《Elasticsearch 核心技术与实战》课程Github代码 https://github.com/onebirdrocks/geektime-ELK

运行的环境: windows

安装了 PowerShell-7.0.0

  1. 下载 elasticsearch和Kibana 都可以在华为云 https://mirrors.huaweicloud.com/ 上下载到

我安装的 elasticsearch 7.4.0 和 kibana 7.4.0

安装是解压之后,就可以使用的,安装了jdk 1.8.221,在环境变量中,配置了 JAVA_HOME并加入到 path中去了。

启动 powershell,进入 elasticsearch解压的目录,启动 elasticsearch

./bin/elasticsearch

浏览器可通过http://localhost:9200 访问,查看elasticsearch的基本信息

查看安装的插件

 ./bin/elasticsearch-plugin list

安装一个 analysis-icu

./bin/elasticsearch-plugin install analysis-icu

可用 ./bin/elasticsearch-plugin list再次查看 安装的插件,然后启动 elasticsearch,

可通过http://localhost:9200/_cat/plugins 查看安装的列表

_cat/ 是 elasticsearch 提供的要给 api

  • plugins 查看安装的插件
  • nodes 查看运行的节点

如何在开发机上运行多个 Elasticsearch实例

./bin/elasticsearch -E node.name=node1 -E cluster.name=geektime -E path.data=node1_data -d

./bin/elasticsearch -E node.name=node2 -E cluster.name=geektime -E path.data=node2_data -d

./bin/elasticsearch -E node.name=node3 -E cluster.name=geektime -E path.data=node3_data -d

node.name 节点的名称

cluster.name 一个相同的集群的名称

pat.data 为每个节点设置存放数据的地址

注: 在 windows下的 powershell 好像不需要最后的 -d 参数,我是打开 三个 powershell的窗口,单独运行上面的命令的

  • 删除进程 ps grep|elasticsearch / kill pid

kibana

启动

./bin/kibana

默认是 5601 端口

http://localhost:5601

在 首页 有一个 Add sample data 下面有一个 链接,点击进去,可以进行导入 kibana 提供的简单数据

kinana console

  • dev tools
  • Search Profiler
  • Help + 一些快捷键
    • cmd + / (查看API帮助文档)
    • cmd + option + l
    • cmd + option + 0
    • cmd + option + shift + 0

kibana plugins

bin/kibana-plugin install plugin_location

bin/kibana-plugin list

bin/kibana remove

Apps:

  • LogTrail
  • Own Home
  • Shard Allocation
  • Corweyor
  • Indices View
  • Analyze UI
  • Cleaner Setting index ttl
  • ElastAlert Kibana Plugin

Visualizations:

  • 3D Chars
  • 3D Graph
  • Bmap
  • C3JS Visualzations
  • Calendar Visualzation
  • Cohort analysis
  • Collored Metilc Visualzation
  • Dendrogram
  • Dotplot
  • Dropdown
  • Enhanced Table
  • Enhanced Themap
  • Extended Metric

学习在本机Docker环境中云高兴 ELK Stack

  • Docker-compose 相关命令

    • 运行 docker-compose up [-d]
    • docker-compose down
    • docker-compose down -v
    • docker stop / rm containerID

Demo

  • 运行 Docker-compose 本地构建 Elasticsearch 分布式特性
  • 集成 Cerobro,方便查看集群状态,默认运行在 9000端口,可通过http://localhost:9000

logstash

2.4-Logstash安装与导入数据

参考文档说明导入 movices.csv 数据,启动 logstash

bin/logstash -f path_logstash.conf


input {

  file {

    path => "D:/dev/data/movies.csv"

    start_position => "beginning"

	sincedb_path => "D:/dev/logstash/mydata/moive.txt"

  }

}

filter {

  csv {

    separator => ","

    columns => ["id","content","genre"]

  }

  mutate {

    split => { "genre" => "|" }

    remove_field => ["path", "host","@timestamp","message"]

