Elasticsearch学习随笔(二)-- Index 和 Doc 查询新建API总结
本文着重总结Elasticsearch的常见API了,进行分析。
- Index API
- 初始化Index,设置shards和replica
PUT http://localhost:9200/firewall_syslog/
{
"settings":{
"index":{
"number_of_shards":5,
"number_of_replicas":0
}
}
}
可以得到创建成功的JSON返回:
{
"acknowledged": true,
"shards_acknowledged": true
}
2. 获得索引的详细信息:
获取单个索引信息:
GET http://localhost:9200/firewall_syslog/_settings/
返回JSON值:
{
"firewall_syslog": {
"settings": {
"index": {
"creation_date": "1499588503266",
"number_of_shards": "5",
"number_of_replicas": "0",
"uuid": "DTeXCyRcRGqhIMkBjupyLg",
"version": {
"created": "5040399"
},
"provided_name": "firewall_syslog"
}
}
}
}
获得多个索引:
GET http://localhost:9200/server_syslog,firewall_syslog/_settings/
可获得返回的JSON值:
{
"server_syslog": {
"settings": {
"index": {
"creation_date": "1499324705761",
"number_of_shards": "5",
"number_of_replicas": "0",
"uuid": "x_ke_3yhR2ycMPumgrDEvw",
"version": {
"created": "5040399"
},
"provided_name": "server_syslog"
}
}
},
"firewall_syslog": {
"settings": {
"index": {
"creation_date": "1499588503266",
"number_of_shards": "5",
"number_of_replicas": "0",
"uuid": "DTeXCyRcRGqhIMkBjupyLg",
"version": {
"created": "5040399"
},
"provided_name": "firewall_syslog"
}
}
}
}
获得所有索引信息:
GET http://localhost:9200/_all/_settings/
可获得返回JSON值:
{
"server_syslog": {
"settings": {
"index": {
"creation_date": "1499324705761",
"number_of_shards": "5",
"number_of_replicas": "0",
"uuid": "x_ke_3yhR2ycMPumgrDEvw",
"version": {
"created": "5040399"
},
"provided_name": "server_syslog"
}
}
},
"hardware_syslog": {
"settings": {
"index": {
"creation_date": "1499324723964",
"number_of_shards": "5",
"number_of_replicas": "0",
"uuid": "0Mmg81DJR0GWQ3JLTeyUbg",
"version": {
"created": "5040399"
},
"provided_name": "hardware_syslog"
}
}
},
"firewall_syslog": {
"settings": {
"index": {
"creation_date": "1499588503266",
"number_of_shards": "5",
"number_of_replicas": "0",
"uuid": "DTeXCyRcRGqhIMkBjupyLg",
"version": {
"created": "5040399"
},
"provided_name": "firewall_syslog"
}
}
}
}
3. 新建文档与内容
使用PUT来新建建Elasticsearch文档内容:
PUT http://localhost:9200/firewall_syslog/name/1/
{
"name": "cisco",
"version": "1.7.1",
"writer": {
"first": "larry",
"second": "tim"
},
"syslog": "1"
}
返回的JSON信息为:
{
"_index": "firewall_syslog",
"_type": "name",
"_id": "1",
"_version": 2,
"result": "updated",
"_shards": {
"total": 1,
"successful": 1,
"failed": 0
},
"created": false
}
4. 更新文档中的字段(覆盖更新与Update更新)
使用POST方法覆盖更新文档关键内容:
POST http://localhost:9200/firewall_syslog/name/1/
{
"name": "cisco",
"version": "1.7.3",
"writer": {
"first": "larry",
"second": "tim"
},
"syslog": "3"
}
返回JSON关键字updated:
{
"_index": "firewall_syslog",
"_type": "name",
"_id": "1",
"_version": 11,
"found": true,
"_source": {
"name": "cisco",
"version": "1.7.3",
"writer": {
"first": "larry",
"second": "tim"
},
"syslog": "3"
}
}
使用update接口更新文档内容,修改name字段为juniper:
POST http://localhost:9200/firewall_syslog/name/1/_update/
{
"doc":{
"name":"juniper"
}
}
返回JSON的值为:
{
"_index": "firewall_syslog",
"_type": "name",
"_id": "1",
"_version": 12,
"result": "updated",
"_shards": {
"total": 1,
"successful": 1,
"failed": 0
}
}
5. 搜索doc中的关键字段:
不过出了一些未知的小故障,题住用的是ELasticsearch 5.x版本。不知道为何在head中调用api无法实现以下内容。
GET http://localhost:9200/server_syslog/secure/1?_source=user/
后面将总结mget与bulk接口。
Q:471795876
Wechat:lesswindy
欢迎一切感兴趣的同行一同交流,黑产不接,谢谢。
