ElastchSearch uses basic posture as common

  • Add the document
  • Common query posture
  • Modify/delete a document

ElastchSearch basically uses posture

1. Add documents

When a document is added for the first time, the index is automatically created if it does not exist. With the help of Kibana dev-tools to achieve es interaction

POST first-index/_doc
{
  "@timestamp": "2021-03-31T01:12:00"."message": GET /search HTTP/1.1 200 1070000."user": {
    "id": "YiHui"."name": "A Gray Blog"
  },
  "addr": {
    "country": "cn"."province": "hubei"."city": "wuhan"
  },
  "age"18} :## Add two data for testing
POST first-index/_doc
{
  "@timestamp": "2021-03-31T02:12:00"."message": GET /search HTTP/1.1 200 1070000."user": {
    "id": "ErHui"."name": "Two Grey Blog"
  },
  "addr": {
    "country": "cn"."province": "hubei"."city": "wuhan"
  },
  "age"19} :Copy the code

Of course, you can also use HTTP to interact directly. The following method is equivalent to the above method (kibanan is used for the following interaction, which is more intuitive).

curl  -X POST 'http://localhost:9200/first-index/_doc? pretty' -H 'Content-Type: application/json' -d '{"@timestamp": "2021-03-3t01:00:00 ", "message": "GET /search HTTP/1.1 200 1070000", "user": {"id": "YiHui", "name" : "one is gray Blog"}, "addr" : {" country ":" cn ", "province", "hubei", "city" : "wuhan"}, "age" : 18} '
Copy the code

2. Query documents

2.0 Kibana configuration and query

In addition to the basic query syntax, direct use of Kibana query, for the user, the lowest threshold; First configure the ES index above

  • Management -> Stack Management -> Kiabana Index Patterns
  • index pattern name
  • Time field, select@timestampThis has to do with the field in the actual document

Next, enter Discover for query

For example, field queries

2.1 Querying All Information

Do not add any match, retrieve the document (when there is a lot of data, of course, not really all return, will also do paging)

GET my-index/_search
{
  "query": {
    "match_all": {}}}Copy the code

2.2 Term accurate matching

Value matching based on field, regardless of case;

Query syntax, like: ` {” query “: {” term” : {” member name “: {” value” : “query value”}}}}

  • query.term.valueThree keys are fixed values
  • Member name: indicates the member to be queried
  • The query value: Indicates the value to be matched

(Note: In the following grammar, Chinese is to be replaced, English is fixed value)

GET first-index/_search
{
  "query": {
    "term": {
      "user.id": {
        "value": "yihui"}}}}Copy the code

If the value does not match or the field to be queried does not exist, the corresponding information cannot be queried

2.3 terms Multi-value matching

Term represents an exact match of value, and if I want a query like value in (XXX), I can use terms

Grammar:

{
	"query": {
		"terms": {
			"Member name": [member value, member value]}}}Copy the code

Firm such as

GET first-index/_search
{
  "query": {
    "terms": {
      "user.id": ["yihui"."erhui"]}}}Copy the code

2.4 Range Range Matching

It is suitable for comparison queries of values and dates, such as the common >, >=, <, <=

The query syntax

{
	"query": {
        "range": {
            "Member name": {
                "gte": "Query lower bound" ,
                "lte": "Query lower bound"}}}}Copy the code
Range operator instructions
gt More than >
gte The value is greater than or equal to >=
lt < <
lte Less than or equal to <=

Instance as follows

GET first-index/_search
{
  "query": {
    "range": {
      "age": {
        "gte": 10,
        "lte": 18}}}}Copy the code

2.5 Field Filtering

According to whether a certain field is included or not, there are two major exists indicating that the requirement exists, and missing indicating that the requirement does not exist

The query syntax

{
    "query": {
        "exists/missing": {
            "field": "Field value"}}}Copy the code

Instance as follows

GET first-index/_search
{
  "query": {
    "exists": {
      "field": "age"}}}Copy the code

2.6 Combined Query

Bool + must/ must_NOT /should is used when multiple query conditions are combined

The query syntax

{
    "query": {
        "bool": {
            "must"[' # '"Query Condition 1"."Query Condition 2"]."must_not"[' # '] [' # '] [' # '] ."should"[/ b] [/ b] [/ b] }}}Copy the code

