《Elasticsearch 核心技术与实战》课程Github代码 https://github.com/onebirdrocks/geektime-ELK

运行的环境: windows

安装了 PowerShell-7.0.0

  1. 下载 elasticsearch和Kibana 都可以在华为云 https://mirrors.huaweicloud.com/ 上下载到

我安装的 elasticsearch 7.4.0 和 kibana 7.4.0

安装是解压之后,就可以使用的,安装了jdk 1.8.221,在环境变量中,配置了 JAVA_HOME并加入到 path中去了。

启动 powershell,进入 elasticsearch解压的目录,启动 elasticsearch

./bin/elasticsearch

浏览器可通过http://localhost:9200 访问,查看elasticsearch的基本信息

查看安装的插件

 ./bin/elasticsearch-plugin list

安装一个 analysis-icu

./bin/elasticsearch-plugin install analysis-icu

可用 ./bin/elasticsearch-plugin list再次查看 安装的插件,然后启动 elasticsearch,

可通过http://localhost:9200/_cat/plugins 查看安装的列表

_cat/ 是 elasticsearch 提供的要给 api

  • plugins 查看安装的插件
  • nodes 查看运行的节点

如何在开发机上运行多个 Elasticsearch实例

./bin/elasticsearch -E node.name=node1 -E cluster.name=geektime -E path.data=node1_data -d

./bin/elasticsearch -E node.name=node2 -E cluster.name=geektime -E path.data=node2_data -d

./bin/elasticsearch -E node.name=node3 -E cluster.name=geektime -E path.data=node3_data -d

node.name 节点的名称

cluster.name 一个相同的集群的名称

pat.data 为每个节点设置存放数据的地址

注: 在 windows下的 powershell 好像不需要最后的 -d 参数,我是打开 三个 powershell的窗口,单独运行上面的命令的

  • 删除进程 ps grep|elasticsearch / kill pid

kibana

启动

./bin/kibana

默认是 5601 端口

http://localhost:5601

在 首页 有一个 Add sample data 下面有一个 链接,点击进去,可以进行导入 kibana 提供的简单数据

kinana console

  • dev tools
  • Search Profiler
  • Help + 一些快捷键
    • cmd + / (查看API帮助文档)
    • cmd + option + l
    • cmd + option + 0
    • cmd + option + shift + 0

kibana plugins

bin/kibana-plugin install plugin_location

bin/kibana-plugin list

bin/kibana remove

Apps:

  • LogTrail
  • Own Home
  • Shard Allocation
  • Corweyor
  • Indices View
  • Analyze UI
  • Cleaner Setting index ttl
  • ElastAlert Kibana Plugin

Visualizations:

  • 3D Chars
  • 3D Graph
  • Bmap
  • C3JS Visualzations
  • Calendar Visualzation
  • Cohort analysis
  • Collored Metilc Visualzation
  • Dendrogram
  • Dotplot
  • Dropdown
  • Enhanced Table
  • Enhanced Themap
  • Extended Metric

学习在本机Docker环境中云高兴 ELK Stack

  • Docker-compose 相关命令

    • 运行 docker-compose up [-d]
    • docker-compose down
    • docker-compose down -v
    • docker stop / rm containerID

Demo

  • 运行 Docker-compose 本地构建 Elasticsearch 分布式特性
  • 集成 Cerobro,方便查看集群状态,默认运行在 9000端口,可通过http://localhost:9000

logstash

2.4-Logstash安装与导入数据

参考文档说明导入 movices.csv 数据,启动 logstash

bin/logstash -f path_logstash.conf


input {

  file {

    path => "D:/dev/data/movies.csv"

    start_position => "beginning"

	sincedb_path => "D:/dev/logstash/mydata/moive.txt"

  }

}

filter {

  csv {

    separator => ","

    columns => ["id","content","genre"]

  }

  mutate {

    split => { "genre" => "|" }

    remove_field => ["path", "host","@timestamp","message"]

