diff --git a/elk/elasticsearch/ES-高级DSL查询.md b/elk/elasticsearch/ES-高级DSL查询.md new file mode 100644 index 0000000..3e8b3fb --- /dev/null +++ b/elk/elasticsearch/ES-高级DSL查询.md @@ -0,0 +1,1071 @@ +# ES-高级DSL查询 + +[TOC] + +# 1.DSL查询文档 + +elasticsearch的查询依然是基于JSON风格的DSL来实现的。 + +下方所有示例所采用索引库结构: + +```apl +PUT /hotel +{ + "mappings": { + "properties": { + "id": { + "type": "keyword" + }, + "name":{ + "type": "text", + "analyzer": "ik_max_word", + "copy_to": "all" + }, + "address":{ + "type": "keyword", + "index": false + }, + "price":{ + "type": "integer" + }, + "score":{ + "type": "integer" + }, + "brand":{ + "type": "keyword", + "copy_to": "all" + }, + "city":{ + "type": "keyword", + "copy_to": "all" + }, + "starName":{ + "type": "keyword" + }, + "business":{ + "type": "keyword" + }, + "location":{ + "type": "geo_point" + }, + "pic":{ + "type": "keyword", + "index": false + }, + "all":{ + "type": "text", + "analyzer": "ik_max_word" + } + } + } +} +``` + +## 1.1.DSL查询分类 + +Elasticsearch提供了基于JSON的DSL([Domain Specific Language](https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl.html))来定义查询。常见的查询类型包括: + +- **查询所有**:查询出所有数据,一般测试用。例如:match_all + +- **全文检索(full text)查询**:利用分词器对用户输入内容分词,然后去倒排索引库中匹配。例如: + - match_query + - multi_match_query +- **精确查询**:根据精确词条值查找数据,一般是查找keyword、数值、日期、boolean等类型字段。例如: + - ids + - range + - term +- **地理(geo)查询**:根据经纬度查询。例如: + - geo_distance + - geo_bounding_box +- **复合(compound)查询**:复合查询可以将上述各种查询条件组合起来,合并查询条件。例如: + - bool + - function_score + +查询的语法基本一致: + +```json +GET /indexName/_search +{ +  "query": { +    "查询类型": { +      "查询条件": "条件值" +    } +  } +} +``` + +我们以查询所有为例,其中: + +- 查询类型为match_all +- 没有查询条件 + +```json +// 查询所有 +GET /indexName/_search +{ +  "query": { +    "match_all": { + } +  } +} +``` + +其它查询无非就是**查询类型**、**查询条件**的变化。 + +## 1.2.全文检索查询 + +### 1.2.1.使用场景 + +全文检索查询的基本流程如下: + +- 对用户搜索的内容做分词,得到词条 +- 根据词条去倒排索引库中匹配,得到文档id +- 根据文档id找到文档,返回给用户 + +比较常用的场景包括: + +- 商城的输入框搜索 +- 百度输入框搜索 + +例如京东: + +![image-20210721165326938](assets/image-20210721165326938.png) + + + +因为是拿着词条去匹配,因此参与搜索的字段也必须是可分词的text类型的字段。 + +### 1.2.2.基本语法 + +常见的全文检索查询包括: + +- match查询:单字段查询 +- multi_match查询:多字段查询,任意一个字段符合条件就算符合查询条件 + +match查询语法如下: + +```json +GET /indexName/_search +{ +  "query": { +    "match": { +      "FIELD": "TEXT" +    } +  } +} +``` + +mulit_match语法如下: + +```json +GET /indexName/_search +{ +  "query": { +    "multi_match": { +      "query": "TEXT", +      "fields": ["FIELD1", " FIELD12"] +    } +  } +} +``` + +### 1.2.3.示例 + +match查询示例: + +![image-20210721170455419](assets/image-20210721170455419.png) + + + +multi_match查询示例: + +![image-20210721170720691](assets/image-20210721170720691.png) + + + +可以看到,两种查询结果是一样的,为什么? + +因为我们将brand、name、business值都利用copy_to复制到了all字段中。因此你根据三个字段搜索,和根据all字段搜索效果当然一样了。 + +但是,搜索字段越多,对查询性能影响越大,因此建议采用copy_to,然后单字段查询的方式。 + + + +### 1.2.4.总结 + +match和multi_match的区别是什么? + +- match:根据一个字段查询 +- multi_match:根据多个字段查询,参与查询字段越多,查询性能越差 + + + +## 1.3.精准查询 + +精确查询一般是查找keyword、数值、日期、boolean等类型字段。所以**不会**对搜索条件分词。常见的有: + +- term:根据词条精确值查询 +- range:根据值的范围查询 + + + +### 1.3.1.term查询 + +因为精确查询的字段搜是不分词的字段,因此查询的条件也必须是**不分词**的词条。查询时,用户输入的内容跟自动值完全匹配时才认为符合条件。如果用户输入的内容过多,反而搜索不到数据。 + + + +语法说明: + +```json +// term查询 +GET /indexName/_search +{ +  "query": { +    "term": { +      "FIELD": { +        "value": "VALUE" +      } +    } +  } +} +``` + + + +示例: + +当我搜索的是精确词条时,能正确查询出结果: + +![image-20210721171655308](assets/image-20210721171655308.png) + +但是,当我搜索的内容不是词条,而是多个词语形成的短语时,反而搜索不到: + +![image-20210721171838378](assets/image-20210721171838378.png) + + + +### 1.3.2.range查询 + +范围查询,一般应用在对数值类型做范围过滤的时候。比如做价格范围过滤。 + +基本语法: + +```json +// range查询 +GET /indexName/_search +{ +  "query": { +    "range": { +      "FIELD": { +        "gte": 10, // 这里的gte代表大于等于,gt则代表大于 +        "lte": 20 // lte代表小于等于,lt则代表小于 +      } +    } +  } +} +``` + +示例: + +![image-20210721172307172](assets/image-20210721172307172.png) + +### 1.3.3.总结 + +精确查询常见的有哪些? + +- term查询:根据词条精确匹配,一般搜索keyword类型、数值类型、布尔类型、日期类型字段 +- range查询:根据数值范围查询,可以是数值、日期的范围 + +## 1.4.地理坐标查询 + +所谓的地理坐标查询,其实就是根据经纬度查询,官方文档:https://www.elastic.co/guide/en/elasticsearch/reference/current/geo-queries.html + +常见的使用场景包括: + +- 携程:搜索我附近的酒店 +- 滴滴:搜索我附近的出租车 +- 微信:搜索我附近的人 + +附近的酒店: + +![image-20210721172645103](assets/image-20210721172645103.png) + +附近的车: + +![image-20210721172654880](assets/image-20210721172654880.png) + + + +### 1.4.1.矩形范围查询 + +矩形范围查询,也就是geo_bounding_box查询,查询坐标落在某个矩形范围的所有文档: + +![DKV9HZbVS6](assets/DKV9HZbVS6.gif) + +查询时,需要指定矩形的**左上**、**右下**两个点的坐标,然后画出一个矩形,落在该矩形内的都是符合条件的点。 + +语法如下: + +```json +// geo_bounding_box查询 +GET /indexName/_search +{ +  "query": { +    "geo_bounding_box": { +      "FIELD": { +        "top_left": { // 左上点 +          "lat": 31.1, +          "lon": 121.5 +        }, +        "bottom_right": { // 右下点 +          "lat": 30.9, +          "lon": 121.7 +        } +      } +    } +  } +} +``` + +这种并不符合“附近的人”这样的需求,所以我们就不做了。 + +### 1.4.2.附近查询 + +附近查询,也叫做距离查询(geo_distance):查询到指定中心点小于某个距离值的所有文档。 + +换句话来说,在地图上找一个点作为圆心,以指定距离为半径,画一个圆,落在圆内的坐标都算符合条件: + +![vZrdKAh19C](assets/vZrdKAh19C.gif) + +语法说明: + +```json +// geo_distance 查询 +GET /indexName/_search +{ +  "query": { +    "geo_distance": { +      "distance": "15km", // 半径 +      "FIELD": "31.21,121.5" // 圆心 +    } +  } +} +``` + +示例: + +我们先搜索陆家嘴附近15km的酒店: + +![image-20210721175443234](assets/image-20210721175443234.png) + +发现共有47家酒店。 + +## 1.5.复合查询 + +复合(compound)查询:复合查询可以将其它简单查询组合起来,实现更复杂的搜索逻辑。常见的有两种: + +- fuction score:算分函数查询,可以控制文档相关性算分,控制文档排名 +- bool query:布尔查询,利用逻辑关系组合多个其它的查询,实现复杂搜索 + +### 1.5.1.相关性算分 + +当我们利用match查询时,文档结果会根据与搜索词条的关联度打分(_score),返回结果时按照分值降序排列。 + +例如,我们搜索 "虹桥如家",结果如下: + +```json +[ +  { +    "_score" : 17.850193, +    "_source" : { +      "name" : "虹桥如家酒店真不错", +    } +  }, +  { +    "_score" : 12.259849, +    "_source" : { +      "name" : "外滩如家酒店真不错", +    } +  }, +  { +    "_score" : 11.91091, +    "_source" : { +      "name" : "迪士尼如家酒店真不错", +    } +  } +] +``` + +在elasticsearch中,早期使用的打分算法是TF-IDF算法,公式如下: + +![image-20210721190152134](assets/image-20210721190152134.png) + +在后来的5.1版本升级中,elasticsearch将算法改进为BM25算法,公式如下: + +![image-20210721190416214](assets/image-20210721190416214.png) + + + +TF-IDF算法有一各缺陷,就是词条频率越高,文档得分也会越高,单个词条对文档影响较大。而BM25则会让单个词条的算分有一个上限,曲线更加平滑: + +![image-20210721190907320](assets/image-20210721190907320.png) + + + +小结:elasticsearch会根据词条和文档的相关度做打分,算法由两种: + +- TF-IDF算法 +- BM25算法,elasticsearch5.1版本后采用的算法 + +### 1.5.2.算分函数查询 + +根据相关度打分是比较合理的需求,但**合理的不一定是产品经理需要**的。 + +以百度为例,你搜索的结果中,并不是相关度越高排名越靠前,而是谁掏的钱多排名就越靠前。