-
Notifications
You must be signed in to change notification settings - Fork 0
ElasticQueryExample
jaeseok.an edited this page Aug 27, 2020
·
5 revisions
Kibana (루신syntax)
container.name:"aergonode-4c46797e-9b01-4911-840c-fbf2a9a08ce4" AND event.module:"docker" AND docker.cpu.total.pct:[20 TO *]
GET _search
{
"query": {
"match_all": {}
}
}
GET _cat/indices/aergostat-d05d36f1-75fd-493c-b4a6-fd295168f77c-2020.07.06/_doc/
GET _cat/tasks
GET _cat/indices/*
GET _cat/indices/aergostat-*
GET /aergorollup-aergostat-84a0ab77-23dd-4273-ab13-91523a023cac/_rollup/_search
GET /aergorollup-aergostat-254f97c7-06f1-43d4-ba4a-b98409b33444/_rollup/_search
DELETE /*-0.0.0
DELETE /aem_backup_db
DELETE /aergostat-4a9595b9-7926-4155-962c-7baf5a3033a4-2020.04.11
DELETE /aergostat-4a9595b9-7926-4155-962c-7baf5a3033a4-2020.04.10
# 인덱스 없이 데이터 추가
PUT /user_auto/_doc/1
{
"name": "shin hyun jeong",
"email": "[email protected]",
"phone": "01062840568",
"company": "blocko",
"family": 3
}
# 자동 생성된 인덱스 확인
GET /user_auto
# 데이터 조회
GET /aergorollup-aergostat-d05d36f1-75fd-493c-b4a6-fd295168f77c/_doc/1
# 인덱스 직접 생성 with mapping
# keyword: 문자 그대로, text: 형태소 분석
PUT /user
{
"settings": {
"number_of_shards": 3,
"number_of_replicas": 0
},
"mappings": {
"_doc": {
"properties": {
"name": { "type": "keyword" },
"email": { "type": "keyword" },
"phone": { "type": "text" },
"company": { "type": "keyword" },
"family": { "type": "long" }
}
}
}
}
GET /user
# 데이터 추가
POST /user/_doc/1
{
"name": "shin hyun jeong",
"email": "[email protected]",
"phone": "010 6284 0568",
"company": "blocko",
"family": 3
}
GET /user/_doc/1
# 형태소로 데이터 검색
POST /user/_search
{
"query": {
"term": {"phone": "6284"}
}
}
# name은 keyword타입이라 형태소로 못찾음
POST /user/_search
{
"query": {
"term": {"name": "shin"}
}
}
POST /user/_doc/2
{
"name": "ari",
"email": "[email protected]",
"phone": "010 0000 0000",
"company": "blocko",
"family": 50
}
POST /user/_doc/3
{
"name": "someone",
"email": "[email protected]",
"phone": "010 1111 1111",
"company": "amazon",
"family": 2
}
POST /user/_search
{
"size": 0,
"query": {
"terms": {
"company": [
"blocko",
"amazon"
]
}
},
"aggs": {
"company_family": {
"terms": {"field": "company"},
"aggs": {
"dataname": {
"sum": {
"field": "family"
}
}
}
}
}
}
GET /aergorollup-aergostat-badade1a-9d97-4246-9abc-9bc3d6c039ea/_rollup_search
{
"size": 0,
"_source": [
"block_meta.header.block_no",
"block_meta.header.tx_count"
],
"query": {
"bool": {
"filter": [
{
"range": {
"@timestamp": {
"gte": 1598325869344,
"lt": 1598408674432
}
}
},
{
"bool": {
"should": [
{
"bool": {
"must": [
{
"term": {
"node_id": "82c528c2-8bd3-4e9e-b2f2-c7d97e0cbaae"
}
}
]
}
},
{
"bool": {
"must": [
{
"term": {
"node_id": "ed7adbed-2fbb-47c0-9fab-cdd65b5f8aa8"
}
}
]
}
}
]
}
}
]
}
},
"sort": [{"@timestamp": {"order": "desc"}}],
"aggs": {
"daily_request": {
"date_histogram": {
"field": "@timestamp",
"interval": "60m"
},
"aggs": {
"block_meta": {
"terms": {
"field": "node_id"
},
"aggs": {
"block_no": {
"max": {
"field": "block_meta.header.block_no"
}
}
}
}
}
}
}
}
test