  }

  mutate {

    split => ["content", "("]

    add_field => { "title" => "%{[content][0]}"}

    add_field => { "year" => "%{[content][1]}"}

  }

  mutate {

    convert => {

      "year" => "integer"

    }

    strip => ["title"]

    remove_field => ["path", "host","@timestamp","message","content"]

  }

}

output {

   elasticsearch {

     hosts => "http://localhost:9200"

     index => "movies"

     document_id => "%{id}"

   }

  stdout {}

}


[2019-10-23T09:58:45,519][ERROR][logstash.javapipeline    ][main] Pipeline aborted due to error {:pipeline_id=>"main", :exception=>#<ArgumentError: The "sincedb_path" argument must point to a file, received a directory: "D:/dev/logstash/mydata/moive">,

sincedb_path 需要是一个文件,而不是一个目录

文檔CURD

//create document.自动生成 _id

POSt users/_doc

{

  "user": "Mkie",

  "post_date": "2019-10-23 00:01:22",

  "message": "hello"

}

//create document,指定id,如果id存在,报错

PUT users/_doc/1?op_type=create

{

  "user": "kangkang",

  "post_date": "2019-10-23 02:01:22",

  "message": "hello2"

}

//create document,指定id已经存在,就报错

PUT users/_create/1

{

  "user": "lulu",

  "post_date": "2019-10-23 03:01:22",

  "message": "hello3"

}

//get document by id

GET users/_doc/1

PUT users/_doc/1

{

  "user": "my mike"

}

//在原文档增加字段

POST users/_update/1

{

  "doc":{

    "post_date" : "2019-10-10 23:56:56",

    "message": "just message"

  }

}

DELETE usrs/_doc/1

bulk 操作

每个操作的失败不会影响其它操作

批量读取 - mget

GEt /_mget

{

  "docs":[

  	{

  	   "_index" : "user",

  	   "_id": 1,

  	},

  	{

  	   "_index": "comments",

  	   "_id": 1

  	}

  ]

}

msearch _msearch

正排索引和倒排索引

analysis与analyzer

analyzer 分词器

使用 analyzer api

get /_analyze

POST books/_analyzer

{

 "filed": "title"

}

Standard Analyzer

  • 默认分词器
  • 按词划分
  • 小写处理

Simple Analyzer

  • 按照非字母,非字母都被去除

Whitespace Analyzer

  • 按照空格划分

Stop Analyzer

  • 相比Simple Analyzer

language analyzer

icu analyzer

需要按照插件

elasticsearch-plugin install analysis-icu

提供了Unicode的支持,更好的支持亚洲语音

更多的中文分词器

  • IK
  • THULAC
//standard

GET _analyze

{

  "analyzer": "standard",

  "text": "He my polite be object oh change. Consider no mr am overcame yourself throwing sociable children. Hastily her totally conduct may. "

}

//simple

GET _analyze

{

  "analyzer": "simple",

  "text": "He my polite be object oh change. Consider no mr am overcame yourself throwing sociable children. Hastily her totally conduct may. "

}

//stop

GET _analyze

{

  "analyzer": "stop",

  "text": "Six started far placing saw respect females old. Civilly why how end viewing attempt related enquire visitor. Man particular insensible celebrated conviction stimulated principles day. "

}

//whitespace

GET _analyze

{

  "analyzer": "whitespace",

  "text": "Six started far placing saw respect females old. Civilly why how end viewing attempt related enquire visitor. Man particular insensible celebrated conviction stimulated principles day."

}

//keyword

GET _analyze

{

  "analyzer": "keyword",

  "text": "Six started far placing saw respect females old. Civilly why how end viewing attempt related enquire visitor. Man particular insensible celebrated conviction stimulated principles day."

}

//pattern,default \w

GET _analyze

{

  "analyzer": "pattern",

  "text": "2 Six started far-placing saw respect females old. Civilly why how end viewing attempt related enquire visitor. Man particular insensible celebrated conviction stimulated principles day."

