全局语句

  1. # 查询es中所有的Index
  2. GET _cat/indices
  3. #查看集群健康状况
  4. GET _cat/health
  5. #查看全部索引信息
  6. GET _all
  7. #查看所有别名对应信息
  8. GET _cat/aliases
  9. #增加一个库
  10. PUT test
  11. #删除一个库
  12. DELETE test
  13. #查询索引信息
  14. GET test
  15. #集群命令
  16. #"action.auto_create_index" 允许根据数据自动创建index
  17. #"action.destructive_requires_name" 删除index需要提供name,防止 delete *
  18. PUT _cluster/settings
  19. {
  20. "persistent": {
  21. "action.auto_create_index": "true",
  22. "action.destructive_requires_name": "true"
  23. }
  24. }
  25. #添加分片数量、副本数量、字段映射
  26. PUT property_2_t2
  27. {
  28. "settings" : {
  29. "number_of_shards" : 3,
  30. "number_of_replicas" : 2
  31. },
  32. "mappings" : {
  33. "properties" : {
  34. "deviceNo": {
  35. "type": "keyword"
  36. },
  37. "metric": {
  38. "type": "keyword"
  39. },
  40. "numValue": {
  41. "type": "double"
  42. },
  43. "value": {
  44. "type": "keyword"
  45. },
  46. "objectValue": {
  47. "type": "nested"
  48. },
  49. "timestamp": {
  50. "type": "date"
  51. }
  52. }
  53. }
  54. }

插入数据

  1. #插入一条商品数据 库名/表名/一条数据的id号
  2. PUT /ecommerce/product/1
  3. {
  4. "name":"puma 公文包",
  5. "desc":"包",
  6. "price":210,
  7. "producer":"puma producer",
  8. "tags":"商务 包包"
  9. }
  10. post /ecommerce/product
  11. {
  12. "name" : "puma 衬衣",
  13. "desc" : "衣服",
  14. "price" : 160,
  15. "producer" : "puma producer",
  16. "tags" : "休闲"
  17. }
  18. post /ecommerce/product
  19. {
  20. "name" : "puma 公文包",
  21. "desc" : "包",
  22. "price" : 210,
  23. "producer" : "puma producer",
  24. "tags" : "商务"
  25. }
  26. post /ecommerce/product
  27. {
  28. "name" : "dior cherry",
  29. "desc" : "奢侈品",
  30. "price" : 120,
  31. "producer" : "dior producer",
  32. "tags" : "奢侈"
  33. }
  34. post /ecommerce/product
  35. {
  36. "name" : "dior 项链",
  37. "desc" : "项链",
  38. "price" : 2700,
  39. "producer" : "dior producer",
  40. "tags" : "奢侈"
  41. }
  42. post /ecommerce/product
  43. {
  44. "name" : "dior 包包",
  45. "desc" : "奢侈品",
  46. "price" : 2600,
  47. "producer" : "dior producer",
  48. "tags" : "高端"
  49. }
  50. post /ecommerce/product
  51. {
  52. "name" : "海澜之家 衬衣",
  53. "desc" : "商务 休闲",
  54. "price" : 120,
  55. "producer" : "海澜之家 producer",
  56. "tags" : "休闲"
  57. }
  58. #指定id生成
  59. put /my_index/my_type/1
  60. {
  61. "test_fields":"test"
  62. }
  63. get /my_index/my_type/1
  64. #自动生成id号
  65. post /my_index/my_type
  66. {
  67. "test_fields":"test2"
  68. }

批量插入数据

ES bulk api

  1. #批量插入数据
  2. PUT /library/book/_bulk?refresh
  3. {"index":{"_id": "Leviathan Wakes"}}
  4. {"name": "Leviathan Wakes", "author": "James S.A. Corey", "release_date": "2011-06-02", "page_count": 561}
  5. {"index":{"_id": "Hyperion"}}
  6. {"name": "Hyperion", "author": "Dan Simmons", "release_date": "1989-05-26", "page_count": 482}
  7. {"index":{"_id": "Dune"}}
  8. {"name": "Dune", "author": "Frank Herbert", "release_date": "1965-06-01", "page_count": 604}
  9. POST _bulk
  10. { "index" : { "_index" : "test", "_id" : "1" } }
  11. { "field1" : "value1" }
  12. { "delete" : { "_index" : "test", "_id" : "2" } }
  13. { "create" : { "_index" : "test", "_id" : "3" } }
  14. { "field1" : "value3" }
  15. { "update" : {"_id" : "1", "_index" : "test"} }
  16. { "doc" : {"field2" : "value2"} }

