本文着重總結Elasticsearch的常見API了,進行分析。
- Index API
- 初始化Index,設定shards和replica
PUT http://localhost:9200/firewall_syslog/
{
"settings":{
"index":{
"number_of_shards":5,
"number_of_replicas":0
}
}
}
可以得到建立成功的JSON傳回:
{
"acknowledged": true,
"shards_acknowledged": true
}
2. 獲得索引的詳細資訊:
擷取單個索引資訊:
GET http://localhost:9200/firewall_syslog/_settings/
傳回JSON值:
{
"firewall_syslog": {
"settings": {
"index": {
"creation_date": "1499588503266",
"number_of_shards": "5",
"number_of_replicas": "0",
"uuid": "DTeXCyRcRGqhIMkBjupyLg",
"version": {
"created": "5040399"
},
"provided_name": "firewall_syslog"
}
}
}
}
獲得多個索引:
GET http://localhost:9200/server_syslog,firewall_syslog/_settings/
可獲得傳回的JSON值:
{
"server_syslog": {
"settings": {
"index": {
"creation_date": "1499324705761",
"number_of_shards": "5",
"number_of_replicas": "0",
"uuid": "x_ke_3yhR2ycMPumgrDEvw",
"version": {
"created": "5040399"
},
"provided_name": "server_syslog"
}
}
},
"firewall_syslog": {
"settings": {
"index": {
"creation_date": "1499588503266",
"number_of_shards": "5",
"number_of_replicas": "0",
"uuid": "DTeXCyRcRGqhIMkBjupyLg",
"version": {
"created": "5040399"
},
"provided_name": "firewall_syslog"
}
}
}
}
獲得所有索引資訊:
GET http://localhost:9200/_all/_settings/
可獲得傳回JSON值:
{
"server_syslog": {
"settings": {
"index": {
"creation_date": "1499324705761",
"number_of_shards": "5",
"number_of_replicas": "0",
"uuid": "x_ke_3yhR2ycMPumgrDEvw",
"version": {
"created": "5040399"
},
"provided_name": "server_syslog"
}
}
},
"hardware_syslog": {
"settings": {
"index": {
"creation_date": "1499324723964",
"number_of_shards": "5",
"number_of_replicas": "0",
"uuid": "0Mmg81DJR0GWQ3JLTeyUbg",
"version": {
"created": "5040399"
},
"provided_name": "hardware_syslog"
}
}
},
"firewall_syslog": {
"settings": {
"index": {
"creation_date": "1499588503266",
"number_of_shards": "5",
"number_of_replicas": "0",
"uuid": "DTeXCyRcRGqhIMkBjupyLg",
"version": {
"created": "5040399"
},
"provided_name": "firewall_syslog"
}
}
}
}
3. 建立文檔與内容
使用PUT來建立建Elasticsearch文檔内容:
PUT http://localhost:9200/firewall_syslog/name/1/
{
"name": "cisco",
"version": "1.7.1",
"writer": {
"first": "larry",
"second": "tim"
},
"syslog": "1"
}
傳回的JSON資訊為:
{
"_index": "firewall_syslog",
"_type": "name",
"_id": "1",
"_version": 2,
"result": "updated",
"_shards": {
"total": 1,
"successful": 1,
"failed": 0
},
"created": false
}
4. 更新文檔中的字段(覆寫更新與Update更新)
使用POST方法覆寫更新文檔關鍵内容:
POST http://localhost:9200/firewall_syslog/name/1/
{
"name": "cisco",
"version": "1.7.3",
"writer": {
"first": "larry",
"second": "tim"
},
"syslog": "3"
}
傳回JSON關鍵字updated:
{
"_index": "firewall_syslog",
"_type": "name",
"_id": "1",
"_version": 11,
"found": true,
"_source": {
"name": "cisco",
"version": "1.7.3",
"writer": {
"first": "larry",
"second": "tim"
},
"syslog": "3"
}
}
使用update接口更新文檔内容,修改name字段為juniper:
POST http://localhost:9200/firewall_syslog/name/1/_update/
{
"doc":{
"name":"juniper"
}
}
傳回JSON的值為:
{
"_index": "firewall_syslog",
"_type": "name",
"_id": "1",
"_version": 12,
"result": "updated",
"_shards": {
"total": 1,
"successful": 1,
"failed": 0
}
}
5. 搜尋doc中的關鍵字段:
不過出了一些未知的小故障,題住用的是ELasticsearch 5.x版本。不知道為何在head中調用api無法實作以下内容。
GET http://localhost:9200/server_syslog/secure/1?_source=user/
後面将總結mget與bulk接口。
Q:471795876
Wechat:lesswindy
歡迎一切感興趣的同行一同交流,黑産不接,謝謝。