欢迎访问 生活随笔!
TAG聚合

生活随笔

当前位置: 首页 > 编程资源 > 编程问答 >内容正文

编程问答

kibana7.x操作

发布时间:2025/3/15 编程问答 36 豆豆
生活随笔 收集整理的这篇文章主要介绍了 kibana7.x操作 小编觉得挺不错的,现在分享给大家,帮大家做个参考.

elasticsearch7.x取消了type(类型的概念)对应数据库表的概念

一、添加一个索引

PUT 索引名 { "settings": { "number_of_shards": 1, "number_of_replicas": 0 } }

二、创建映射字段

analyzer:分词器 下载地址:https://github.com/medcl/elasticsearch-analysis-ik

PUT /索引名/_mapping { "properties": { "title":{ "type": "text", "analyzer": "ik_max_word" }, "images":{ "type": "keyword", "index": false }, "price":{ "type": "float" } } }

三、查看映射关系

GET /索引名/_mapping

四、新增数据

  • 随机生成id
    • POST /索引库名/_doc { "title":"大米手机", "images":"http://image.leyou.com/12479122.jpg", "price":2899.00 }
  • 自定义id

    • 自定义id值不能重复,否则数据将会被覆盖

    POST /索引库名/_doc/自定义id值 {"title":"超米手机","images":"http://image.leyou.com/12479122.jpg","price":3699.00,"Saleable":true }

    五、修改数据

    PUT /索引库/_doc/id值 { "title":"超大米手机", "images":"http://image.leyou.com/12479122.jpg", "price":3899.00, "stock": 100, "saleable":true }

    六、删除数据

    DELETE /索引库名/_doc/id值

    七、查询

  • 查询所有
    • GET /索引库名/_search { "query": { "match_all": {} } }
    • 响应内容:
    {"took" : 0,"timed_out" : false,"_shards" : {"total" : 1,"successful" : 1,"skipped" : 0,"failed" : 0},"hits" : {"total" : {"value" : 6,"relation" : "eq"},"max_score" : 1.0,"hits" : [{"_index" : "goods","_type" : "_doc","_id" : "1","_score" : 1.0,"_source" : {"title" : "小米手机","images" : "http://image.leyou.com/12479122.jpg","price" : 2699.0,"Saleable" : true}},{"_index" : "goods","_type" : "_doc","_id" : "mmHtSnEBVcsVh4Caiarl","_score" : 1.0,"_source" : {"title" : "大米手机","images" : "http://image.leyou.com/12479122.jpg","price" : 2899.0}},{"_index" : "goods","_type" : "_doc","_id" : "2","_score" : 1.0,"_source" : {"title" : "超米手机","images" : "http://image.leyou.com/12479122.jpg","price" : 3699.0,"Saleable" : true}},{"_index" : "goods","_type" : "_doc","_id" : "3","_score" : 1.0,"_source" : {"title" : "小米电视4A","images" : "http://image.leyou.com/12479122.jpg","price" : 4699.0,"Saleable" : true}},{"_index" : "goods","_type" : "_doc","_id" : "4","_score" : 1.0,"_source" : {"title" : "华为手机","subTitle" : "小米","images" : "http://image.leyou.com/12479122.jpg","price" : 4699.0}},{"_index" : "goods","_type" : "_doc","_id" : "5","_score" : 1.0,"_source" : {"title" : "oppo","subTitle" : "小米","images" : "http://image.leyou.com/12479122.jpg","price" : 4899.0}}]} }
    • 字段解析:
    • took:查询花费时间,单位是毫秒
    • time_out:是否超时
    • _shards:分片信息
    • hits:搜索结果总览对象
      • total:搜索到的总条数
      • max_score:所有结果中文档得分的最高分
      • hits:搜索结果的文档对象数组,每个元素是一条搜索到的文档信息
        • _index:索引库
        • _type:文档类型
        • _id:文档id
        • _score:文档得分
        • _source:文档的源数据
  • 匹配查询
    • GET /索引库名/_search{ "query": { "match": { "title": { "query": "小米手机电视","minimum_should_match": "60%" } } }}
  • 多字段查询
    • title,subTitle字段名
    GET /索引库名/_search { "query": { "multi_match": { "query": "小米", "fields":["title","subTitle"] } }

    }

    词条查询:可分割的最小词条单位 title为字段名 [ “字段值” ]

    GET /索引库名/_search {"query": {"terms": {"title": ["小米","手机"]}} }

    多词条查询

    GET /索引库名/_search { "query": { "terms": { "title": ["小米","手机"] } } }
  • 结果过滤
    excludes:不显示的字段 includes: 显示的字段
    • GET /索引库名/_search { "_source": { "excludes": "{images}" }, "query": { "terms": { "title": ["小米","手机"] } } }
  • 布尔查询

    • 标题一定有小米,或者价格为2699,4699
    bool把各种其它查询通过must(与)、must_not(非)、should(或)的方式进行组合

    GET /索引库名/_search { "query": { "bool": { "must": [ {"match": { "title": "小米" } } ], "should": [ {"terms": { "price": [ "2699", "2799" ] }} ] } } }
  • 范围查询

    • 价格大于等于2799 小于等于3899

    GET /索引库名/_search { "query": { "range": { "price": { "gte": 2799, "lte": 3899 } } } }
  • 模糊查询