修改

  1. #修改商品数据(全局更新,不推荐)
  2. PUT /ecommerce/product/1
  3. {
  4. "name":"dior cherry",
  5. "desc":"奢侈品",
  6. "price":2700,
  7. "producer":"dior producer",
  8. "tags":"奢侈"
  9. }
  10. #下面这种会丢失数据
  11. PUT /ecommerce/product/1
  12. {
  13. "price":2800
  14. }
  15. # 推荐使用的更新,只更新指定字段
  16. POST /ecommerce/product/3/_update
  17. {
  18. "doc":{
  19. "tags" : "奢侈"
  20. }
  21. }

删除

  1. #删除数据 按照id删除
  2. DELETE /ecommerce/product/1

查询

ES 查询语句
ES 聚合查询

  1. # 查询格式
  2. #es不推荐指定my_type,这跟倒排索引的特性有关系,7.x里面仍然支持这种语法,但是8.x开始使用这种语法会报错,默认只有一个全局的type=_doc
  3. get /my_index/my_type/_search
  4. # 查询商品数据 /index/type/id
  5. GET /ecommerce/product/1
  6. #查看所有数据,类似于全表扫描
  7. GET ecommerce/product/_search
  8. # match_all 可以查询到所有文档,是没有查询条件下的默认语句。
  9. GET ecommerce/product/_search
  10. {
  11. "query":{
  12. "match_all": {
  13. }
  14. }
  15. }
  16. # 查询所有名称里面包含dior的商品,同时按价格进行降序排序,实现分页from开始 size个数
  17. GET ecommerce/product/_search
  18. {
  19. "query":{
  20. "match": {
  21. "name":"dior"
  22. }
  23. },
  24. "sort":[
  25. {
  26. "price":{
  27. "order":"desc"
  28. }
  29. }
  30. ],
  31. "from":0,
  32. "size":2
  33. }
  34. # 搜索名称里面包含dior的,并且价格大于250元的商品
  35. #如果需要多个查询条件拼接在一起就需要使用bool
  36. #bool 过滤可以用来合并多个过滤条件查询结果的布尔逻辑,它包含以下操作符:
  37. #must :: 多个查询条件的完全匹配,相当于 and。
  38. #must_not :: 多个查询条件的相反匹配,相当于 not。
  39. #should :: 至少有一个查询条件匹配, 相当于 or。
  40. get ecommerce/product/_search
  41. {
  42. "query":{
  43. "bool": {
  44. "must": [
  45. {
  46. "match": {
  47. "name": "dior"
  48. }
  49. }
  50. ],
  51. "filter": [
  52. {
  53. "range": {
  54. "price": {
  55. "gt": 250
  56. }
  57. }
  58. }
  59. ]
  60. }
  61. }
  62. }
  63. # 展示一个全文搜索 查询条件会进行分词dior cherry 3 ,然后取并集
  64. get ecommerce/product/_search
  65. {
  66. "query":{
  67. "match": {
  68. "name": "dior cherry3"
  69. }
  70. }
  71. }
  72. # 不要把条件分词,要精确匹配
  73. get ecommerce/product/_search
  74. {
  75. "query":{
  76. "match_phrase": {
  77. "name": "dior cherry3"
  78. }
  79. }
  80. }
  81. # 把查询结果进行高亮显示
  82. # <em>dior</em> <em>cherry3</em>这个标签是默认的标签,可以进行替换,输出到网页
  83. get ecommerce/product/_search
  84. {
  85. "query":{
  86. "match": {
  87. "name": "dior cherry3"
  88. }
  89. },
  90. "highlight":{
  91. "fields": {
  92. "name": {}
  93. }
  94. }
  95. }
  96. #聚合分析
  97. # 计算每个标签tag下商品的数量 select count(*) from product group by tag
  98. #对于非keyword类型的列需使用列名.keyword进行聚合查询,不加.keyword用于搜索和分词,加.keyword用于聚合查询
  99. #terms 跟 term 有点类似,但 terms 允许指定多个匹配条件。 如果某个字段指定了多个值,那么文档需要一起去做匹配
  100. #group_by_tag是个名字随意取