  }

  mutate {

    split => ["content", "("]

    add_field => { "title" => "%{[content][0]}"}

    add_field => { "year" => "%{[content][1]}"}

  }

  mutate {

    convert => {

      "year" => "integer"

    }

    strip => ["title"]

    remove_field => ["path", "host","@timestamp","message","content"]

  }

}

output {

   elasticsearch {

     hosts => "http://localhost:9200"

     index => "movies"

     document_id => "%{id}"

   }

  stdout {}

}


[2019-10-23T09:58:45,519][ERROR][logstash.javapipeline    ][main] Pipeline aborted due to error {:pipeline_id=>"main", :exception=>#<ArgumentError: The "sincedb_path" argument must point to a file, received a directory: "D:/dev/logstash/mydata/moive">,

sincedb_path 需要是一个文件,而不是一个目录

文檔CURD

//create document.自动生成 _id

POSt users/_doc

{

  "user": "Mkie",

  "post_date": "2019-10-23 00:01:22",

  "message": "hello"

}

//create document,指定id,如果id存在,报错

PUT users/_doc/1?op_type=create

{

  "user": "kangkang",

  "post_date": "2019-10-23 02:01:22",

  "message": "hello2"

}

//create document,指定id已经存在,就报错

PUT users/_create/1

{

  "user": "lulu",

  "post_date": "2019-10-23 03:01:22",

  "message": "hello3"

}

//get document by id

GET users/_doc/1

PUT users/_doc/1

{

  "user": "my mike"

}

//在原文档增加字段

POST users/_update/1

{

  "doc":{

    "post_date" : "2019-10-10 23:56:56",

    "message": "just message"

  }

}

DELETE usrs/_doc/1

bulk 操作

每个操作的失败不会影响其它操作

批量读取 - mget

GEt /_mget

{

  "docs":[

  	{

  	   "_index" : "user",

  	   "_id": 1,

  	},

  	{

  	   "_index": "comments",

  	   "_id": 1

  	}

  ]

}

msearch _msearch

正排索引和倒排索引

analysis与analyzer

analyzer 分词器

使用 analyzer api

get /_analyze

POST books/_analyzer

{

 "filed": "title"

}

Standard Analyzer

  • 默认分词器
  • 按词划分
  • 小写处理

Simple Analyzer

  • 按照非字母,非字母都被去除

Whitespace Analyzer

  • 按照空格划分

Stop Analyzer

  • 相比Simple Analyzer

language analyzer

icu analyzer

需要按照插件

elasticsearch-plugin install analysis-icu

提供了Unicode的支持,更好的支持亚洲语音

更多的中文分词器

  • IK
  • THULAC
//standard

GET _analyze

{

  "analyzer": "standard",

  "text": "He my polite be object oh change. Consider no mr am overcame yourself throwing sociable children. Hastily her totally conduct may. "

}

//simple

GET _analyze

{

  "analyzer": "simple",

  "text": "He my polite be object oh change. Consider no mr am overcame yourself throwing sociable children. Hastily her totally conduct may. "

}

//stop

GET _analyze

{

  "analyzer": "stop",

  "text": "Six started far placing saw respect females old. Civilly why how end viewing attempt related enquire visitor. Man particular insensible celebrated conviction stimulated principles day. "

}

//whitespace

GET _analyze

{

  "analyzer": "whitespace",

  "text": "Six started far placing saw respect females old. Civilly why how end viewing attempt related enquire visitor. Man particular insensible celebrated conviction stimulated principles day."

}

//keyword

GET _analyze

{

  "analyzer": "keyword",

  "text": "Six started far placing saw respect females old. Civilly why how end viewing attempt related enquire visitor. Man particular insensible celebrated conviction stimulated principles day."

}

//pattern,default \w

GET _analyze

{

  "analyzer": "pattern",

  "text": "2 Six started far-placing saw respect females old. Civilly why how end viewing attempt related enquire visitor. Man particular insensible celebrated conviction stimulated principles day."

