ELK

ELK 엘라스틱서치 Search Function

,

1. ELK 엘라스틱 서치 SearchFunction

이번에 포스팅에서는 ELK의 SearchFunction에 대해서 살펴보겠습니다.

Data

1
2
3
4
curl -XPOST -H 'Content-Type:application/json' 'localhost:9200/_bulk' --dat
a-binary @simple_basketball.json

{"took":1391,"errors":false,"items":[{"index":{"_index":"basketball","_type":"record","_id":"1","_version":1,"result":"created","_shards":{"total":2,"successful":1,"failed":0},"_seq_no":0,"_primary_term":1,"status":201}},{"index":{"_index":"basketball","_type":"record","_id":"2","_version":1,"result":"created","_shards":{"total":2,"successful":1,"failed":0},"_seq_no":1,"_primary_term":1,"status":201}}]}%

다음과 같은 데이터를 가지고 확인을 해보겠습니다. 그러면 두개의 Document가 삽입되게 됩니다.

Search

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
curl -XGET localhost:9200/basketball/record/_search\?pretty
{
  "took" : 80,
  "timed_out" : false,
  "_shards" : {
    "total" : 1,
    "successful" : 1,
    "skipped" : 0,
    "failed" : 0
  },
  "hits" : {
    "total" : {
      "value" : 2,
      "relation" : "eq"
    },
    "max_score" : 1.0,
    "hits" : [
      {
        "_index" : "basketball",
        "_type" : "record",
        "_id" : "1",
        "_score" : 1.0,
        "_source" : {
          "team" : "Chicago Bulls",
          "name" : "Michael Jordan",
          "points" : 30,
          "rebounds" : 3,
          "assists" : 4,
          "submit_date" : "1996-10-11"
        }
      },
      {
        "_index" : "basketball",
        "_type" : "record",
        "_id" : "2",
        "_score" : 1.0,
        "_source" : {
          "team" : "Chicago Bulls",
          "name" : "Michael Jordan",
          "points" : 20,
          "rebounds" : 5,
          "assists" : 8,
          "submit_date" : "1996-10-11"
        }
      }
    ]
  }
}

다음과 같이 데이터가 정상적으로 들어가고 Documents가 조회되는것들을 확인할 수 있습니다.

SEARCH -URI

-URI 옵션을 사용하여 제가 조회할 데이터들을 조회할 수 있습니다.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
curl -XGET 'localhost:9200/basketball/record/_search?q=points:30&pretty'
{
  "took" : 18,
  "timed_out" : false,
  "_shards" : {
    "total" : 1,
    "successful" : 1,
    "skipped" : 0,
    "failed" : 0
  },
  "hits" : {
    "total" : {
      "value" : 1,
      "relation" : "eq"
    },
    "max_score" : 1.0,
    "hits" : [
      {
        "_index" : "basketball",
        "_type" : "record",
        "_id" : "1",
        "_score" : 1.0,
        "_source" : {
          "team" : "Chicago Bulls",
          "name" : "Michael Jordan",
          "points" : 30,
          "rebounds" : 3,
          "assists" : 4,
          "submit_date" : "1996-10-11"
        }
      }
    ]
  }
}

SEARCH - REQUEST BODY

이번에 살펴볼 옵션은 -REQUEST BODY옵션입니다.

1
2
3
4
5
6
7
curl -XGET -H 'Content-Type:application/json' localhost:9200/basketball/record/_search -d '
{
"query" : {
"term" : {"points" : 30}
}
}'
{"took":16,"timed_out":false,"_shards":{"total":1,"successful":1,"skipped":0,"failed":0},"hits":{"total":{"value":1,"relation":"eq"},"max_score":1.0,"hits":[{"_index":"basketball","_type":"record","_id":"1","_score":1.0,"_source":{"team" : "Chicago Bulls","name" : "Michael Jordan", "points" : 30,"rebounds" : 3,"assists" : 4, "submit_date" : "1996-10-11"}}]}}%

다음과 같이 직접 REQUEST BODY를 사용하여 값을 조회해오는모습을 볼 수 있습니다.
-d는 Direct로 처리하기 위한 옵션입니다.

참고사항

https://www.elastic.co/guide/en/elasticsearch/reference/6.8/search-request-body.html

Share