  101. get ecommerce/product/_search
  102. {
  103. "aggs":{
  104. "group_by_tag":{
  105. "terms": {
  106. "field": "tags.keyword"
  107. }
  108. }
  109. }
  110. }
  111. #查询商品名称里面包含dior的数据,并且按照tag进行分组,计算每个分组下的平均价格
  112. # terms 表示分组, avg表示平均值 group_by_tag和avg_price都是一个名字
  113. # 先对tags.keyword进行分组,然后按照price的平均值进行倒序
  114. get ecommerce/product/_search
  115. {
  116. "query": {
  117. "match": {
  118. "name": "dior"
  119. }
  120. },
  121. "aggs": {
  122. "group_by_tag": {
  123. "terms": {
  124. "field": "tags.keyword",
  125. "order": {
  126. "avg_price": "desc"
  127. }
  128. },
  129. "aggs": {
  130. "avg_price": {
  131. "avg": {
  132. "field": "price"
  133. }
  134. }
  135. }
  136. }
  137. }
  138. }
  139. # 查询出producer里面包含producer的数据,按照指定的价格区间进行分组,在每个组内再按tag进行分组,分完组以后再求每个组的平均价格,并且按照降序进行排序
  140. get ecommerce/product/_search
  141. {
  142. "query": {
  143. "match": {
  144. "producer": "producer"
  145. }
  146. },
  147. "aggs": {
  148. "group_price_range": {
  149. "range": {
  150. "field": "price",
  151. "ranges": [
  152. {
  153. "from": 50,
  154. "to": 250
  155. },
  156. {
  157. "from": 250,
  158. "to": 1000
  159. },
  160. {
  161. "from": 1000,
  162. "to": 5000
  163. }
  164. ]
  165. },
  166. "aggs": {
  167. "group_by_tag": {
  168. "terms": {
  169. "field": "tags.keyword",
  170. "order": {
  171. "avg_price": "desc"
  172. }
  173. },
  174. "aggs": {
  175. "avg_price": {
  176. "avg": {
  177. "field": "price"
  178. }
  179. }
  180. }
  181. }
  182. }
  183. }
  184. }
  185. }
  186. #复杂查询示例
  187. #查询deviceNo="hjhj" and (metric.keyword="InvertStatus_3" or metric.keyword="OutputFrequency")
  188. #聚合查询 group by metric.keyword order by timestamp limit 2 按照metric分组,按照时间倒序,每组抽取两条数据
  189. GET property_2_test/_search
  190. {
  191. "query": {
  192. "bool": {
  193. "must": [
  194. {
  195. "term": {
  196. "deviceNo.keyword": "hjhj"
  197. }
  198. },
  199. {
  200. "bool": {
  201. "should": [
  202. {
  203. "term": {
  204. "metric.keyword": "InvertStatus_3"
  205. }
  206. },
  207. {
  208. "term": {
  209. "metric.keyword": "OutputFrequency"
  210. }
  211. }
  212. ]
  213. }
  214. }
  215. ]
  216. }
  217. },
  218. "aggs": {
  219. "metric_group": {
  220. "terms": {
  221. "field": "metric.keyword"
  222. },
  223. "aggs": {
  224. "top_2_hits":{
  225. "top_hits": {
  226. "size": 2,
  227. "sort": {
  228. "timestamp":{
  229. "order":"desc"
  230. }
  231. }
  232. }
  233. }
  234. }
  235. }
  236. }
  237. }

