging query (QUERY specifically related to operating documents refer to the official website: https: //www.elastic.co/guide/en/elasticsearch/reference/7.x/query-dsl.html)
POST test/_search
{
"query": {
"match_all": {
}
// "match": {
// "filedName": xxx
// }
},
"sort": [
{
"counter": {
"order": "asc"
}
}
],
"from": 1,
"size": 1
}
2. The aggregate queries (aggs: aggregate query keywords; see the official website of the document: https: //www.elastic.co/guide/en/elasticsearch/reference/7.x/search-aggregations.html)
POST test/_search
{
"aggs": {
"avg_grade": {
"avg": {
"field": "counter"
}
}
}
}
3. Fuzzy query (see specific official document: https: //www.elastic.co/guide/en/elasticsearch/reference/7.x/query-dsl-query-string-query.html)
POST test/_search
{
"query": {
"query_string": {
"query": 1,
"fields": ["counter"]
}
}
}