【发布时间】:2015-04-10 17:17:08
【问题描述】:
我尝试在不使用 Java API 的情况下查询 Java 中现有的弹性搜索库。 这个 elasticsearch base 属于一个 ELK 集群。
正确的 cURL 查询是:
curl -XGET 'http://10.60.74.134:9200/logstash-2015.04.09/_search?pretty' -d '{
"facets": {
"0": {
"date_histogram": {
"field": "@timestamp",
"interval": "5m"
},
"global": true,
"facet_filter": {
"fquery": {
"query": {
"filtered": {
"query": {
"query_string": {
"query": "*"
}
},
"filter": {
"bool": {
"must": [
{
"range": {
"@timestamp": {
"from": 1428558001338,
"to": 1428579601338
}
}
},
{
"terms": {
"_type": [
"akaoatg-monitoring"
]
}
}
]
}
}
}
}
}
}
}
},
"size": 0
}'
效果很好,并返回我的 JSON 结果:
{
"took" : 185,
"timed_out" : false,
"_shards" : {
"total" : 5,
"successful" : 5,
"failed" : 0
},
"hits" : {
"total" : 9106263,
"max_score" : 0.0,
"hits" : [ ]
},
"facets" : {
"0" : {
"_type" : "date_histogram",
"entries" : [ {
"time" : 1428458700000,
"count" : 2429
}, {
"time" : 1428459000000,
"count" : 21128
}, {
"time" : 1428459300000,
"count" : 21354
} ]
}
}
}
我尝试在 java 中使用 http 请求获得相同的结果:
try {
URL url = new URL("http://10.60.74.134:9200/logstash-2015.04.09/_search?pretty'-d'{\"facets\":{\"terms\":{\"terms\":{\"field\":\"_type\",\"size\":10,\"order\":\"count\",\"exclude\":[]},\"facet_filter\":{\"fquery\":{\"query\":{\"filtered\":{\"query\":{\"bool\":{\"should\":[{\"query_string\":{\"query\":\"*\"}}]}},\"filter\":{\"bool\":{\"must\":[{\"range\":{\"@timestamp\":{\"from\":1428558001341,\"to\":1428579601341}}},{\"terms\":{\"_type\":[\"akaoatg-monitoring\"]}}]}}}}}}}},\"size\":0}");
BufferedReader br = new BufferedReader(new InputStreamReader(url.openStream()));
String strTemp;
while((strTemp = br.readLine()) != null){
System.out.println(strTemp);
}
} catch (Exception ex) {
ex.printStackTrace();
}
我在这里使用的 URL 是 cURL 请求,其格式适合 http 请求。 此请求返回给我一个不包含相同结果的字符串。 这是java结果的一部分:
{"took":22,
"timed_out":false,
"_shards":{"total":5,
"successful":5,
"failed":0},
"hits":{"total":4621367,
"max_score":1.0,
"hits":[{"_index":"logstash-2015.04.09",
"_type":"xxx",
"_id":"xxx",
"_score":xxx,
"_source":{"@version":"xxx",
"@timestamp":"2015-04-09T01:09:59.347Z",
"host":"xxx",
"type":"xxx",
"sys_priority":"xxx",
"sys_timestamp":"xxx",
"logsource":"xxx",
"application":"xxx",
"year":"2015",
"month":"04",
"day":"09",
"hour":"01",
"minute":"09",
"second":"58",
"trace_level":"3",
"host_name":"xxx",
"adh_port":"xxx",
"timestamp_adh":1428541798954,
"time_adh":27,
"adh_uuid":"xxx",
"Service":"xxx",
"ReturnCode":"0",
"ErrorMessage":"null",
"Site":"null",
"BaseType":"null",
"PlatForm":"0",
"Cad_sender":"",
"Domain":"xxx",
"Freshness":"9",
"ClientProcessID":"xxx",
"CallMode":"S",
"SystemMode":"R",
"Sad_receiver":"",
"ConnectionType":"IP",
"DataFormat":"",
"HeaderType":"H4",
"AdhesionVersion":"null",
"Length":"10",
"ConnectionInfo":"null",
"ConnectionInfoKey":"null",
"Comments":"null",
"ActionCode":"null",
"TimeStamp":20150409010958,
"ServerProgramName":"null",
"TransactionCode":"null",
"TraceLevel":"null",
"LU":"null",
"HostName":"xxx",
"Port":"xxx",
"Timer":20,
"SendQueue":"null",
"ReturnQueue":"",
"PDM":"",
"RFU":"null",
"FTU":"",
"ActivationFlag":"null",
"HistoryQueue":"null",
"ErrorQueue":"null",
"CallReference":"xxx",
"IPAddress":"xxx",
"MessageType":"I",
"ProgramName":"null",
"UserName":"xxx",
"BeginTime":"24:00:00",
"EndTime":"24:00:00",
"duration":0,
"cnx_running":0,
"cnx_max":0}}]}}
知道我做错了什么吗?
【问题讨论】:
-
我很确定它不会那样工作,相反,您可以尝试使用 Apache 客户端作为发送帖子请求的解决方案
-
所以绝对没有办法只使用 java 获得结果?
-
你至少可以匿名化你得到的字符串吗?当然,它可以像那样工作(ElasticSearch 毕竟支持 REST API),所以可能还有其他问题。要检查的一件事:如果您打印出您生成的那个 URL,它会产生一个有效的查询吗?您可以尝试将其复制粘贴到类似 Sense 插件中。
-
apache 客户端是一个 java 库,所以你可以使用 java 来获取结果
-
@Ashalynd 我在帖子中添加了一个匿名字符串
标签: java elasticsearch