如图: + +![image-20210721191144560](assets/image-20210721191144560.png) + + + +要想认为控制相关性算分,就需要利用elasticsearch中的function score 查询了。 + +#### 1)语法说明 + +![image-20210721191544750](assets/image-20210721191544750.png) + +function score 查询中包含四部分内容: + +- **原始查询**条件:query部分,基于这个条件搜索文档,并且基于BM25算法给文档打分,**原始算分**(query score) +- **过滤条件**:filter部分,符合该条件的文档才会重新算分 +- **算分函数**:符合filter条件的文档要根据这个函数做运算,得到的**函数算分**(function score),有四种函数 + - weight:函数结果是常量 + - field_value_factor:以文档中的某个字段值作为函数结果 + - random_score:以随机数作为函数结果 + - script_score:自定义算分函数算法 +- **运算模式**:算分函数的结果、原始查询的相关性算分,两者之间的运算方式,包括: + - multiply:相乘 + - replace:用function score替换query score + - 其它,例如:sum、avg、max、min + +function score的运行流程如下: + +- 1)根据**原始条件**查询搜索文档,并且计算相关性算分,称为**原始算分**(query score) +- 2)根据**过滤条件**,过滤文档 +- 3)符合**过滤条件**的文档,基于**算分函数**运算,得到**函数算分**(function score) +- 4)将**原始算分**(query score)和**函数算分**(function score)基于**运算模式**做运算,得到最终结果,作为相关性算分。 + +因此,其中的关键点是: + +- 过滤条件:决定哪些文档的算分被修改 +- 算分函数:决定函数算分的算法 +- 运算模式:决定最终算分结果 + +#### 2)示例 + +需求:给“如家”这个品牌的酒店排名靠前一些 + +翻译一下这个需求,转换为之前说的四个要点: + +- 原始条件:不确定,可以任意变化 +- 过滤条件:brand = "如家" +- 算分函数:可以简单粗暴,直接给固定的算分结果,weight +- 运算模式:比如求和 + +因此最终的DSL语句如下: + +```json +GET /hotel/_search +{ +  "query": { +    "function_score": { +      "query": { .... }, // 原始查询,可以是任意条件 +      "functions": [ // 算分函数 +        { +          "filter": { // 满足的条件,品牌必须是如家 +            "term": { +              "brand": "如家" +            } +          }, +          "weight": 2 // 算分权重为2 +        } +      ], + "boost_mode": "sum" // 加权模式,求和 +    } +  } +} +``` + +测试,在未添加算分函数时,如家得分如下: + +![image-20210721193152520](assets/image-20210721193152520.png) + +添加了算分函数后,如家得分就提升了: + +![image-20210721193458182](assets/image-20210721193458182.png) + +#### 3)小结 + +function score query定义的三要素是什么? + +- 过滤条件:哪些文档要加分 +- 算分函数:如何计算function score +- 加权方式:function score 与 query score如何运算 + +### 1.5.3.布尔查询 + +布尔查询是一个或多个查询子句的组合,每一个子句就是一个**子查询**。子查询的组合方式有: + +- must:必须匹配每个子查询,类似“与” +- should:选择性匹配子查询,类似“或” +- must_not:必须不匹配,**不参与算分**,类似“非” +- filter:必须匹配,**不参与算分** + + + +比如在搜索酒店时,除了关键字搜索外,我们还可能根据品牌、价格、城市等字段做过滤: + +![image-20210721193822848](assets/image-20210721193822848.png) + +每一个不同的字段,其查询的条件、方式都不一样,必须是多个不同的查询,而要组合这些查询,就必须用bool查询了。 + + + +需要注意的是,搜索时,参与**打分的字段越多,查询的性能也越差**。因此这种多条件查询时,建议这样做: + +- 搜索框的关键字搜索,是全文检索查询,使用must查询,参与算分 +- 其它过滤条件,采用filter查询。不参与算分 + +#### 1)语法示例: + +```json +GET /hotel/_search +{ +  "query": { +    "bool": { +      "must": [ +        {"term": {"city": "上海" }} +      ], +      "should": [ +        {"term": {"brand": "皇冠假日" }}, + {"term": {"brand": "华美达" }} +      ], +      "must_not": [ +        { "range": { "price": { "lte": 500 } }} +      ], +      "filter": [ +        { "range": {"score": { "gte": 45 } }} +      ] +    } +  } +} +``` + +#### 2)示例 + +需求:搜索名字包含“如家”,价格不高于400,在坐标31.21,121.5周围10km范围内的酒店。 + +分析: + +- 名称搜索,属于全文检索查询,应该参与算分。放到must中 +- 价格不高于400,用range查询,属于过滤条件,不参与算分。放到must_not中 +- 周围10km范围内,用geo_distance查询,属于过滤条件,不参与算分。放到filter中 + + + +![image-20210721194744183](assets/image-20210721194744183.png) + +#### 3)小结 + +bool查询有几种逻辑关系? + +- must:必须匹配的条件,可以理解为“与” +- should:选择性匹配的条件,可以理解为“或” +- must_not:必须不匹配的条件,不参与打分 +- filter:必须匹配的条件,不参与打分 + +# 2.搜索结果处理 + +搜索的结果可以按照用户指定的方式去处理或展示。 + +## 2.1.排序 + +elasticsearch默认是根据相关度算分(_score)来排序,但是也支持自定义方式对搜索[结果排序](https://www.elastic.co/guide/en/elasticsearch/reference/current/sort-search-results.html)。可以排序字段类型有:keyword类型、数值类型、地理坐标类型、日期类型等。 + +### 2.1.1.普通字段排序 + +keyword、数值、日期类型排序的语法基本一致。 + +**语法**: + +```json +GET /indexName/_search +{ +  "query": { +    "match_all": {} +  }, +  "sort": [ +    { +      "FIELD": "desc"  // 排序字段、排序方式ASC、DESC +    } +  ] +} +``` + +排序条件是一个数组,也就是可以写多个排序条件。按照声明的顺序,当第一个条件相等时,再按照第二个条件排序,以此类推 + + + +**示例**: + +需求描述:酒店数据按照用户评价(score)降序排序,评价相同的按照价格(price)升序排序 + +![image-20210721195728306](assets/image-20210721195728306.png) + + + +### 2.1.2.地理坐标排序 + +地理坐标排序略有不同。 + +**语法说明**: + +```json +GET /indexName/_search +{ +  "query": { +    "match_all": {} +  }, +  "sort": [ +    { +      "_geo_distance" : { +          "FIELD" : "纬度,经度", // 文档中geo_point类型的字段名、目标坐标点 +          "order" : "asc", // 排序方式 +          "unit" : "km" // 排序的距离单位 +      } +    } +  ] +} +``` + +这个查询的含义是: + +- 指定一个坐标,作为目标点 +- 计算每一个文档中,指定字段(必须是geo_point类型)的坐标 到目标点的距离是多少 +- 根据距离排序 + +**示例:** + +需求描述:实现对酒店数据按照到你的位置坐标的距离升序排序 + +提示:获取你的位置的经纬度的方式:https://lbs.amap.com/demo/jsapi-v2/example/map/click-to-get-lnglat/ + + + +假设我的位置是:31.034661,121.612282,寻找我周围距离最近的酒店。 + +![image-20210721200214690](assets/image-20210721200214690.png) + +## 2.2.分页 + +elasticsearch 默认情况下只返回top10的数据。而如果要查询更多数据就需要修改分页参数了。elasticsearch中通过修改from、size参数来控制要返回的分页结果: + +- from:从第几个文档开始 +- size:总共查询几个文档 + +类似于mysql中的`limit ?, ?` + +### 2.2.1.基本的分页 + +分页的基本语法如下: + +```json +GET /hotel/_search +{ +  "query": { +    "match_all": {} +  }, +  "from": 0, // 分页开始的位置,默认为0 +  "size": 10, // 期望获取的文档总数 +  "sort": [ +    {"price": "asc"} +  ] +} +``` + +### 2.2.2.深度分页问题 + +现在,我要查询990~1000的数据,查询逻辑要这么写: + +```json +GET /hotel/_search +{ +  "query": { +    "match_all": {} +  }, +  "from": 990, // 分页开始的位置,默认为0 +  "size": 10, // 期望获取的文档总数 +  "sort": [ +    {"price": "asc"} +  ] +} +``` + +这里是查询990开始的数据,也就是 第990~第1000条 数据。 + +不过,elasticsearch内部分页时,必须先查询 0~1000条,然后截取其中的990 ~ 1000的这10条: + +![image-20210721200643029](assets/image-20210721200643029.png) + +查询TOP1000,如果es是单点模式,这并无太大影响。 + +但是elasticsearch将来一定是集群,例如我集群有5个节点,我要查询TOP1000的数据,并不是每个节点查询200条就可以了。 + +因为节点A的TOP200,在另一个节点可能排到10000名以外了。 + +因此要想获取整个集群的TOP1000,必须先查询出每个节点的TOP1000,汇总结果后,重新排名,重新截取TOP1000。 + +![image-20210721201003229](assets/image-20210721201003229.png) + + + +那如果我要查询9900~10000的数据呢?是不是要先查询TOP10000呢?那每个节点都要查询10000条?汇总到内存中? + +当查询分页深度较大时,汇总数据过多,对内存和CPU会产生非常大的压力,因此elasticsearch会禁止from+ size 超过10000的请求。 + +针对深度分页,ES提供了两种解决方案,[官方文档](https://www.elastic.co/guide/en/elasticsearch/reference/current/paginate-search-results.html): + +- search after:分页时需要排序,原理是从上一次的排序值开始,查询下一页数据。官方推荐使用的方式。 +- scroll:原理将排序后的文档id形成快照,保存在内存。官方已经不推荐使用。 + +### 2.2.3.小结 + +分页查询的常见实现方案以及优缺点: + +- `from + size`: + - 优点:支持随机翻页 + - 缺点:深度分页问题,默认查询上限(from + size)是10000 + - 场景:百度、京东、谷歌、淘宝这样的随机翻页搜索 +- `after search`: + - 优点:没有查询上限(单次查询的size不超过10000) + - 缺点:只能向后逐页查询,不支持随机翻页 + - 场景:没有随机翻页需求的搜索,例如手机向下滚动翻页 + +- `scroll`: + - 优点:没有查询上限(单次查询的size不超过10000) + - 缺点:会有额外内存消耗,并且搜索结果是非实时的 + - 场景:海量数据的获取和迁移。从ES7.1开始不推荐,建议用 after search方案。 + +## 2.3.高亮 + +### 2.3.1.高亮原理 + +什么是高亮显示呢? + +我们在百度,京东搜索时,关键字会变成红色,比较醒目,这叫高亮显示: + +![image-20210721202705030](assets/image-20210721202705030.png) + +高亮显示的实现分为两步: + +- 1)给文档中的所有关键字都添加一个标签,例如``标签 +- 2)页面给``标签编写CSS样式 + +### 2.3.2.