詳解windows 環境下搭建electricSearch+kibana
1.ES7.3.2 + kibana + ik-smart 百度網盤下載地址:https://pan.baidu.com/s/1eCKTYoosXl8NfX37EwjyWA
提取碼:ibcf
kibana 操作文檔
GET _search
{
"query": {
"match_all": {}
}
}
### 查看集群健康信息
GET /_cat/health?v
### 幫助
GET /_cat/health?help
### 查看集群中節點信息
GET /_cat/nodes?v
### 查看集群中索引信息
GET /_cat/indices?v
### 精簡信息
GET /_cat/indices?v&h=health,status,index
### 創建索引
PUT /baizhi
### 刪除索引
DELETE /baizhi
### 創建類型mapping
POST /baizhi/user
{
"user": {
"properties": {
"id": { "type": "text" },
"name": { "type": "text" },
"age": { "type": "integer" },
"created": {
"type": "date",
"format": "strict_date_optional_time || epoch_millis"
}
}
}
}
### 查看類型mapping
GET /baizhi/_mapping
### 新增單個文檔
PUT /baizhi/user/1
{
"name":"zs",
"title":"張三",
"age":18,
"created":"2018-12-25"
}
### 查詢所有文檔
GET /zpark/user/_search
### 指定id查詢單個文檔
GET /baizhi/user/1
### 修改單個文檔
PUT /baizhi/user/1
{
"name": "lxs",
"title": "李小四"
}
### 刪除單個文檔
DELETE /baizhi/user/1
### 批量新增
POST /baizhi/user/_bulk
{"index":{}}
{"name":"ww","title":"王五","age":18,"created":"2018-12-27"}
{"index":{}}
{"name":"zl","title":"趙六","age":25,"created":"2018-12-27"}
### 批量刪除
POST /baizhi/user/_bulk
{"update":{"_id":"K38E728BJ1QbWBSobMEC"}}
{"doc":{"title":"王小五"}}
{"delete":{"_id":"LH8E728BJ1QbWBSobMEC"}}
##############進階##############
########### 查詢(Query)
# 批量插入測試數據
POST /zpark/user/_bulk
{"index":{"_id":1}}
{"name":"zs","realname":"張三","age":18,"birthday":"2018-12-27","salary":1000.0,"address":"北京市昌平區沙陽路55號"}
{"index":{"_id":2}}
{"name":"ls","realname":"李四","age":20,"birthday":"2017-10-20","salary":5000.0,"address":"北京市朝陽區三裡屯街道21號"}
{"index":{"_id":3}}
{"name":"ww","realname":"王五","age":25,"birthday":"2016-03-15","salary":4300.0,"address":"北京市海淀區中關村大街新中關商城2樓511室"}
{"index":{"_id":4}}
{"name":"zl","realname":"趙六","age":20,"birthday":"2003-04-19","salary":12300.0,"address":"北京市海淀區中關村軟件園9號樓211室"}
{"index":{"_id":5}}
{"name":"tq","realname":"田七","age":35,"birthday":"2001-08-11","salary":1403.0,"address":"北京市海淀區西二旗地鐵輝煌國際大廈負一樓"}
### 查看所有並按照年齡降序排列
GET /zpark/user/_search
{
"query": {
"match_all": {}
},
"sort": {
"age": "desc"
}
}
### 查詢第2頁的用戶(每頁顯示2條)
GET /zpark/user/_search
{
"query": {
"match_all": {}
},
"sort": {
"age": "desc"
},
"from": 2,
"size": 2
}
### 查詢address在海淀區的所有用戶,並高亮
GET /zpark/user/_search
{
"query": {
"match": {
"address": {
"analyzer": "ik_max_word",
"query": "海淀區"
}
}
},
"highlight": {
"fields": {
"address": {}
}
}
}
### 設置索引分詞器
PUT /zpark
{
"settings" : {
"index" : {
"analysis.analyzer.default.type": "ik_smart"
}
}
}
### 查詢name是zs關鍵字的用戶
GET /zpark/user/_search
{
"query":{
"term": {
"name": {
"value": "zs"
}
}
}
}
### 查詢年齡在20~30歲之間的用戶
GET /zpark/user/_search
{
"query": {
"range": {
"age": {
"gte": 20,
"lte": 30
}
}
}
}
### 查詢真實姓名以李開頭的用戶
GET /zpark/user/_search
{
"query": {
"prefix": {
"realname": {
"value": "李"
}
}
}
}
### 查詢名字以s結尾的用戶
GET /zpark/user/_search
{
"query": {
"wildcard": {
"name": {
"value": "*s"
}
}
}
}
### 查詢id為1,2,3的用戶
GET /zpark/user/_search
{
"query": {
"ids": {
"values": [1,2,3]
}
}
}
### 模糊查詢realname中包含張關鍵字的用戶
GET /zpark/user/_search
{
"query": {
"wildcard": {
"realname": {"value": "*張*"}
}
}
}
### 查詢age在15-30歲之間並且name必須通配z*
GET /zpark/user/_search
{
"query": {
"bool": {