查询2

  1. #数据准备
  2. PUT test1/doc/1
  3. {
  4. "title": "中国是世界上人口最多的国家"
  5. }
  6. PUT test1/doc/2
  7. {
  8. "title": "美国是世界上军事实力最强大的国家"
  9. }
  10. PUT test1/doc/3
  11. {
  12. "title": "北京是中国的首都"
  13. }
  14. #进行分词,中国拆分成“中”和“国”,包含任意一个字就会被匹配到
  15. GET test1/doc/_search
  16. {
  17. "query":{
  18. "match":{
  19. "title":"中国"
  20. }
  21. }
  22. }
  23. #短语查找,即不会分词,必须包含“中国”两个字才会被匹配
  24. GET test1/doc/_search
  25. {
  26. "query":{
  27. "match_phrase": {
  28. "title": "中国"
  29. }
  30. }
  31. }
  32. #我们搜索中国和世界这两个指定词组时,但又不清楚两个词组之间有多少别的词间隔。那么在搜的时候就要留有一些余地。这时就要用到了slop了。相当于正则中的中国.*?世界。这个间隔默认为0
  33. GET test1/doc/_search
  34. {
  35. "query":{
  36. "match_phrase":{
  37. "title":{
  38. "query": "中国世界",
  39. "slop": 2
  40. }
  41. }
  42. }
  43. }
  44. #数据准备
  45. PUT test2/doc/1
  46. {
  47. "title": "prefix1",
  48. "desc": "beautiful girl you are beautiful so"
  49. }
  50. PUT test2/doc/2
  51. {
  52. "title": "beautiful",
  53. "desc": "I like basking on the beach"
  54. }
  55. #最左前缀查询
  56. GET test2/doc/_search
  57. {
  58. "query": {
  59. "match_phrase_prefix": {
  60. "desc": "you are bea"
  61. }
  62. }
  63. }
  64. #使用短语查询就查不到结果
  65. #match匹配会对数据进行分词
  66. #match_phrase 不会对数据进行分词,短语查找
  67. #match_phrase_prefix 前缀匹配,即查找的数据中包含这个短语,比如 “beautiful girl you are beautiful so”
  68. #match_phrase 使用“bea" 查找结果为null
  69. #match_phrase_prefix 使用"bea"就可以查找到
  70. GET test2/doc/_search
  71. {
  72. "query": {
  73. "match_phrase": {
  74. "desc": "you are bea"
  75. }
  76. }
  77. }
  78. #max_expansion 参数理解 前缀查询会非常的影响性能,要对结果集进行限制,就加上这个参数。
  79. GET test2/doc/_search
  80. {
  81. "query": {
  82. "match_phrase_prefix": {
  83. "desc": {
  84. "query": "bea",
  85. "max_expansions": 10
  86. }
  87. }
  88. }
  89. }
  90. # multi_match是要在多个字段中查询同一个关键字
  91. GET test2/doc/_search
  92. {
  93. "query": {
  94. "multi_match": {
  95. "query": "beautiful",
  96. "fields": ["title","desc"]
  97. }
  98. }
  99. }
  100. #当设置属性 type:phrase 时 等同于 短语查询
  101. GET test1/doc/_search
  102. {
  103. "query": {
  104. "multi_match": {
  105. "query": "中国",
  106. "fields": ["title"],
  107. "type": "phrase"
  108. }
  109. }
  110. }
  111. #当设置属性 type:phrase_prefix时 等同于 最左前缀查询
  112. GET test2/doc/_search
  113. {
  114. "query": {
  115. "multi_match": {
  116. "query": "bea",
  117. "fields": ["desc"],
  118. "type": "phrase_prefix"
  119. }
  120. }
  121. }
  122. #数据准备
  123. POST test/doc
  124. {
  125. "name" : "wangfei",
  126. "age" : 27,
  127. "desc" : "热天还不让后人不认同"
  128. }
  129. POST /test/doc/
  130. {
  131. "doc":{
  132. "name" : "wangjifei",
  133. "age" : 27,
  134. "desc" : "生活就像 茫茫海上"
  135. }
  136. }
  137. POST test/doc
  138. {
  139. "name" : "wangyang",
  140. "age" : 30,
  141. "desc" : "点在我心内的几首歌"
  142. }