Instance as follows

## user.id = yihui and age < 20
GET first-index/_search
{
  "query": {
    "bool": {
      "must": [{"term": {
            "user.id": {
              "value": "yihui"}}}, {"range": {
            "age": {
              "lt": 20}}}]}}}#! (user.id) = yihui and ! (age>20)
GET first-index/_search
{
  "query": {
    "bool": {
      "must_not": [{"term": {
            "user.id": {
              "value": "yihui"}}}, {"range": {
            "age": {
              "gt": 20}}}]}}}# user.id = 'yihui' or age>20
GET first-index/_search
{
  "query": {
    "bool": {
      "should": [{"term": {
            "user.id": {
              "value": "yihui"}}}, {"range": {
            "age": {
              "gt": 20}}}]}}}Copy the code

The following screenshots are output with must_NOT

instructions

  • The previous query is based on the fieldexistingOnly a single match can be made. You can use the combination here to achieve multiple judgments

2.7 match the query

The biggest feature is that it is more suitable for fuzzy queries, such as looking for field matches in a field

grammar

{
    "query": {
        "match": {
            "Field name": "Query value"}}}Copy the code

For example

GET first-index/_search
{
  "query": {
    "match": {
      "user.name": "Grey og"}}}Copy the code

If there is a need for precise queries, the previous term can be used to cache the results

2.8 multi_match query

For more information, see: multi_match query

Query in multiple fields

grammar

  • type: best_fieldsmost_fieldscross_fields(Best field, most field, cross field)
  • Best fields: When searching for specific concepts, such as “Brown fox,” phrases make more sense than individual words
  • Multiple fields: To fine-tune relevance, a common technique is to index the same data into different fields, each with its own analysis chain.
  • Mixed fields: For some entities, we need to determine their information in multiple fields, each of which can only be part of the whole
{
    "query": {
        "multi_match": {
            "query":                "Quick brown fox"."type":                 "best_fields"."fields":               [ "title"."body"]."tie_breaker":          0.3."minimum_should_match": "30%"}}}Copy the code

Examples demonstrate

GET first-index/_search
{
  "query": {
    "multi_match": {
      "query": "Han"."fields": ["user.id"."addr.city"]}}}Copy the code

In addition to writing exact fields, it also supports fuzzy matching, such as matching all fields

GET first-index/_search
{
  "query": {
    "multi_match": {
      "query": "blog"."fields": ["*"]}}}Copy the code

2.9 wildcard query

Shell wild-cards

  • ?: Contains 0/1 characters
  • *: contains 0/ N characters
GET first-index/_search { "query": { "wildcard": { "user.id": { "value": "*Hu?" }}}}Copy the code

Note, may have problems with Chinese

2.10 the regexp query

Regular match

GET first-index/_search
{
  "query": {
    "regexp": {
      "user.name": ".*log"}}}Copy the code

2.11 the prefix queries

Prefix matching

GET first-index/_search
{
  "query": {
    "prefix": {
      "user.name": "一"}}}Copy the code

2.12 the sorting

Sort the query results by sort

{
	"sort": [{"Member variable": {
            "order": "desc"}}}]Copy the code

Instance as follows

GET first-index/_search
{
  "query": {"match_all": {}},"sort": [{"@timestamp": {
        "order": "desc"}}}]Copy the code

2.13 more

More postures can be found in the official documentation

The official tutorial

3. Delete the document

You need to specify deletion based on the document ID

DELETE first-index/_doc/gPYLh3gBF9fSFsHNEe58
Copy the code

Delete the success

4. Update documents

4.1 Overwrite Update

Updates are implemented using PUT, again by ID

  • Covering the update
  • Version The version will be +1
  • If the document corresponding to the ID does not exist, add it
PUT first-index/_doc/f_ZFhngBF9fSFsHNte7f
{
  "age"28} :Copy the code

4.2 Incremental Update

Use POST for incremental updates

  • If field exists, update
  • If field does not exist, it is added
POST first-index/_update/gvarh3gBF9fSFsHNuO49
{
  "doc": {
    "age": 25}}Copy the code

You can also use script scripts for updates

  • Plus 5 from the old age
POST first-index/_update/gvarh3gBF9fSFsHNuO49
{
  "script": "ctx._source.age += 5"
}
Copy the code

II. The other

1. A gray Blog:liuyueyi.github.io/hexblog

A gray personal blog, recording all the study and work in the blog, welcome everyone to go to stroll

2. Statement

As far as the letter is not as good, the above content is purely one’s opinion, due to the limited personal ability, it is inevitable that there are omissions and mistakes, if you find bugs or have better suggestions, welcome criticism and correction, don’t hesitate to appreciate

  • QQ: a gray /3302797840
  • Wechat official account: One Grey Blog