实现高亮 + +**高亮的语法**: + +```json +GET /hotel/_search +{ +  "query": { +    "match": { +      "FIELD": "TEXT" // 查询条件,高亮一定要使用全文检索查询 +    } +  }, +  "highlight": { +    "fields": { // 指定要高亮的字段 +      "FIELD": { +        "pre_tags": "",  // 用来标记高亮字段的前置标签 +        "post_tags": "" // 用来标记高亮字段的后置标签 +      } +    } +  } +} +``` + +**注意:** + +- 高亮是对关键字高亮,因此**搜索条件必须带有关键字**,而不能是范围这样的查询。 +- 默认情况下,**高亮的字段,必须与搜索指定的字段一致**,否则无法高亮 +- 如果要对非搜索字段高亮,则需要添加一个属性:required_field_match=false + +**示例**: + +![image-20210721203349633](assets/image-20210721203349633.png) + + + +## 2.4.总结 + +查询的DSL是一个大的JSON对象,包含下列属性: + +- query:查询条件 +- from和size:分页条件 +- sort:排序条件 +- highlight:高亮条件 + +示例: + +![image-20210721203657850](assets/image-20210721203657850.png) + +# 3.示例汇总 + +```apl +#查询全部 +GET /hotel/_search +{ + "query": { + "match_all": {} + } +} + +#match +GET /hotel/_search +{ + "query": { + "match": { + "all": "上海" + } + } +} + +#multi_match +GET /hotel/_search +{ + "query": { + "multi_match": { + "query": "北京", + "fields": ["name","city"] + } + } +} +#term +GET /hotel/_search +{ + "query": { + "term": { + "city": { + "value": "上海" + } + } + } +} +#terms +GET /hotel/_search +{ + "query": { + "terms": { + "brand": [ + "速8", + "如家" + ] + } + } +} +#range +GET /hotel/_search +{ + "query": { + "range": { + "price": { + "gte": 300, + "lte": 500 + } + } + } +} +#geo_bounding_box +GET /hotel/_search +{ + "query": { + "geo_bounding_box":{ + "location":{ + "top_left":{ + "lat":31.1, + "lon":121.5 + }, + "bottom_right":{ + "lat":30.9, + "lon":121.7 + } + } + } + } +} +#geo_distance +GET /hotel/_search +{ + "query": { + "geo_distance":{ + "distance":"15km", + "location": "31.21,121.5" + } + } +} +GET /hotel/_search +{ + "query": { + "geo_distance":{ + "distance":"15km", + "location": { + "lat":"31.21", + "lon":"121.5" + } + } + } +} +#function_score +GET /hotel/_search +{ + "query": { + "function_score": { + "query": {"term": {"city": {"value": "北京"}}}, + "functions": [ + { + "filter": {"term": {"id": "394617"}}, + "weight": 10 + } + ], + "boost_mode": "multiply" + } + } +} +#bool +GET /hotel/_search +{ + "query": { + "bool": { + "must": [ + { + "match": { + "name": "如家" + } + } + ], + "should": [ + { + "term": { + "city": { + "value": "深圳" + } + } + }, + { + "match": { + "all": "城" + } + } + ], + "must_not": [ + { + "term": { + "city": { + "value": "北京" + } + } + } + ], + "filter": [ + { + "range": { + "score": { + "gte": 40, + "lte": 50 + } + } + } + ] + } + } +} +#sort +GET /hotel/_search +{ + "query": {"match_all": {}}, + "sort": [ + { + "score": { + "order": "desc" + } + }, + { + "price": "asc" + } + ] +} + +#sort _geo_distance +GET /hotel/_search +{ + "query": {"match_all": {}}, + "sort": [ + { + "_geo_distance": { + "location": { + "lat": 40.082017, + "lon": 116.411252 + }, + "order": "asc", + "unit": "km" + } + } + ] +} +GET /hotel/_search +{ + "query": {"match_all": {}}, + "sort": [ + { + "_geo_distance": { + "location": "40.082017,116.411252", + "order": "asc", + "unit": "km" + } + } + ] +} +#分页 +GET /hotel/_search +{ + "query": {"match_all": {}}, + "from": 0, + "size": 2, + "sort": [ + { + "price": { + "order": "desc" + } + } + ] +} +#高亮 +GET /hotel/_search +{ + "query": { + "match": { + "all": "如家" + } + }, + "highlight": { + "fields": { + "name": { + "pre_tags": "", + "post_tags": "", + "require_field_match": "false" + } + } + } +} +``` + diff --git a/elk/elasticsearch/assets/DKV9HZbVS6.gif b/elk/elasticsearch/assets/DKV9HZbVS6.gif new file mode 100644 index 0000000..181ec93 Binary files /dev/null and b/elk/elasticsearch/assets/DKV9HZbVS6.gif differ diff --git a/elk/elasticsearch/assets/image-20210721165326938.png b/elk/elasticsearch/assets/image-20210721165326938.png new file mode 100644 index 0000000..6d9fda4 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721165326938.png differ diff --git a/elk/elasticsearch/assets/image-20210721170455419.png b/elk/elasticsearch/assets/image-20210721170455419.png new file mode 100644 index 0000000..282911c Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721170455419.png differ diff --git a/elk/elasticsearch/assets/image-20210721170720691.png b/elk/elasticsearch/assets/image-20210721170720691.png new file mode 100644 index 0000000..0ad032a Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721170720691.png differ diff --git a/elk/elasticsearch/assets/image-20210721171655308.png b/elk/elasticsearch/assets/image-20210721171655308.png new file mode 100644 index 0000000..14760f6 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721171655308.png differ diff --git a/elk/elasticsearch/assets/image-20210721171838378.png b/elk/elasticsearch/assets/image-20210721171838378.png new file mode 100644 index 0000000..8899161 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721171838378.png differ diff --git a/elk/elasticsearch/assets/image-20210721172307172.png b/elk/elasticsearch/assets/image-20210721172307172.png new file mode 100644 index 0000000..1a01492 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721172307172.png differ diff --git a/elk/elasticsearch/assets/image-20210721172645103.png b/elk/elasticsearch/assets/image-20210721172645103.png new file mode 100644 index 0000000..8daf430 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721172645103.png differ diff --git a/elk/elasticsearch/assets/image-20210721172654880.png b/elk/elasticsearch/assets/image-20210721172654880.png new file mode 100644 index 0000000..613fcad Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721172654880.png differ diff --git a/elk/elasticsearch/assets/image-20210721175443234.png b/elk/elasticsearch/assets/image-20210721175443234.png new file mode 100644 index 0000000..484842b Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721175443234.png differ diff --git a/elk/elasticsearch/assets/image-20210721182031475.png b/elk/elasticsearch/assets/image-20210721182031475.png new file mode 100644 index 0000000..b9efdf6 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721182031475.png differ diff --git a/elk/elasticsearch/assets/image-20210721190152134.png b/elk/elasticsearch/assets/image-20210721190152134.png new file mode 100644 index 0000000..87b7148 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721190152134.png differ diff --git a/elk/elasticsearch/assets/image-20210721190416214.png b/elk/elasticsearch/assets/image-20210721190416214.png new file mode 100644 index 