你如何在elasticsearch中创建搜索

时间:2015-12-02 17:52:48

标签: elasticsearch

我对弹性搜索很新,喜欢创建搜索字符串以获取所有主机的cpu_user:

以下是我的索引和字段的外观:

"web_app" : {
    "mappings" : {
      "data" : {
        "dynamic_templates" : [ {
          "iostat" : {
            "mapping" : {
              "type" : "double"
            },
            "match" : "iostat_*",
            "match_mapping_type" : "string"
          }
        } ],
        "_ttl" : {
          "enabled" : true,
          "default" : 2592000000
        },
        "properties" : {
          "alertCount" : {
            "type" : "long"
          },
          "appcode" : {
            "type" : "string",
            "index" : "not_analyzed"
          },
          "collisions" : {
            "type" : "double"
          },
          "cpu_idle" : {
            "type" : "double"
          },
          "cpu_system" : {
            "type" : "double"
          },
          "cpu_user" : {
            "type" : "double"
          },
          "host" : {
            "type" : "string",
            "index" : "not_analyzed"
          },
          "ierrs" : {
            "type" : "double"
          },
          "iostat" : {
            "properties" : {
              "iostat_dm-0" : {
                "type" : "double"
              },
              "iostat_vda" : {
                "type" : "double"
              },
              "iostat_vda1" : {
                "type" : "double"
              },
              "iostat_vda2" : {
                "type" : "double"
              },
              "iostat_vda3" : {
                "type" : "double"
              },
              "iostat_vdb" : {
                "type" : "double"
              },
              "iostat_vdc" : {
                "type" : "double"
              },
              "iostat_vdd" : {
                "type" : "double"
              }
            }
          },

任何想法如何创建一个搜索字符串来为所有主机提取cpu用户?

我希望输出在json中,例如每个主机,时间戳和cpu_user值。

这就是elasticsearch中的实际数据:

{ "_index" : "web_app",
      "_type" : "data",
      "_id" : "12345",
      "_score" : 1.0,
      "_source":{"oerrs":"0","load_avg_1min":"0.00","thresholdValue":"8931.0","cpu_idle":"100","host":"server1","server_uptime":"117","runQ_threads":"1","iostat":{"iostat_vdc":"6.60","iostat_vda3":"3.00","iostat_vdd":"1.04","iostat_vda2":"2.90","iostat_dm-0":"3.26","iostat_vda1":"3.44","iostat_vdb":"0.45","iostat_vda":"2.90"},"ierrs":"0","appcode":"cds","load_avg_10min":"0.00","page_scanrate":"NA","memory_free":"10572","cpu_user":"0","alertCount":"6","timestamp":"2015-12-01T18:32:00.0051","thresholdLimit":"5.0","memory_used":"8398","collisions":"0","load_avg_15min":"0.00","cpu_system":"0"}
},
, {
      "_index" : "web_app",
      "_type" : "data",
      "_id" : "456",
      "_score" : 1.0,
      "_source":{"oerrs":"0","load_avg_1min":"0.14","thresholdValue":"19183.0","cpu_idle":"96","host":"server2","server_uptime":"80","runQ_threads":"1","iostat":{"iostat_vdc":"2.26","iostat_vda3":"8.97","iostat_vdd":"0.80","iostat_vda2":"3.60","iostat_dm-0":"3.10","iostat_vda1":"2.41","iostat_vdb":"2.74","iostat_vda":"4.10"},"ierrs":"0","appcode":"cds","load_avg_10min":"0.25","page_scanrate":"NA","memory_free":"409","cpu_user":"3","alertCount":"28","timestamp":"2015-12-01T18:32:00.0038","thresholdLimit":"10.0","memory_used":"24692","collisions":"0","load_avg_15min":"0.43","cpu_system":"1"}
    },

0 个答案:

没有答案
相关问题
最新问题