    • 标题为oppo 默认允许错误一个字母,最大为两个字母 正确标题 oppo

    fuzziness:配置篇里

    GET /索引库名/_search { "query": { "fuzzy": { "title": { "value": "oope", "fuzziness": 2 } } } }
  • 过滤filter
    不会影响查询的分数_score
    • GET /索引库名/_search { "query": { "bool": { "must": [ { "match": { "title": "小米" } } ], "filter": [ { "range": { "price": { "gte": 2699, "lte": 4999 } } } ] } } }
  • 查询全部数据,如果数据很多,kibana默认只返回前10条数据

    • 如果想一开始就设置的话,参考这篇文章
    不然就在查询的时候,带上from和size这两个参数

    ## 查询所有 GET /poem/_search {"from" : 0, "size" : 50,"query": {"match_all": {}} }

    参考文章

    八、排序

    GET /索引库名/_search { "query": { "bool": { "filter": [ { "range": { "price": { "gte": 2699, "lte": 4999 } } } ] } }, "sort": [ { "price": { "order": "desc" } }, { "_id":{ "order": "asc" } } ] }

    九、聚合 aggregations

    聚合可以让我们极其方便的实现对数据的统计、分析。例如:

    • 什么品牌的手机最受欢迎?

    • 这些手机的平均价格、最高价格、最低价格?

    • 这些手机每月的销售情况如何?

    实现这些统计功能的比数据库的sql要方便的多,而且查询速度非常快,可以实现实时搜索效果。

  • 基本概念

    • Elasticsearch中的聚合,包含多种类型,最常用的两种,一个叫桶,一个叫度量:

    • 桶(bucket)

    桶的作用,是按照某种方式对数据进行分组,每一组数据在ES中称为一个桶,例如我们根据国籍对人划分,可以得到中国桶、英国桶,日本桶……或者我们按照年龄段对人进行划分:010,1020,2030,3040等。

    Elasticsearch中提供的划分桶的方式有很多:

    • Date Histogram Aggregation:根据日期阶梯分组,例如给定阶梯为周,会自动每周分为一组

    • Histogram Aggregation:根据数值阶梯分组,与日期类似

    • Terms Aggregation:根据词条内容分组,词条内容完全匹配的为一组

    • Range Aggregation:数值和日期的范围分组,指定开始和结束,然后按段分组

    • ……

    bucket aggregations 只负责对数据进行分组,并不进行计算,因此往往bucket中往往会嵌套另一种聚合:metrics aggregations即度量

    • 度量(metrics)

    分组完成以后,我们一般会对组中的数据进行聚合运算,例如求平均值、最大、最小、求和等,这些在ES中称为度量

    比较常用的一些度量聚合方式:

    • Avg Aggregation:求平均值

    • Max Aggregation:求最大值

    • Min Aggregation:求最小值

    • Percentiles Aggregation:求百分比

    • Stats Aggregation:同时返回avg、max、min、sum、count等

    • Sum Aggregation:求和

    • Top hits Aggregation:求前几

    • Value Count Aggregation:求总数

    • ……

    • 使用聚合先加入新的索引
    PUT /cars { "settings": { "number_of_shards": 1, "number_of_replicas": 0 }, "mappings": { "properties": { "color": { "type": "keyword" }, "make": { "type": "keyword" } } } }
    • 批量添加数据
    POST /cars/_bulk { "index": {}} { "price" : 10000, "color" : "red", "make" : "honda", "sold" : "2014-10-28" } { "index": {}} { "price" : 20000, "color" : "red", "make" : "honda", "sold" : "2014-11-05" } { "index": {}} { "price" : 30000, "color" : "green", "make" : "ford", "sold" : "2014-05-18" } { "index": {}} { "price" : 15000, "color" : "blue", "make" : "toyota", "sold" : "2014-07-02" } { "index": {}} { "price" : 12000, "color" : "green", "make" : "toyota", "sold" : "2014-08-19" } { "index": {}} { "price" : 20000, "color" : "red", "make" : "honda", "sold" : "2014-11-05" } { "index": {}} { "price" : 80000, "color" : "red", "make" : "bmw", "sold" : "2014-01-01" } { "index": {}} { "price" : 25000, "color" : "blue", "make" : "ford", "sold" : "2014-02-12" }
    • 聚合为桶
    GET /cars/_search { "aggs": { "color": { "terms": { "field": "color" } } } }
    • 桶内度量
    GET /cars/_search { "size": 0, "aggs": { "color": { "terms": { "field": "color" }, "aggs": { "avg_price": { "avg": { "field": "price" } } } } } }
    • 桶内嵌套桶
    GET /cars/_search { "size": 0, "aggs": { "color": { "terms": { "field": "color" }, "aggs": { "avg_price": { "avg": { "field": "price" } }, "mark":{ "terms": { "field": "make" } } } } } }
    • 阶梯分组
      对价格进行阶梯分组,最小数量为1才显示
    GET /cars/_search { "size": 0, "aggs": { "price_histogram": { "histogram": { "field": "price", "interval": 5000, "min_doc_count": 1 } } } }
    • 范围分组
    GET /cars/_search { "size": 0, "aggs": { "price_range": { "range": { "field": "price", "ranges": [ { "from": 5000, "to": 15000 }, { "from": 15000, "to": 20000 }, { "from": 20000, "to": 25000 }, { "from": 25000, "to":35000 }, { "from": 35000, "to":40000 } ] } } } }

    文章转自

    总结

    以上是生活随笔为你收集整理的kibana7.x操作的全部内容,希望文章能够帮你解决所遇到的问题。

    如果觉得生活随笔网站内容还不错,欢迎将生活随笔推荐给好友。