"must": [
{
"range": {
"age": {
"gte": 15,
"lte": 30
}
}
},
{
"wildcard": {
"name": {
"value": "z*"
}
}
}
],
"must_not": [
{
"regexp": {
"name": ".*s"
}
}
]
}
}
}
############# 過濾器(Filter)
### 其實準確來說,ES中的查詢操作分為2種:查詢(query)和過濾(filter)。查詢即是之前提到的query查詢,它(查詢)默認會計算每個返回文檔的得分,然後根據得分排序。而過濾(filter)隻會篩選出符合的文檔,並不計算得分,且它可以緩存文檔。所以,單從性能考慮,過濾比查詢更快。
### 換句話說,過濾適合在大范圍篩選數據,而查詢則適合精確匹配數據。一般應用時,應先使用過濾操作過濾數據,然後使用查詢匹配數據。
### 過濾器使用 ranage filter
GET /zpark/user/_search
{
"query":{
"bool": {
"must": [
{"match_all": {}}
],
"filter": {
"range": {
"age": {
"gte": 25
}
}
}
}
}
}
### term、terms Filter term、terms的含義與查詢時一致。term用於精確匹配、terms用於多詞條匹配
GET /zpark/user/_search
{
"query":{
"bool": {
"must": [
{"match_all": {}}
],
"filter": {
"terms": {
"name": [
"zs",
"ls"
]
}
}
}
}
}
### exists filter exists過濾指定字段沒有值的文檔
GET /zpark/user/_search
{
"query": {
"bool": {
"must": [
{
"match_all": {}
}
],
"filter": {
"exists": {
"field": "salary"
}
}
}
},
"sort": [
{
"_id": {
"order": "asc"
}
}
]
}
### ids filter 需要過濾出若幹指定_id的文檔,可使用標識符過濾器(ids)
GET /zpark/user/_search
{
"query": {
"bool": {
"must": [
{
"match": {
"address": "昌平區"
}
}
],
"filter": {
"ids": {
"values": [
1,
2,
3
]
}
}
}
},"highlight": {
"fields": {
"address": {}
}
}
}
#############聚合(Aggregations)
### 度量(metric)聚合
POST /zpark/user/_search
{
"aggs": {
"age_avg": {
"avg": {"field": "age"}
}
}
}
### 先過濾,再進行統計,如:
POST /zpark/user/_search
{ "query": {
"ids": {
"values":[1,2,3]
}
},
"aggs": {
"age_avg": {
"avg": {"field": "age"}
}
}
}
### 最大值查詢。如:查詢員工的最高工資
POST /zpark/user/_search
{
"aggs": {
"max_salary": {
"max": {
"field": "salary"
}
}
}
}
### 統計查詢,一次性統計出某個字段上的常用統計值
POST /zpark/user/_search
{
"aggs": {
"max_salary": {
"stats": {
"field": "salary"
}
}
}
}
### 桶(bucketing)聚合 自定義區間范圍的聚合,我們可以自己手動地劃分區間,ES會根據劃分出來的區間將數據分配不同的區間上去。
### 統計0-20歲,20-35歲,35~60歲用戶人數
POST /zpark/user/_search
{
"aggs": {
"age_ranges": {
"range": {
"field": "age",
"ranges": [
{
"from": 0,
"to": 20
},
{
"from": 20,
"to": 35
},
{
"from": 35,
"to": 60
}
]
}
}
}
}
### 根據年齡分組,統計相同年齡的用戶
POST /zpark/user/_search
{
"aggs": {
"age_counts":{
"terms": {
"field": "age",
"size": 2
}
}
}
}
### 時間區間聚合專門針對date類型的字段,它與Range Aggregation的主要區別是其可以使用時間運算表達式。
### now+10y:表示從現在開始的第10年。
### now+10M:表示從現在開始的第10個月。
### 1990-01-10||+20y:表示從1990-01-01開始後的第20年,即2010-01-01。
### now/y:表示在年位上做舍入運算。
### 統計生日在2018年、2017年、2016年的用戶
POST /zpark/user/_search
{
"aggs": {
"date_counts": {
"date_range": {
"field": "birthday",
"format": "yyyy-MM-dd",
"ranges": [
{
"from": "now/y",
"to": "now"
},
{
"from": "now/y-1y",
"to":"now/y"
},
{
"from": "now/y-2y",
"to":"now/y-1y"
}
]
}
}
}
}
### 嵌套使用
### 聚合操作是可以嵌套使用的。通過嵌套,可以使得metric類型的聚合操作作用在每一bucket上。我們可以使用ES的嵌套聚合操作來完成稍微復雜一點的統計功能。
### 如:統計每年中用戶的最高工資
POST /zpark/user/_search
{
"aggs": {
"date_histogram": {
"date_histogram": {
"field": "birthday",
"interval": "year",
"format": "yyyy-MM-dd"
},
"aggs": {
"salary_max": {
"max": {
"field": "salary"
}
}
}
}
}
}
到此這篇關於windows 環境下搭建electricSearch+kibana的文章就介紹到這瞭,更多相關windows 環境搭建electricSearch+kibana內容請搜索WalkonNet以前的文章或繼續瀏覽下面的相關文章希望大傢以後多多支持WalkonNet!
推薦閱讀:
- Elasticsearch查詢之Term Query示例解析
- elasticsearch bucket 之rare terms聚合使用詳解
- Elasticsearch屬性單詞常用解析說明
- python中如何實現鏈式調用
- Elasticsearch中store field與non-store field的區別說明