小贝子编程

has_parent和has_child查询总是返回空结果:ElasticSearch 2.1.1



我已经在 3 节点集群上安装了 elasticsearch 2.1.1。以下是我的索引,有两种类型

{
    "log-aggregation": {
        "mappings": {
            "application-logs": {
                "_all": {
                    "enabled": true
                },
                "_parent": {
                    "type": "webserver-logs"
                },
                "_routing": {
                    "required": true
                },
                "properties": {
                    "localhost": {
                        "type": "string",
                        "index": "not_analyzed",
                        "include_in_all": true
                    },
                    "log_level": {
                        "type": "string",
                        "include_in_all": true
                    },
                    "logging_class": {
                        "type": "string",
                        "include_in_all": true
                    },
                    "logging_message": {
                        "type": "string",
                        "index": "no",
                        "include_in_all": true
                    },
                    "origin": {
                        "type": "string",
                        "index": "not_analyzed",
                        "include_in_all": true
                    },                    
                    "request_date": {
                        "type": "date",
                        "format": "YYYY-MM-dd HH:mm:ss,SSS",
                        "include_in_all": true
                    },
                    "request_time": {
                        "type": "long",
                        "include_in_all": true
                    },
                    "request_timestamp": {
                        "type": "date",
                        "format": "epoch_millis",
                        "include_in_all": true
                    },
                    "response_time": {
                        "type": "string"
                    },
                    "response_timestamp": {
                        "type": "date",
                        "format": "epoch_millis",
                        "include_in_all": true
                    },
                    "unique_id": {
                        "type": "string",
                        "index": "not_analyzed",
                        "include_in_all": true
                    }
                }
            },
            "webserver-logs": {
                "_all": {
                    "enabled": true
                },
                "_routing": {
                    "required": true
                },
                "properties": {
                    "accept_type": {
                        "type": "string",
                        "index": "no",
                        "include_in_all": true
                    },
                    "content_type": {
                        "type": "string",
                        "index": "no",
                        "include_in_all": true
                    },
                    "http_method": {
                        "type": "string",
                        "include_in_all": true
                    },
                    "http_protocol": {
                        "type": "string"
                    },
                    "http_status": {
                        "type": "long",
                        "index": "analyzed",
                        "include_in_all": true
                    },
                    "http_url": {
                        "type": "string"
                    },
                    "localhost": {
                        "type": "string",
                        "index": "not_analyzed",
                        "include_in_all": true
                    },
                    "origin": {
                        "type": "string",
                        "index": "not_analyzed",
                        "include_in_all": true
                    },
                    "referrer": {
                        "type": "string",
                        "index": "no",
                        "include_in_all": true
                    },
                    "request_timestamp": {
                        "type": "date",
                        "format": "epoch_millis",
                        "include_in_all": true
                    },
                    "response_size": {
                        "type": "short",
                        "index": "no",
                        "include_in_all": true
                    },
                    "timestamp": {
                        "type": "string"
                    },
                    "unique_id": {
                        "type": "string",
                        "index": "not_analyzed",
                        "include_in_all": true
                    },
                    "useragent": {
                        "type": "string",
                        "index": "no",
                        "include_in_all": true
                    }
                }
            }
        }
    }
}

以下是我索引的文档。

在 http://SERVERNAME:9200/log-aggregation/webserver-logs?routing=VlN6VQoEFHAAAEcxAUUAAAAC 处发布

{
  "localhost": "svcdev104.imagitas.com",
  "origin": "10.4.30.112" ,
  "unique_id": "VlN6VQoEFHAAAEcxAUUAAAAC",
  "timestamp": "1448311381504",
  "http_method": "POST",
  "http_url": "/registration/v1/save",
  "http_protocol": "HTTP/1.1",
  "http_status": "500",
  "response_size" : "137",
  "accept_type": "application/json",
  "content_type": "application/json",
  "referrer": "-",
  "useragent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36"
}

发布 http://SERVERNAME:9200/log-aggregation/application-logs?routing=VlN6VQoEFHAAAEcxAUUAAAAC&parent=VlN6VQoEFHAAAEcxAUUAAAAC

{
  "localhost": "svcdev104.imagitas.com",
  "origin": "chrome-extension://aejoelaoggembcahagimdiliamlcdmfm",
  "unique_id": "VlN6VQoEFHAAAEcxAUUAAAAC",
  "request_timestamp": "1448311331605",
  "response_timestamp": "1448311381609",
  "response_time": "4",
  "request_date": "2015-11-23 12:53:01,605",
  "log_level": "WARN",
  "logging_class": "LoggingResponseInterceptor",
  "logging_message": "Registration data persistence failed ....."
}

现在,我正在运行has_childhas_parent查询,但没有得到任何结果。我正在查询每种类型并获得结果,但当我运行has_childhas_parent查询时不会

以下是示例查询

发布 http://SERVERNAME:9200/log-aggregation/application-logs/_search

{
  "query": {
    "has_parent": {
      "type": "webserver-logs", 
      "query": {
        "match": {
          "http_status": "500"
        }
      }
    }
  }
}

任何帮助将不胜感激。谢谢斯里兰卡

您需要

设置父级的_id,否则子项不会映射到它。

因此,您的第一个文档插入应如下所示:

POST http://SERVERNAME:9200/log-aggregation/webserver-logs/VlN6VQoEFHAAAEcxAUUAAAAC/?routing=VlN6VQoEFHAAAEcxAUUAAAAC
{
   "localhost": "svcdev104.imagitas.com",
   "origin": "10.4.30.112",
   "unique_id": "VlN6VQoEFHAAAEcxAUUAAAAC",
   "timestamp": "1448311381504",
   "http_method": "POST",
   "http_url": "/registration/v1/save",
   "http_protocol": "HTTP/1.1",
   "http_status": "500",
   "response_size": "137",
   "accept_type": "application/json",
   "content_type": "application/json",
   "referrer": "-",
   "useragent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36"
}

然后您的查询将起作用。

这是我用来测试它的代码:

http://sense.qbox.io/gist/ff5d4fcd6bca62853f2d506e0b81a7290ee727d7

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium