Java elasticsearch API 在 WM 机器上使用 Elasticsearch 服务器
Java elasticsearch API with Elasticsearch server on WM machine
我在 Kibana 4.4.1 中对 Elasticsearch 进行了查询,如下所示:
{
"size": 0,
"query": {
"filtered": {
"query": {
"query_string": {
"query": "FALK0911622560T",
"analyze_wildcard": true
}
},
"filter": {
"bool": {
"must": [
{
"range": {
"@timestamp": {
"gte": 1438290000000,
"lte": 1440968400000,
"format": "epoch_millis"
}
}
}
],
"must_not": []
}
}
}
},
"aggs": {
"2": {
"date_histogram": {
"field": "@timestamp",
"interval": "1w",
"time_zone": "Europe/Helsinki",
"min_doc_count": 1,
"extended_bounds": {
"min": 1438290000000,
"max": 1440968400000
}
},
"aggs": {
"1": {
"percentiles": {
"field": "Quantity",
"percents": [
50
]
}
}
}
}
}
}
这段代码将 return 所有具有 "ProductCode" = FALK0911622560T" 的文档,在给定的时间间隔之间。
我用 Elasticsearch Java API 尝试了同样的事情,代码如下:
BoolQueryBuilder boolQueryBuilder = QueryBuilders.boolQuery().must(QueryBuilders.matchQuery(matchQueryKey,matchQueryValue));
SearchResponse response = client.prepareSearch(indexName)
.setTypes(indexTypeName)
.setQuery(boolQueryBuilder)
.setSize(100)
.addAggregation(AggregationBuilders
.dateHistogram("myHistogram")
.field("@timestamp")
.interval(DateHistogramInterval.WEEK)
.timeZone("Europe/Helsinki")
.minDocCount(1)
.extendedBounds(1438290000000L, 1440968400000L))
.addFields(fieldsOfInterest)
.execute()
.actionGet();
response.getAggregations();
但是我得到了索引中的所有文档 "ProductCode" = FALK0911622560T.
在给定时间之间,我在 response.getAgregations() 上应该只有 5 个文档,因为我将间隔设置为周。
Elasticsearch 中的文档如下所示:
{
"_index": "warehouse-550",
"_type": "core2",
"_id": "AVOKCqQ68h4KkDGZvk6b",
"_score": null,
"_source": {
"message": "5,550,67.01,FALK0911622560T,2015-07-31;08:00:00.000\r",
"@version": "1",
"@timestamp": "2015-07-31T06:00:00.000Z",
"path": "D:/Programs/Logstash/x_testingLocally/processed-stocklevels-550-25200931072015.csv",
"host": "EVO385",
"type": "core2",
"Quantity": 5,
"Warehouse": "550",
"Price": 67.01,
"ProductCode": "FALK0911622560T",
"Timestamp": "2015-07-31;08:00:00.000"
},
"fields": {
"@timestamp": [
1438322400000
]
},
"highlight": {
"ProductCode": [
"@kibana-highlighted-field@FALK0911622560T@/kibana-highlighted-field@"
],
"message": [
"5,550,67.01,@kibana-highlighted-field@FALK0911622560T@/kibana-highlighted-field@,2015-07-31;08:00:00.000\r"
]
},
"sort": [
1438322400000
]
}
请帮忙。
谢谢。
您没有添加 rangeQuery。将您的 boolQueryBuilder 更改为以下内容:
BoolQueryBuilder boolQueryBuilder = QueryBuilders.boolQuery().must(QueryBuilders.matchQuery(matchQueryKey,matchQueryValue)).must(QueryBuilders.rangeQuery("@timestamp").gte(fromValue).lte(toValue));
您可以使用以下方式获取存储桶:
InternalDateHistogram histogram = searchResponse.getAggregations().getAsMap().get(aggregation_name);
List bucketList = histogram?.getBuckets()
我在 Kibana 4.4.1 中对 Elasticsearch 进行了查询,如下所示:
{
"size": 0,
"query": {
"filtered": {
"query": {
"query_string": {
"query": "FALK0911622560T",
"analyze_wildcard": true
}
},
"filter": {
"bool": {
"must": [
{
"range": {
"@timestamp": {
"gte": 1438290000000,
"lte": 1440968400000,
"format": "epoch_millis"
}
}
}
],
"must_not": []
}
}
}
},
"aggs": {
"2": {
"date_histogram": {
"field": "@timestamp",
"interval": "1w",
"time_zone": "Europe/Helsinki",
"min_doc_count": 1,
"extended_bounds": {
"min": 1438290000000,
"max": 1440968400000
}
},
"aggs": {
"1": {
"percentiles": {
"field": "Quantity",
"percents": [
50
]
}
}
}
}
}
}
这段代码将 return 所有具有 "ProductCode" = FALK0911622560T" 的文档,在给定的时间间隔之间。
我用 Elasticsearch Java API 尝试了同样的事情,代码如下:
BoolQueryBuilder boolQueryBuilder = QueryBuilders.boolQuery().must(QueryBuilders.matchQuery(matchQueryKey,matchQueryValue));
SearchResponse response = client.prepareSearch(indexName)
.setTypes(indexTypeName)
.setQuery(boolQueryBuilder)
.setSize(100)
.addAggregation(AggregationBuilders
.dateHistogram("myHistogram")
.field("@timestamp")
.interval(DateHistogramInterval.WEEK)
.timeZone("Europe/Helsinki")
.minDocCount(1)
.extendedBounds(1438290000000L, 1440968400000L))
.addFields(fieldsOfInterest)
.execute()
.actionGet();
response.getAggregations();
但是我得到了索引中的所有文档 "ProductCode" = FALK0911622560T.
在给定时间之间,我在 response.getAgregations() 上应该只有 5 个文档,因为我将间隔设置为周。
Elasticsearch 中的文档如下所示:
{
"_index": "warehouse-550",
"_type": "core2",
"_id": "AVOKCqQ68h4KkDGZvk6b",
"_score": null,
"_source": {
"message": "5,550,67.01,FALK0911622560T,2015-07-31;08:00:00.000\r",
"@version": "1",
"@timestamp": "2015-07-31T06:00:00.000Z",
"path": "D:/Programs/Logstash/x_testingLocally/processed-stocklevels-550-25200931072015.csv",
"host": "EVO385",
"type": "core2",
"Quantity": 5,
"Warehouse": "550",
"Price": 67.01,
"ProductCode": "FALK0911622560T",
"Timestamp": "2015-07-31;08:00:00.000"
},
"fields": {
"@timestamp": [
1438322400000
]
},
"highlight": {
"ProductCode": [
"@kibana-highlighted-field@FALK0911622560T@/kibana-highlighted-field@"
],
"message": [
"5,550,67.01,@kibana-highlighted-field@FALK0911622560T@/kibana-highlighted-field@,2015-07-31;08:00:00.000\r"
]
},
"sort": [
1438322400000
]
}
请帮忙。 谢谢。
您没有添加 rangeQuery。将您的 boolQueryBuilder 更改为以下内容:
BoolQueryBuilder boolQueryBuilder = QueryBuilders.boolQuery().must(QueryBuilders.matchQuery(matchQueryKey,matchQueryValue)).must(QueryBuilders.rangeQuery("@timestamp").gte(fromValue).lte(toValue));
您可以使用以下方式获取存储桶:
InternalDateHistogram histogram = searchResponse.getAggregations().getAsMap().get(aggregation_name);
List bucketList = histogram?.getBuckets()