}

GET _analyze

{

  "analyzer": "english",

  "text": "2 Six started far-placing saw respect females old. Civilly why how end viewing attempt related enquire visitor. Man particular insensible celebrated conviction stimulated principles day."

}

GET _analyze

{

  "analyzer": "icu_analyzer",

  "text": "他說的的確在理“"

}

GET _analyze

{

  "analyzer": "standard",

  "text": "他說的的確在理“"

}

search api

  • URL Search 使用 q
  • Request Body search
/_search

/index1/_search

URL Search

  • q
  • df 默认字段
  • sort
  • profile
GET /movies/_search?q=2012&df=title

{

  "profile":"true"

}

//泛查询

GET /movies/_search?q=2012

{

  "profile":"true"

}

//指定查询

GET /movies/_search?q=title:2012

{

  "profile":"true"

}

//使用引号

GET /movies/_search?q=title:"Beautiful Mind"

{

  "profile":"true"

}

//查找美丽心灵,Mind 泛查询

GET /movies/_search?q=title:Beautiful Mind

{

  "profile":"true"

}

//分组,bool查询

GET /movies/_search?q=title:(Beautiful Mind)

{

  "profile":"true"

}

//查找美丽心灵

GET /movies/_search?q=title:(Beautiful AND Mind)

{

  "profile":"true"

}

GET /movies/_search?q=title:(Beautiful NOT Mind)

{

  "profile":"true"

}

//%2B 加号

GET /movies/_search?q=title:(Beautiful %2BMind)

{

  "profile":"true"

}

GET /movies/_search?q=year:>=1990

{

  "profile":"true"

}

GET /movies/_search?q=title:b*

{

  "profile":"true"

}

GET /movies/_search?q=title:beautiful~1

{

  "profile":"true"

}

GET /movies/_search?q=title:"Lord Rings"~2

{

  "profile":"true"

}

Request body search

POST kibana_sample_data_ecommerce/_search

{

  "_source": ["order_date"],

  "sort": [

    {

      "order_date": {

        "order": "desc"

      }

    }

  ],

  "query": {

    "match_all": {}

  }

}

//脚本字段

GET kibana_sample_data_ecommerce/_search

{

  "script_fields": {

    "new_field": {

      "script": {

        "lang":"painless",

        "source": "doc['order_date'].value+'_hello'"

      }

    }

  },

  "query": {

    "match_all": {}

  }

}

POST movies/_search

{

  "query": {

    "match": {

      "title": "Last Christmas"

    }

  }

}

POST movies/_search

{

  "query": {

    "match": {

      "title": {

        "query": "Last Christmas",

        "operator": "AND"

      }

    }

  }

}

POST movies/_search

{

  "query": {

    "match_phrase": {

      "title": {

        "query": "one love"

      }

    }

  }

}

POST movies/_search

{

  "query": {

    "match_phrase": {

      "title": {

        "query": "one love",

        "slop": 1

      }

    }

  }

}

query_string

simple query string query

elasticsearch学习笔记001的更多相关文章

  1. Elasticsearch学习笔记一

    Elasticsearch Elasticsearch(以下简称ES)是一款Java语言开发的基于Lucene的高效全文搜索引擎.它提供了一个分布式多用户能力的基于RESTful web接口的全文搜索 ...

  2. [Oracle]OWI学习笔记--001

    [Oracle]OWI学习笔记--001 在 OWI 的概念里面,最为重要的是 等待事件 和 等待时间. 等待事件发生时,需要通过 P1,P2,P3 查看具体的资源. 可以通过 v$session_w ...

  3. elasticsearch学习笔记——相关插件和使用场景

    logstash-input-jdbc学习 ES(elasticsearch缩写)的一大优点就是开源,插件众多.所以扩展起来非常的方便,这也造成了它的生态系统越来越强大.这种开源分享的思想真是与天朝格 ...

