我正在发送以下弹性搜索查询,当通过uri-search发送时,它表现得非常好。但是使用带有身体呼叫的帖子 - 它不能按预期工作。请建议如何更正查询。
这有效:
获取电话
<someUrl>/elasticsearch/index/_search?q=host:host-0
响应(仅限于主机-0(
{
"took": 4,
"timed_out": false,
"_shards": {
"total": 5,
"successful": 5,
"failed": 0
},
"hits": {
"total": 128040,
"max_score": 2.0973763,
"hits": [{
"_index": "123"
"_type": "log_message",
"_id": "123",
"_score": 111,
"_source": {
"host": "host-0",
"pid": 333,
"timestamp": "2017-04-06T04:29:44.724Z",
"priority": 7,
"namespace": "syslog",
"msg": "aaaaa"
}
},
"_index": "345"
"_type": "log_message",
"_id": "345",
"_score": 111,
"_source": {
"host": "host-0",
"pid": 333,
"timestamp": "2017-04-06T04:29:44.724Z",
"priority": 7,
"namespace": "syslog",
"msg": "aaaaa"
}
},
.....
}
这不起作用:
发布通话
<someUrl>/elasticsearch/index/_search
开机自检呼叫正文:
{
"query" : {
"term" : { "host": "host-0" }
}
}
响应(不限于主机-0(
{
"took": 4,
"timed_out": false,
"_shards": {
"total": 5,
"successful": 5,
"failed": 0
},
"hits": {
"total": 128040,
"max_score": 2.0973763,
"hits": [{
"_index": "123"
"_type": "log_message",
"_id": "123",
"_score": 111,
"_source": {
"host": "host-1",
"pid": 333,
"timestamp": "2017-04-06T04:29:44.724Z",
"priority": 7,
"namespace": "syslog",
"msg": "aaaaa"
}
},
"_index": "345"
"_type": "log_message",
"_id": "345",
"_score": 111,
"_source": {
"host": "host-0",
"pid": 333,
"priority": 7,
"namespace": "syslog",
"msg": "aaaaa"
}
},
"_index": "546"
"_type": "log_message",
"_id": "546",
"_score": 111,
"_source": {
"host": "host-0",
"pid": 222,
"priority": 7,
"namespace": "syslog",
"msg": "aaaaa"
}
},
.....
}
获取此索引返回GET/elasticsearch/
"host": {
"type": "string",
"index": "not_analyzed"
},
在 GET 调用中,将分析令牌host-0。如果您尝试以下 GET 调用(用双引号将host-0括起来(,您基本上将获得与 POST 调用相同的查询,并且不会得到任何结果。
<someUrl>/elasticsearch/index/_search?q=host:"host-0"
如果需要结果,则需要使用match查询而不是term查询。这相当于...?q=host:host-0 GET 调用。
{
"query" : {
"match" : { "host": "host-0" }
}
}
最后,我认为您的host字段具有text类型,而它应该具有keyword类型。