}

GET _analyze

{

  "analyzer": "english",

  "text": "2 Six started far-placing saw respect females old. Civilly why how end viewing attempt related enquire visitor. Man particular insensible celebrated conviction stimulated principles day."

}

GET _analyze

{

  "analyzer": "icu_analyzer",

  "text": "他說的的確在理“"

}

GET _analyze

{

  "analyzer": "standard",

  "text": "他說的的確在理“"

}

search api

  • URL Search 使用 q
  • Request Body search
/_search

/index1/_search

URL Search

  • q
  • df 默认字段
  • sort
  • profile
GET /movies/_search?q=2012&df=title

{

  "profile":"true"

}

//泛查询

GET /movies/_search?q=2012

{

  "profile":"true"

}

//指定查询

GET /movies/_search?q=title:2012

{

  "profile":"true"

}

//使用引号

GET /movies/_search?q=title:"Beautiful Mind"

{

  "profile":"true"

}

//查找美丽心灵,Mind 泛查询

GET /movies/_search?q=title:Beautiful Mind

{

  "profile":"true"

}

//分组,bool查询

GET /movies/_search?q=title:(Beautiful Mind)

{

  "profile":"true"

}

//查找美丽心灵

GET /movies/_search?q=title:(Beautiful AND Mind)

{

  "profile":"true"

}

GET /movies/_search?q=title:(Beautiful NOT Mind)

{

  "profile":"true"

}

//%2B 加号

GET /movies/_search?q=title:(Beautiful %2BMind)

{

  "profile":"true"

}

GET /movies/_search?q=year:>=1990

{

  "profile":"true"

}

GET /movies/_search?q=title:b*

{

  "profile":"true"

}

GET /movies/_search?q=title:beautiful~1

{

  "profile":"true"

}

GET /movies/_search?q=title:"Lord Rings"~2

{

  "profile":"true"

}

Request body search

POST kibana_sample_data_ecommerce/_search

{

  "_source": ["order_date"],

  "sort": [

    {

      "order_date": {

        "order": "desc"

      }

    }

  ],

  "query": {

    "match_all": {}

  }

}

//脚本字段

GET kibana_sample_data_ecommerce/_search

{

  "script_fields": {

    "new_field": {

      "script": {

        "lang":"painless",

        "source": "doc['order_date'].value+'_hello'"

      }

    }

  },

  "query": {

    "match_all": {}

  }

}

POST movies/_search

{

  "query": {

    "match": {

      "title": "Last Christmas"

    }

  }

}

POST movies/_search

{

  "query": {

    "match": {

      "title": {

        "query": "Last Christmas",

        "operator": "AND"

      }

    }

  }

}

POST movies/_search

{

  "query": {

    "match_phrase": {

      "title": {

        "query": "one love"

      }

    }

  }

}

POST movies/_search

{

  "query": {

    "match_phrase": {

      "title": {

        "query": "one love",

        "slop": 1

      }

    }

  }

}

query_string

simple query string query

elasticsearch学习笔记001的更多相关文章

  1. Elasticsearch学习笔记一

    Elasticsearch Elasticsearch(以下简称ES)是一款Java语言开发的基于Lucene的高效全文搜索引擎.它提供了一个分布式多用户能力的基于RESTful web接口的全文搜索 ...

  2. [Oracle]OWI学习笔记--001

    [Oracle]OWI学习笔记--001 在 OWI 的概念里面,最为重要的是 等待事件 和 等待时间. 等待事件发生时,需要通过 P1,P2,P3 查看具体的资源. 可以通过 v$session_w ...

  3. elasticsearch学习笔记——相关插件和使用场景

    logstash-input-jdbc学习 ES(elasticsearch缩写)的一大优点就是开源,插件众多.所以扩展起来非常的方便,这也造成了它的生态系统越来越强大.这种开源分享的思想真是与天朝格 ...

