Import test data
https://gitee.com/UnityAlvin/test/blob/master/accounts.json
Import test data.
POST bank/account/_bulk
SearchAPI
The following operations are performed in kibana dev tools
uri + retrieval parameters
request
Send search parameters via REST request uri
GET bank/_search?q=*&sort=account_number:asc
-
Bank /: under the bank index
-
_ search: fixed format
-
?: All search conditions
-
q = *: query all
-
&sort=account_number: ASC: by account_number in ascending order
result
Elasticsearch will return 10 pieces of data by default
- took – Elasticsearch time to execute the search (MS)
- timed_out – whether the search timed out
- _ shards – how many slices have been searched and how many successful / failed search slices have been counted
- hits.total - records queried
- hits.total.value - indicates how many records have been matched
- hits.total.relation - retrieved relation
- hits.max_score – maximum score (for full-text retrieval)
- hits.hits - array of actual search results (default to the top 10 documents)
- hits.hits._score - correlation score (for full-text retrieval)
- hits.hits.sort - sort key of the result (if not, sort by score)
uri + request body
Send them through the REST request body
request
GET bank/_search
{
"query": {
"match_all": {}
},
"sort": [
{
"account_number": "desc"
}
]
}
- "Query": query criteria
- "match_all": match all detailed rules
- "sort": sorting criteria. You can add multiple sorting criteria
- "account_number": "desc": according to account_ Number in descending order
result
Query DSL
Elasticsearch provides a Json style DSL (domain specific language) that can execute queries. Called Query DSL, the query language is very comprehensive.
Basic syntax format
Typical structure of a query statement:
QUERY_NAME:{
ARGUMENT:VALUE,
ARGUMENT:VALUE,...
}
For a field, its structure is as follows:
{
QUERY_NAME:{
FIELD_NAME:{
ARGUMENT:VALUE,
ARGUMENT:VALUE,...
}
}
}
Request example:
GET bank/_search
{
"query": {
"match_all": {}
},
"from": 0,
"size": 5,
"sort": [
{
"account_number": {
"order": "desc"
},
"balance": {
"order": "asc"
}
}
]
}
# match_all query type [represents all query types]. In es, you can combine many query types in query to complete complex queries;
# from+size limit to complete paging function; Starting from the first data, how much data is there on each page
# Sort sort, multi field sort, will sort the subsequent fields when the previous fields are equal, otherwise the previous order will prevail;
Return partial fields
request
GET bank/_search
{
"query": {
"match_all": {}
},
"from": 0,
"size": 5,
"sort": [
{
"account_number": {
"order": "desc"
}
}
],
"_source": ["balance","firstname"]
}
-
"_source": query some fields
-
"From": from the first record
-
"size": query 5 records
result
match query
Exact match - base type (non string)
Find account_ For data with number 20, it is recommended to use term for retrieval
GET bank/_search
{
"query": {
"match": {
"account_number": 20
}
}
}
Exact match - string
Find data with address 288 Mill Street
GET bank/_search
{
"query": {
"match": {
"address.keyword": "288 Mill Street"
}
}
}
Full text search - string
In full-text retrieval, the search conditions will be matched by word segmentation, and finally arranged in descending order according to the score.
Find the data whose address contains mill or lane
GET bank/_search
{
"query": {
"match": {
"address": "mill lane"
}
}
}
Full text search - basic type (non string)
GET bank/_search
{
"query": {
"match": {
"account_number": "20"
}
}
}
match_phrase phrase matching
The values to be matched are retrieved as a whole (without word segmentation)
Find the data with address containing mill lane
GET bank/_search
{
"query": {
"match_phrase": {
"address": "mill lane"
}
}
}
multi_math multi field matching
Find the data of city or address containing mill movico, and the query criteria will be segmented
GET bank/_search
{
"query": {
"multi_match": {
"query": "mill movico",
"fields": [
"city",
"address"
]
}
}
}
bool compound query
Compound statements can merge any other query statements, including compound statements. This means that compound statements can be nested with each other and can express very complex logic.
Query address contains mill, gender contains M, age is not 18, and lastname preferably contains Wallace data
GET bank/_search
{
"query": {
"bool": {
"must": [
{
"match": {
"address": "mill"
}
},
{
"match": {
"gender": "M"
}
}
],
"must_not": [
{
"match": {
"age": 18
}
}
],
"should": [
{
"match": {
"lastname": "Wallace"
}
}
]
}
}
}
- "Must": conditions that must be met
- "must_not": conditions that must not be met
- "should": a condition that must not be met. Points can be added if it is met
filter result filtering
Query data of 18 < = age < = 30
GET bank/_search
{
"query": {
"bool": {
"filter": {
"range": {
"age": {
"gte": 18,
"lte": 30
}
}
}
}
}
}
The filter filters the results and does not calculate the correlation score.
term exact retrieval
Elasticsearch officially recommends using term to accurately retrieve non text fields.
Find data with age 28
GET bank/_search
{
"query": {
"term": {
"age": "28"
}
}
}
Aggregation - perform aggregation
Aggregation provides the ability to group and extract data from data. The simplest aggregation method is roughly equal to SQL GROUPBY and SQL aggregation function. In elastic search, you have the ability to perform a search and return hits (hit results) and aggregate results at the same time, separating all hits (hit results) in a response. This is very powerful and effective. You can execute queries and multiple aggregations, get their own (any) return results in one use, and use a concise and simplified API to avoid network roundtrip.
grammar
"aggs/aggregations" : {
"<Aggregate name>" : {
"<Aggregation type>" : {
<Content of polymer>
}
[,"meta" : { [<meta_data_body>] } ]?
[,"aggs/aggregations" : { [<sub_aggregation>]+ } ]?
}
[,"<Aggregation 2>" : { ... } ]*
}
There can be multiple peer aggregations in an aggs. If you want to add sub aggregations to an aggregation, you need to add a separate aggs for the sub aggregation
Example 1
# Search the age distribution, average age and average salary of all people with mill in the address
GET bank/_search
{
"query": {
"match": {
"address": "mill"
}
},
"aggs": {
"ageAgg": {
"terms": {
"field": "age",
"size": 10
}
},
"ageAvg":{
"avg": {
"field": "age"
}
},
"balanceAvg":{
"avg": {
"field": "balance"
}
}
},
"size": 0
}
Example 2
# Aggregate by age and find the average salary of people in these age groups
GET bank/_search
{
"query": {
"match_all": {}
},
"aggs": {
"ageAggs": {
"terms": {
"field": "age",
"size": 100
},
"aggs": {
"balanceAvg": {
"avg": {
"field": "balance"
}
}
}
}
},
"size": 0
}
Example 3
# Find out all age distributions, and find out the average salary of M, F, and the average salary of this age group
GET bank/_search
{
"query": {
"match_all": {}
},
"aggs": {
"ageAgg": {
"terms": {
"field": "age",
"size": 100
},
"aggs": {
"genderAgg": {
"terms": {
"field": "gender.keyword",
"size": 10
},
"aggs": {
"genderBalanceAvg": {
"avg": {
"field": "balance"
}
}
}
},
"ageBalanceAvg": {
"avg": {
"field": "balance"
}
}
}
}
},
"size": 0
}