  4. TensorFlow机器学习框架-学习笔记-001

    # TensorFlow机器学习框架-学习笔记-001 ### 测试TensorFlow环境是否安装完成-----------------------------```import tensorflo ...

  5. ElasticSearch学习笔记(超详细)

    文章目录 初识ElasticSearch 什么是ElasticSearch ElasticSearch特点 ElasticSearch用途 ElasticSearch底层实现 ElasticSearc ...

  6. Web前端学习笔记(001)

    ....编号    ........类别    ............条目  ................明细....................时间 一.Web前端学习笔记         ...

  7. 【原】无脑操作:ElasticSearch学习笔记(01)

    开篇来自于经典的“保安的哲学三问”(你是谁,在哪儿,要干嘛) 问题一.ElasticSearch是什么?有什么用处? 答:截至2018年12月28日,从ElasticSearch官网(https:// ...

  8. ElasticSearch学习笔记-01 简介、安装、配置与核心概念

    一.简介 ElasticSearch是一个基于Lucene构建的开源,分布式,RESTful搜索引擎.设计用于云计算中,能够达到实时搜索,稳定,可靠,快速,安装使用方便.支持通过HTTP使用JSON进 ...

  9. Elasticsearch学习笔记

    Why Elasticsearch? 由于需要提升项目的搜索质量,最近研究了一下Elasticsearch,一款非常优秀的分布式搜索程序.最开始的一些笔记放到github,这里只是归纳总结一下. 首先 ...

随机推荐

  1. 简单的51单片机多任务操作系统(C51)

    在网上看到这段代码,所以自己尝试了,可以跑起来,但是没有精确的定时功能,仅仅是任务的调度而已. 数组中是11,而不是12.这里写错了... /* 简单的多任务操作系统 其实只有个任务调度切换,把说它是 ...

  2. 密码加密与微服务鉴权JWT

    博客学习目标 1.用户注册时候,对数据库中用户的密码进行加密存储(使用 SpringSecurity). 2.使用 JWT 鉴权认证. 一.BCrypt 密码加密 1.常见的加密方式 任何应用考虑到安 ...

  3. iOS项目开发中的知识点与问题收集整理②

    1.点击UIButton 无法产生触摸事件    如果在UIImageView中添加了一个按钮,你会发现在默认情况下这个按钮是无法被点击的,需要设置UIImageView的userInteractio ...

  4. mui.min.js:7 Uncaught DOMException: Failed to execute 'send' on 'XMLHttpRequest': Failed to load

    mui框架做的微信公众号网页,在上传数据的时候报了这个错,async: true,//将false改为true就可以了 https://blog.csdn.net/liuzp111/article/d ...

  5. Service系统服务(四):搭建单区域DNS服务器、特殊DNS解析、配置DNS子域授权、搭建并测试缓存DNS

    一.搭建单区域DNS服务器 目标: 本例要求要求为DNS区域tedu.cn搭建一台DNS服务器,以便用户能通过域名的方式访问网站.测试阶段主要提供以下正向记录: svr7.tedu.cn ---> ...

  6. ubuntu16安装,配置前端开发环境

    1.安装ubuntu    使用usio制作U盘安装工具 2.安装搜狗输入法 3.安装QQ 4.安装nodejs node-v0.12.4 node-v0.12.4.tar.gz root@ubunt ...

  7. 31. Git与Github

    Github介绍 GitHub是一个面向开源及私有软件项目的托管平台,因为只支持git 作为唯一的版本库格式进行托管,故名gitHub. GitHub于2008年4月10日正式上线,除了Git代码仓库 ...

  8. Codeforces 388C Fox and Card Game (贪心博弈)

    Codeforces Round #228 (Div. 1) 题目链接:C. Fox and Card Game Fox Ciel is playing a card game with her fr ...

  9. java 并发——AbstractQueuedSynchronizer

    java 并发--AbstractQueuedSynchronizer 简介 abstract class AbstractQueuedSynchronizer extends AbstractOwn ...

  10. UVA

    A network is composed of N computers connected by N - 1 communication links such that any two comput ...