  143. GET test/_search
  144. # 单条件查询 name包含wangfei
  145. GET test/doc/_search
  146. {
  147. "query": {
  148. "bool": {
  149. "must": [
  150. {
  151. "match": {
  152. "name": "wangfei"
  153. }
  154. }
  155. ]
  156. }
  157. }
  158. }
  159. #### 多条件组合查询 name包含wangfei and age=27
  160. GET test/doc/_search
  161. {
  162. "query": {
  163. "bool": {
  164. "must": [
  165. {
  166. "match": {
  167. "name": "wangfei"
  168. }
  169. },{
  170. "match": {
  171. "age": 27
  172. }
  173. }
  174. ]
  175. }
  176. }
  177. }
  178. #name包含wangjifei or age=27
  179. GET test/doc/_search
  180. {
  181. "query": {
  182. "bool": {
  183. "should": [
  184. {
  185. "match": {
  186. "name": "wangjifei"
  187. }
  188. },{
  189. "match": {
  190. "age": 27
  191. }
  192. }
  193. ]
  194. }
  195. }
  196. }
  197. #name不包含wangjifei and age!=27
  198. #转义一下就是name包含wangjifei或age=27的全部不要
  199. GET test/doc/_search
  200. {
  201. "query": {
  202. "bool": {
  203. "must_not": [
  204. {
  205. "match": {
  206. "name": "wangjifei"
  207. }
  208. },{
  209. "match": {
  210. "age": 27
  211. }
  212. }
  213. ]
  214. }
  215. }
  216. }
  217. #查询name 包含wangjifei and age>=10 and age<27
  218. GET test/doc/_search
  219. {
  220. "query": {
  221. "bool": {
  222. "must": [
  223. {
  224. "match": {
  225. "name": "wangjifei"
  226. }
  227. }
  228. ],
  229. "filter": {
  230. "range": {
  231. "age": {
  232. "gte": 10,
  233. "lt": 27
  234. }
  235. }
  236. }
  237. }
  238. }
  239. }
  240. #数据准备
  241. PUT test3/doc/1
  242. {
  243. "name":"顾老二",
  244. "age":30,
  245. "from": "gu",
  246. "desc": "皮肤黑、武器长、性格直",
  247. "tags": ["黑", "长", "直"]
  248. }
  249. #返回指定列
  250. GET test3/doc/_search
  251. {
  252. "query": {
  253. "match": {
  254. "name": "顾"
  255. }
  256. },
  257. "_source": ["name","age"]
  258. }
  259. #高亮显示name
  260. GET test3/doc/_search
  261. {
  262. "query": {
  263. "match": {
  264. "name": "顾老二"
  265. }
  266. },
  267. "highlight": {
  268. "fields": {
  269. "name": {}
  270. }
  271. }
  272. }
  273. #自定义高亮标签
  274. GET test3/doc/_search
  275. {
  276. "query": {
  277. "match": {
  278. "desc": "性格直"
  279. }
  280. },
  281. "highlight": {
  282. "pre_tags": "<b class='key' style='color:red'>",
  283. "post_tags": "</b>",
  284. "fields": {
  285. "desc": {}
  286. }
  287. }
  288. }
  289. #查找精确值
  290. GET test/doc/_search
  291. {
  292. "query": {
  293. "bool": {
  294. "should": [
  295. {
  296. "term": {
  297. "age":27
  298. }
  299. },{
  300. "term":{
  301. "age":28
  302. }
  303. }
  304. ]
  305. }
  306. }
  307. }
  308. # 第二个查询方式
  309. GET test/doc/_search
  310. {
  311. "query": {
  312. "terms": {
  313. "age": [
  314. "27",
  315. "28"
  316. ]
  317. }
  318. }
  319. }

别名 alias命令

ES 别名

  1. #查看所有索引
  2. GET _alias
  3. #查看指定index的索引
  4. GET my-data-stream/_alias
  5. #为已存在的index添加别名
  6. POST _aliases
  7. {
  8. "actions": [
  9. {
  10. "add": {
  11. "index": "logs-nginx.access-prod",
  12. "alias": "logs"
  13. }
  14. }
  15. ]
  16. }
  17. #批量添加使用*
  18. POST _aliases
  19. {
  20. "actions": [
  21. {
  22. "add": {
  23. "index": "logs-*",
  24. "alias": "logs"
  25. }
  26. }
  27. ]
  28. }
  29. #删除别名
  30. POST _aliases
  31. {
  32. "actions": [
  33. {
  34. "remove": {
  35. "index": "logs-nginx.access-prod",
  36. "alias": "logs"
  37. }
  38. }
  39. ]
  40. }
  41. #同时进行多个操作
  42. POST _aliases
  43. {
  44. "actions": [
  45. {
  46. "remove": {
  47. "index": "logs-nginx.access-prod",
  48. "alias": "logs"
  49. }
  50. },
  51. {
  52. "add": {
  53. "index": "logs-my_app-default",
  54. "alias": "logs"
  55. }
  56. }
  57. ]
  58. }
  59. #在模板里面预先提供alias
  60. # Component template with index aliases
  61. PUT _component_template/my-aliases
  62. {
  63. "template": {
  64. "aliases": {
  65. "my-alias": {}
  66. }
  67. }
  68. }
  69. # Index template with index aliases
  70. PUT _index_template/my-index-template
  71. {
  72. "index_patterns": [
  73. "my-index-*"
  74. ],
  75. "composed_of": [
  76. "my-aliases",
  77. "my-mappings",
  78. "my-settings"
  79. ],
  80. "template": {
  81. "aliases": {
  82. "yet-another-alias": {}
  83. }
  84. }
  85. }
  86. #创建Index的时候指定alias
  87. # PUT <my-index-{now/d}-000001>
  88. PUT %3Cmy-index-%7Bnow%2Fd%7D-000001%3E
  89. {
  90. "aliases": {
  91. "my-alias": {}
  92. }
  93. }

模板命令

ES index 模板
可以使用模板配置预定义的别名,settings和mappings等
创建模板 以前的api是使用_template,现在废弃了推荐使用_index_template,接口是一样的。
模板有两个_component_template和_index_template,_component_template不会直接应用到index,它是作为一个可重用的组件为_index_template提供服务。

  1. #创建模板
  2. PUT _index_template/xiot_dev_prop_template
  3. {
  4. "index_patterns": ["property_*_*"],
  5. "template": {
  6. "mappings": {
  7. "properties": {
  8. "deviceNo": {
  9. "type": "keyword"
  10. },
  11. "metric": {
  12. "type": "keyword"
  13. },
  14. "numValue": {
  15. "type": "double"
  16. },
  17. "objectValue": {
  18. "type": "nested"
  19. },
  20. "timestamp": {
  21. "type": "date"
  22. },
  23. "value": {
  24. "type": "keyword"
  25. }
  26. }
  27. }
  28. }
  29. }
  30. #index_patterns 应用模板的index模式,template 模板内容
  31. #priority优先级 越大越优先,version 版本,_meta元数据
  32. PUT _index_template/template_1
  33. {
  34. "index_patterns": ["te*", "bar*"],
  35. "template": {
  36. "settings": {
  37. "number_of_shards": 1
  38. },
  39. "mappings": {
  40. "_source": {
  41. "enabled": true
  42. },
  43. "properties": {
  44. "host_name": {
  45. "type": "keyword"
  46. },
  47. "created_at": {
  48. "type": "date",
  49. "format": "EEE MMM dd HH:mm:ss Z yyyy"
  50. }
  51. }
  52. },
  53. "aliases": {
  54. "mydata": { }
  55. }
  56. },
  57. "priority": 500,
  58. "composed_of": ["component_template1", "runtime_component_template"],
  59. "version": 3,
  60. "_meta": {
  61. "description": "my custom"
  62. }
  63. }
  64. #创建组件模板
  65. PUT _component_template/component_template1
  66. {
  67. "template": {
  68. "mappings": {
  69. "properties": {
  70. "@timestamp": {
  71. "type": "date"
  72. }
  73. }
  74. }
  75. }
  76. }
  77. PUT _component_template/runtime_component_template
  78. {
  79. "template": {
  80. "mappings": {
  81. "runtime": {
  82. "day_of_week": {
  83. "type": "keyword",
  84. "script": {
  85. "source": "emit(doc['@timestamp'].value.dayOfWeekEnum.getDisplayName(TextStyle.FULL, Locale.ROOT))"
  86. }
  87. }
  88. }
  89. }
  90. }
  91. }

关于日期的索引名称

参考文档
日期index使用支持 date math index name support
日期index处理器 date-index-name-processor

