Elasticsearch Date类型使用技巧
elasticsearch原生支持date类型。这里简单记录下使用的方法。
使用date类型可以用如下两种方式:
-
使用毫秒的时间戳,直接将毫秒值传入即可。
-
传入格式化的字符串,默认是ISO 8601标准,例如
2015-02-27T00:07Z(零时区)、2015-02-27T08:07+08:00(东八区),这两个时间实际是同一个,只是时区不同。另外还可以自定义时间格式,参见es的文档。但个人不建议使用自定义格式,设置不当容易遇到时区问题。在php中获取ISO 8601标准的时间很简单,date('c',time())即可。
elasticsearch默认会自动识别date类型,如果想关闭该功能,修改mapping的设置'date_detection' => false即可 。
贴下我的代码:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 | package com.osp.log.service.impl;import java.text.DecimalFormat;import java.util.HashMap;import java.util.LinkedList;import java.util.List;import java.util.Map;import javax.ws.rs.core.Response;import org.elasticsearch.action.search.SearchResponse;import org.elasticsearch.action.search.SearchType;import org.elasticsearch.client.transport.TransportClient;import org.elasticsearch.common.text.Text;import org.elasticsearch.common.xcontent.XContentType;import org.elasticsearch.index.query.BoolQueryBuilder;import org.elasticsearch.index.query.QueryBuilders;import org.elasticsearch.search.SearchHit;import org.elasticsearch.search.SearchHits;import org.elasticsearch.search.aggregations.AggregationBuilders;import org.elasticsearch.search.aggregations.bucket.terms.Terms;import org.elasticsearch.search.aggregations.bucket.terms.Terms.Bucket;import org.elasticsearch.search.aggregations.bucket.terms.TermsAggregationBuilder;import org.elasticsearch.search.aggregations.metrics.avg.AvgAggregationBuilder;import org.elasticsearch.search.aggregations.metrics.avg.InternalAvg;import org.elasticsearch.search.fetch.subphase.highlight.HighlightBuilder;import org.elasticsearch.search.sort.SortOrder;import org.springframework.stereotype.Service;import com.osp.common.json.JsonUtil;import com.osp.log.config.ESConfig;import com.osp.log.model.SearchModel;import com.osp.log.model.SearchResultBean;import com.osp.log.model.TomcatModel;import com.osp.log.service.SearchService;import com.osp.log.util.ESUtil;import com.osp.log.util.TimeUtils;/** * 关键字搜索 * * @author zhangmingcheng 2017-09-26 */@Servicepublic class SearchServiceImpl implements SearchService { public static final String INDEX_NAME = "logstash-apacheaccesslog*"; // 索引名称 public static final String INDEX_TYPE = "logs"; // 索引类型 /** * 关键字搜索 * * @param q * 关键词 * @param page * 页码 * @param pageSize * 页数大小 * @param ip * 请求客户端ip * @param city * 请求客户端所在城市 * @return */ @Override public SearchResultBean getSearchesult(String keyword, String ip, String city, Integer page, Integer pagesize) { TransportClient client = ESUtil.getClient(); BoolQueryBuilder boolQueryBuilder = new BoolQueryBuilder(); if (keyword.isEmpty()) { boolQueryBuilder.must(QueryBuilders.matchAllQuery()); } else { boolQueryBuilder.must(QueryBuilders.multiMatchQuery(keyword, "request", "verb", "clientip", "message", "path", "response", "host", "timestamp")); } /** * 高亮设置 */ HighlightBuilder hiBuilder = new HighlightBuilder(); hiBuilder.preTags("<span class=\'pointKey\'>"); hiBuilder.postTags("</span>"); hiBuilder.field("request", 50); hiBuilder.field("message", 30); /** * 开始搜索 */ SearchResponse response = client.prepareSearch(SearchServiceImpl.INDEX_NAME) .setTypes(SearchServiceImpl.INDEX_TYPE).setSearchType(SearchType.DEFAULT).setQuery(boolQueryBuilder) .setFrom(pagesize * (page - 1)).setSize(pagesize).highlighter(hiBuilder).setExplain(true) // 设置是否按查询匹配度排序 .get(); SearchHits myhits = response.getHits(); LinkedList<TomcatModel> newsList = new LinkedList<>(); for (SearchHit hit : myhits) { Map<String, Object> map = hit.getSource(); TomcatModel tomcatModel = new TomcatModel(); String request = this.getHighlightFieldString(hit, "request"); String message = this.getHighlightFieldString(hit, "message"); if (request.isEmpty()) { tomcatModel.setRequest((String) map.get("request")); } else { tomcatModel.setRequest(request); } if (message.isEmpty()) { tomcatModel.setMessage((String) map.get("message")); } else { tomcatModel.setMessage(message); } tomcatModel.setPath((String) map.get("path")); tomcatModel.setClientip((String) map.get("clientip")); tomcatModel.setResponse((String) map.get("response")); tomcatModel.setType((String) map.get("verb")); tomcatModel.setTimestamp((String) map.get("timestamp")); newsList.add(tomcatModel); } /** * 记录本次客户端查询:翻页不存储 */ String usetime = response.getTook().toString(); if (page == 1) { String json = JsonUtil.beanToJson(new SearchModel(keyword, TimeUtils.getCurrentTime(), ip, city, Integer.parseInt(usetime.substring(0, usetime.length() - 2)), System.currentTimeMillis())); client.prepareIndex(ESConfig.SEARCHINDEX, ESConfig.SEARCHTYPE).setSource(json, XContentType.JSON).get(); } /** * 开始存储结果 */ SearchResultBean searchResult = new SearchResultBean(); searchResult.setPage(page); searchResult.setPagesize(pagesize); searchResult.setTotal(myhits.getTotalHits()); searchResult.setUsetime(usetime); searchResult.setNewsList(newsList); return searchResult; } /** * 获取搜索统计数据 */ @Override public Response getcount() { HashMap<String, Object> RealReult = new HashMap<>(); TransportClient client = getClient(); TermsAggregationBuilder agg_clientip = AggregationBuilders.terms("cilentip_count").field("clientip"); AvgAggregationBuilder avg_usetime = AggregationBuilders.avg("avg_usetime").field("usetime"); TermsAggregationBuilder agg_message = AggregationBuilders.terms("agg_message").field("message"); SearchResponse response = client.prepareSearch(ESConfig.SEARCHINDEX).setTypes(ESConfig.SEARCHTYPE) .addAggregation(agg_clientip).addAggregation(avg_usetime).addAggregation(agg_message) .setQuery(QueryBuilders.matchAllQuery()).execute().actionGet(); /** * 搜索次数 */ RealReult.put("total", response.getHits().getTotalHits()); /** * 统计访问人数 */ Terms terms = response.getAggregations().get("cilentip_count"); List<Bucket> buckets = terms.getBuckets(); RealReult.put("people", buckets.size()); /** * 统计平均搜索用时 */ InternalAvg avg = response.getAggregations().get("avg_usetime"); DecimalFormat df = new DecimalFormat("#.00"); RealReult.put("avgUsetime", df.format(avg.getValue()).trim() + "ms"); /** * 统计最多搜索的10个词(聚合默认返回10个值) */ Terms messageTerms = response.getAggregations().get("agg_message"); List<Bucket> messageBuckets = messageTerms.getBuckets(); LinkedList<TopWord> result = new LinkedList<TopWord>(); for (Bucket bucket : messageBuckets) { TopWord topWord = new TopWord(); topWord.set_id((String) bucket.getKey()); topWord.setCount((int) bucket.getDocCount()); result.add(topWord); } RealReult.put("Top", result); return Response.status(200).entity(RealReult).build(); } /** * 获取历史搜索记录 */ @Override public String getHistoryList(Integer page, Integer pagesize) { LinkedList<Map<String, Object>> result = new LinkedList<>(); TransportClient client = getClient(); SearchResponse response = client.prepareSearch(ESConfig.SEARCHINDEX).setTypes(ESConfig.SEARCHTYPE) .setQuery(QueryBuilders.matchAllQuery()).addSort("createDate", SortOrder.DESC) .setFrom(pagesize * (page - 1)).setSize(pagesize).get(); SearchHits myhits = response.getHits(); for (SearchHit hit : myhits) { Map<String, Object> hitmap = hit.getSource(); HashMap<String, Object> map = new HashMap<>(); map.put("q", hitmap.get("message")); map.put("usetime", hitmap.get("usetime")); map.put("city", hitmap.get("city")); map.put("ip", hitmap.get("clientip")); map.put("total", myhits.getTotalHits()); map.put("time", hitmap.get("timestamp")); result.add(map); } HashMap<String, Object> RealReult = new HashMap<>(); RealReult.put("rows", result); RealReult.put("total", myhits.getTotalHits()); return JsonUtil.beanToJson(RealReult); } public String getHighlightFieldString(SearchHit hit, String field) { String content = ""; if (hit.getHighlightFields().containsKey(field)) { Text[] text = hit.getHighlightFields().get(field).getFragments(); for (Text str : text) { content = content + str; } } return content; } public TransportClient getClient() { return ESUtil.getClient(); } class TopWord { private String _id; private int count; public String get_id() { return _id; } public void set_id(String _id) { this._id = _id; } public int getCount() { return count; } public void setCount(int count) { this.count = count; } }} |
分类:
日志
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· .NET Core 中如何实现缓存的预热?
· 从 HTTP 原因短语缺失研究 HTTP/2 和 HTTP/3 的设计差异
· AI与.NET技术实操系列:向量存储与相似性搜索在 .NET 中的实现
· 基于Microsoft.Extensions.AI核心库实现RAG应用
· Linux系列:如何用heaptrack跟踪.NET程序的非托管内存泄露
· TypeScript + Deepseek 打造卜卦网站:技术与玄学的结合
· 阿里巴巴 QwQ-32B真的超越了 DeepSeek R-1吗?
· 【译】Visual Studio 中新的强大生产力特性
· 张高兴的大模型开发实战:(一)使用 Selenium 进行网页爬虫
· 【设计模式】告别冗长if-else语句:使用策略模式优化代码结构