  4. TensorFlow机器学习框架-学习笔记-001

    # TensorFlow机器学习框架-学习笔记-001 ### 测试TensorFlow环境是否安装完成-----------------------------```import tensorflo ...

  5. ElasticSearch学习笔记(超详细)

    文章目录 初识ElasticSearch 什么是ElasticSearch ElasticSearch特点 ElasticSearch用途 ElasticSearch底层实现 ElasticSearc ...

  6. Web前端学习笔记(001)

    ....编号    ........类别    ............条目  ................明细....................时间 一.Web前端学习笔记         ...

  7. 【原】无脑操作:ElasticSearch学习笔记(01)

    开篇来自于经典的“保安的哲学三问”(你是谁,在哪儿,要干嘛) 问题一.ElasticSearch是什么?有什么用处? 答:截至2018年12月28日,从ElasticSearch官网(https:// ...

  8. ElasticSearch学习笔记-01 简介、安装、配置与核心概念

    一.简介 ElasticSearch是一个基于Lucene构建的开源,分布式,RESTful搜索引擎.设计用于云计算中,能够达到实时搜索,稳定,可靠,快速,安装使用方便.支持通过HTTP使用JSON进 ...

  9. Elasticsearch学习笔记

    Why Elasticsearch? 由于需要提升项目的搜索质量,最近研究了一下Elasticsearch,一款非常优秀的分布式搜索程序.最开始的一些笔记放到github,这里只是归纳总结一下. 首先 ...

随机推荐

  1. Java Exception异常介绍

     一:介绍java异常       异常指不期而至的各种状况,如:文件找不到.网络连接失败.非法参数等.异常是一个事件,它发生在程序运行期间,干扰了正常的指令流程.Java通 过API中Throwab ...

  2. Kotlin之let,apply,with,run函数区别(转)

    转自:https://blog.csdn.net/guijiaoba/article/details/54615036 Kotlin之let,apply,with,run函数区别 重新整理 重新整理了 ...

  3. Python3.5-20190507-廖老师-自我笔记-迭代

    可以使用for x in 数据 的那么 这个数据就是可迭代对象. 通过计算生成下一个值的数据就是生成器 可以使用next(数据) 来计算出下一个值的数据就是迭代器(生成器属于迭代器) -------- ...

  4. sqlserver数据导入问题:报错“对COM组件的调用返回了错误HRESULT E_FAIL”

    SQL server 2008,导出了两个sql文件. 打开第一个文件,没有问题,建好相应的数据库,运行脚本,即可导入. 第二个文件却遇到问题,始终报错“对COM组件的调用返回了错误HRESULT E ...

  5. iter()(一)

    >>> f=open('script2.py') >>> f <_io.TextIOWrapper name='script2.py' mode='r' en ...

  6. Hashtable、HashMap、TreeMap、ConcurrentHashMap、ConcurrentSkipListMap区别

    原创转载请注明出处:https://www.cnblogs.com/agilestyle/p/11444013.html 并发场景下的Map容器使用场景 如果对数据有强一致要求,则需使用Hashtab ...

  7. 【leetcode】998. Maximum Binary Tree II

    题目如下: We are given the root node of a maximum tree: a tree where every node has a value greater than ...

  8. datagrid+toolbar 不分页 显示

    1 新建DataGrid.js文件 /*** * * *el: table id * ***/ function showDataGrid(el) { $(el).datagrid({ title: ...

  9. 【集群】Redis集群设计原理

    Redis集群设计包括2部分:哈希Slot和节点主从 节点主从: 主从设计不算什么新鲜玩意,在数据库中我们也经常用主从来做读写分离,直接上图: 图上能看得到的信息: 1, 只有1个Master,可以有 ...

  10. 牛客挑战赛33 F 淳平的形态形成场(无向图计数,EGF,多项式求逆)

    传送门: 淳平的形态形成场 题解: 把a排序后,直接统计答案恰好为a[i]并不好做,可以统计答案>a[i]的方案数,设为\(f[i]\). 即不存在一个联通块,所有的权值都<=a[i]. ...