Skip to content

ElasticSearch

Jump to bottom Edit New page
Hunter Wu edited this page Jan 16, 2019 · 1 revision

cheatsheet

conf

  • /etc/elasticsearch/elasticsearch.yml
  • /etc/sysconfig/elasticsearch
  • /etc/sysconfig/kibana

elasticsearch.yml

  • Memory Settings
  • mlockall
bootstrap.mlockall: true
  • a small index
index.number_of_shards: 1
index.number_of_replicas: 0

plugins

  • /usr/share/elasticsearch
  • bin/plugin install lmenezes/elasticsearch-kopf/2.0
  • bin/plugin install license
  • bin/plugin install marvel-agent
  • bin/kibana plugin --install elasticsearch/marvel/latest

Examples

count API

http://127.0.0.1:9200/index-2016.01.01/indextype/_count?q=

query DSL

{
    "query" : {
        "query_string" : {
            "query" : "name:filedName AND status:1"
        }
    }
}

{
    "query" : {
        "match" : {
            "name" : "search_result_statistic"
        }
    }
}

{
    "query" : {
        "bool": {
            "must": [
                { "match" : { "name" : "filedName" } },
                { "match" : { "status" : "1" } }
            ]
        }
    }
}

{
    "query" : {
        "bool": {
            "must": [
                { "match" : { "name" : "filedName" } },
                { "match" : { "status" : "1" } }
            ],
            "filter" : {
                "or" : [
                    { "term" : { "code" : "101"} },
                    { "term" : { "code" : "102"} }
                ]
            }
        }
    }
}

aggregation

{
  "size": 0,
  "aggregations": {
    "top": {
      "terms": {
        "field":"FieldName",
        "size": 100
      }
    }
  }
}

{
  "aggregations": {
    "Status1": {
      "filter": {
        "term" : { "Status" : "1"}
      }
    },
    "Status2": {
      "filter": {
        "term" : { "Status" : "2"}
      }
    }
  }
}

{
  "aggregations": {
    "TwoFields": {
      "filter": {
        "bool" : {
          "must" : [
            {"term" : { "FirstField" : "1" }},
            {"term" : { "SecondField" : "2" }}
          ]
        }
      }
    }
  }
}

{
    "aggregations": {
        "top_source": {
            "terms": {
                "field": "DataSource",
                "size": 10
            },
            "aggs": {
                "inc0" : {
                    "filter" : {
                        "term" : { "IncomingCall" : "0"}
                    }
                },
                "inc1" : {
                    "filter" : {
                        "term" : { "IncomingCall" : "1"}
                    }
                },
                "inc2" : {
                    "filter" : {
                        "term" : { "IncomingCall" : "2"}
                    }
                },
                "inc3" : {
                    "filter" : {
                        "term" : { "IncomingCall" : "3"}
                    }
                }
            }
        }
    }
}
  • Top Count with Average
'body' => [
    'query' => [
        'range' => [
            '@timestamp' => [
                'gte' => 1000*(time() - 1*60),
            ],
        ],
    ],
    'aggregations' => [
        'top_request' => [
            'terms' => [
                'field' => 'request',
                'size' => 30,
            ],
            'aggs' => [
                'avg_time' => [
                    'avg' => [
                        'field' => 'upstream_response_time',
                    ],
                ],
            ],
        ],
    ],
],
Add a custom footer
Add a custom sidebar
Clone this wiki locally