  1. #生成基于时间的index
  2. "date math index name support"
  3. #在kibana 控制台使用命令需要使用转义符,使用http api的时候不需要
  4. #格式 <static_name{date_math_expr{date_format|time_zone}}>
  5. #按年分 property_2_t2_yyyy
  6. PUT /<property_2_t2_{now{yyyy}}>
  7. PUT /%3Cproperty_2_t2_%7Bnow%7Byyyy%7D%7D%3E
  8. #按月分 property_2_t2_yyyy-MM
  9. PUT /<property_2_t2_{now{yyyy-MM}}>
  10. PUT /%3Cproperty_2_t2_%7Bnow%7Byyyy-MM%7D%7D%3E
  11. #按日分 property_2_t2_yyyy-MM-dd
  12. PUT /<property_2_t2_{now{yyyy-MM-dd}}>
  13. PUT /%3Cproperty_2_t2_%7Bnow%7Byyyy-MM-dd%7D%7D%3E
  14. #不分库 property_2_t2
  15. PUT property_2_t2
  16. PUT %3Cproperty_2_t2_%7Bnow%7Byyyy-MM-dd%7D%7D%3E
  17. #基于"date math index name support"的支持 可以根据指定的时间字段生成指定格式的索引
  18. "Date index name processor"
  19. #field 指定获取时间字段timestamp的数据,date_rounding 时间精确到日,
  20. #index_name_prefix 生成的索引的前缀,
  21. #index_name_format 时间的格式最后生成的是时间格式是 index_name_prefix+index_name_format
  22. #date_formats field指定字段的时间传入格式,这里传入的是时间戳
  23. #timezone 指定时区,我们比UTC多8个小时
  24. #按年创建
  25. PUT _ingest/pipeline/yearlyIndex
  26. {
  27. "description": "yearly xiot-device-date-time index naming",
  28. "processors": [
  29. {
  30. "date_index_name": {
  31. "field": "timestamp",
  32. "date_rounding": "d",
  33. "timezone": "GMT+8",
  34. "index_name_prefix": "{{{_index}}}_",
  35. "index_name_format": "yyyy",
  36. "date_formats": [
  37. "UNIX_MS"
  38. ]
  39. }
  40. }
  41. ]
  42. }
  43. #按月创建
  44. PUT _ingest/pipeline/monthlyIndex
  45. {
  46. "description": "monthly xiot-device-date-time index naming",
  47. "processors": [
  48. {
  49. "date_index_name": {
  50. "field": "timestamp",
  51. "date_rounding": "d",
  52. "timezone": "GMT+8",
  53. "index_name_prefix": "{{{_index}}}_",
  54. "index_name_format": "yyyy-MM",
  55. "date_formats": [
  56. "UNIX_MS"
  57. ]
  58. }
  59. }
  60. ]
  61. }
  62. #按日创建
  63. PUT _ingest/pipeline/dailyIndex
  64. {
  65. "description": "daily xiot-device-date-time index naming",
  66. "processors": [
  67. {
  68. "date_index_name": {
  69. "field": "timestamp",
  70. "date_rounding": "d",
  71. "timezone": "GMT+8",
  72. "index_name_prefix": "{{{_index}}}_",
  73. "index_name_format": "yyyy-MM-dd",
  74. "date_formats": [
  75. "UNIX_MS"
  76. ]
  77. }
  78. }
  79. ]
  80. }
  81. #使用 pipeline指定你创建的 pipeline的名称
  82. POST /property_2_t2/_doc?pipeline=monthlyindex
  83. {
  84. "metric": "s1",
  85. "deviceNo": "e32",
  86. "value": "200",
  87. "numValue": 200,
  88. "timestamp": 1649535178148
  89. }

mappings命令

  1. #创建字段映射
  2. PUT /my-index-000001
  3. {
  4. "mappings": {
  5. "properties": {
  6. "age": { "type": "integer" },
  7. "email": { "type": "keyword" },
  8. "name": { "type": "text" }
  9. }
  10. }
  11. }
  12. #添加到已存在的index字段映射/修改字段映射api,不能修改已有字段的属性,不然索引无效
  13. PUT /my-index-000001/_mapping
  14. {
  15. "properties": {
  16. "employee-id": {
  17. "type": "keyword",
  18. "index": false
  19. }
  20. }
  21. }
  22. #查看字段映射
  23. GET /my-index-000001/_mapping
  24. #查看指定字段
  25. GET /my-index-000001/_mapping/field/employee-id

其他命令

ES SQL支持

  1. #使用sql进行查询
  2. POST /_sql?format=txt
  3. {
  4. "query": "SELECT * FROM property_2_t2"
  5. }