elasticsearch搜索示例

elasticsearch restful api和java api搜索示例。

elasticsearch restful api

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
POST /datapt-logstatistic/_search
{
  "query": {
    "bool": {
      "filter": {
        "range": {
          "time": {
            "lte": "2016-08-22",
            "gte": "2016-08-21"
          }
        }
      },
      "must": [
        {
          "term": {
            "nav": "iOS"
          }
        },
        {
          "term": {
            "key": "M99.M1"
          }
        }
      ]
    }
  },
  "size": 0,
  "aggs": {
    "stat": {
      "terms": {
        "field": "value",
        "size": 0,
        "order": {
          "totalCount": "desc"
        }
      },
      "aggs": {
        "totalCount": {
          "sum": {
            "field": "totalCount"
          }
        },
        "successCount": {
          "sum": {
            "field": "successCount"
          }
        },
        "failCount": {
          "sum": {
            "field": "failCount"
          }
        },
        "failPercent": {
          "bucket_script": {
            "buckets_path": {
              "fail": "failCount",
              "total": "totalCount"
            },
            "script": {
              "lang": "expression",
              "inline": "fail / total * 100"
            }
          }
        }
      }
    }
  }
}

java api

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
List<Map<String, Object>> aggList = Lists.newLinkedList();
// 聚合前进行查询, 先过滤出需要的内容
BoolQueryBuilder boolQuery = QueryBuilders.boolQuery();
// 时间范围
RangeQueryBuilder timeRangeBuilder = QueryBuilders.rangeQuery("time").lte(timeTo).gte(timeFrom);
boolQuery.filter(timeRangeBuilder);
// 必须匹配nav和key
if (! Strings.isNullOrEmpty(nav)) {
    boolQuery.must(QueryBuilders.termQuery("nav", nav));
}
boolQuery.must(QueryBuilders.termQuery("key", key));
SumBuilder totalCountAgg = AggregationBuilders.sum("totalCount").field("totalCount");
SumBuilder successCountAgg = AggregationBuilders.sum("successCount").field("successCount");
SumBuilder failCountAgg = AggregationBuilders.sum("failCount").field("failCount");
TermsBuilder aggBuilder = AggregationBuilders
    .terms("stat")
    .field("value")
    .size(0)
    .order(Terms.Order.aggregation("totalCount", false))
    .subAggregation(totalCountAgg)
    .subAggregation(successCountAgg)
    .subAggregation(failCountAgg);
SearchRequestBuilder builder = ElasticSearchHelper.newBuilder(LOG_STATISTIC_INDEX);
SearchResponse response;
try {
    response = builder.setQuery(boolQuery)
        .addAggregation(aggBuilder)
        .get();
} catch (Exception e) {
    LOG.error("Cannot get aggregations for nav {} and key {}", nav, key, e);
}