0000000..18ca5d2 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721190416214.png differ diff --git a/elk/elasticsearch/assets/image-20210721190907320.png b/elk/elasticsearch/assets/image-20210721190907320.png new file mode 100644 index 0000000..e859608 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721190907320.png differ diff --git a/elk/elasticsearch/assets/image-20210721191144560.png b/elk/elasticsearch/assets/image-20210721191144560.png new file mode 100644 index 0000000..e7e83c9 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721191144560.png differ diff --git a/elk/elasticsearch/assets/image-20210721191544750.png b/elk/elasticsearch/assets/image-20210721191544750.png new file mode 100644 index 0000000..8f1411e Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721191544750.png differ diff --git a/elk/elasticsearch/assets/image-20210721193152520.png b/elk/elasticsearch/assets/image-20210721193152520.png new file mode 100644 index 0000000..87f9df3 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721193152520.png differ diff --git a/elk/elasticsearch/assets/image-20210721193458182.png b/elk/elasticsearch/assets/image-20210721193458182.png new file mode 100644 index 0000000..516045b Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721193458182.png differ diff --git a/elk/elasticsearch/assets/image-20210721193822848.png b/elk/elasticsearch/assets/image-20210721193822848.png new file mode 100644 index 0000000..0365c72 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721193822848.png differ diff --git a/elk/elasticsearch/assets/image-20210721194744183.png b/elk/elasticsearch/assets/image-20210721194744183.png new file mode 100644 index 0000000..e7e9180 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721194744183.png differ diff --git a/elk/elasticsearch/assets/image-20210721195728306.png b/elk/elasticsearch/assets/image-20210721195728306.png new file mode 100644 index 0000000..71f05b7 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721195728306.png differ diff --git a/elk/elasticsearch/assets/image-20210721200214690.png b/elk/elasticsearch/assets/image-20210721200214690.png new file mode 100644 index 0000000..1de018c Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721200214690.png differ diff --git a/elk/elasticsearch/assets/image-20210721200643029.png b/elk/elasticsearch/assets/image-20210721200643029.png new file mode 100644 index 0000000..28b5576 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721200643029.png differ diff --git a/elk/elasticsearch/assets/image-20210721201003229.png b/elk/elasticsearch/assets/image-20210721201003229.png new file mode 100644 index 0000000..d81fe20 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721201003229.png differ diff --git a/elk/elasticsearch/assets/image-20210721202705030.png b/elk/elasticsearch/assets/image-20210721202705030.png new file mode 100644 index 0000000..338c80c Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721202705030.png differ diff --git a/elk/elasticsearch/assets/image-20210721203349633.png b/elk/elasticsearch/assets/image-20210721203349633.png new file mode 100644 index 0000000..8f1f473 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721203349633.png differ diff --git a/elk/elasticsearch/assets/image-20210721203657850.png b/elk/elasticsearch/assets/image-20210721203657850.png new file mode 100644 index 0000000..a7f7070 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721203657850.png differ diff --git a/elk/elasticsearch/assets/image-20210721203950559.png b/elk/elasticsearch/assets/image-20210721203950559.png new file mode 100644 index 0000000..546aa44 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721203950559.png differ diff --git a/elk/elasticsearch/assets/image-20210721214221057.png b/elk/elasticsearch/assets/image-20210721214221057.png new file mode 100644 index 0000000..4d1d45a Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721214221057.png differ diff --git a/elk/elasticsearch/assets/image-20210721215640790.png b/elk/elasticsearch/assets/image-20210721215640790.png new file mode 100644 index 0000000..09da80d Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721215640790.png differ diff --git a/elk/elasticsearch/assets/image-20210721215729236.png b/elk/elasticsearch/assets/image-20210721215729236.png new file mode 100644 index 0000000..614b63b Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721215729236.png differ diff --git a/elk/elasticsearch/assets/image-20210721215843099.png b/elk/elasticsearch/assets/image-20210721215843099.png new file mode 100644 index 0000000..b83d5bf Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721215843099.png differ diff --git a/elk/elasticsearch/assets/image-20210721215923060.png b/elk/elasticsearch/assets/image-20210721215923060.png new file mode 100644 index 0000000..6f4013f Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721215923060.png differ diff --git a/elk/elasticsearch/assets/image-20210721220305140.png b/elk/elasticsearch/assets/image-20210721220305140.png new file mode 100644 index 0000000..dd57293 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721220305140.png differ diff --git a/elk/elasticsearch/assets/image-20210721220927286.png b/elk/elasticsearch/assets/image-20210721220927286.png new file mode 100644 index 0000000..f190d70 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721220927286.png differ diff --git a/elk/elasticsearch/assets/image-20210721221121266.png b/elk/elasticsearch/assets/image-20210721221121266.png new file mode 100644 index 0000000..c1ff928 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721221121266.png differ diff --git a/elk/elasticsearch/assets/image-20210721221744883.png b/elk/elasticsearch/assets/image-20210721221744883.png new file mode 100644 index 0000000..9a7e65e Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721221744883.png differ diff --git a/elk/elasticsearch/assets/image-20210721222057212.png b/elk/elasticsearch/assets/image-20210721222057212.png new file mode 100644 index 0000000..9440611 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721222057212.png differ diff --git a/elk/elasticsearch/assets/image-20210721223159598.png b/elk/elasticsearch/assets/image-20210721223159598.png new file mode 100644 index 0000000..c4e21b4 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721223159598.png differ diff --git a/elk/elasticsearch/assets/image-20210721223859419.png b/elk/elasticsearch/assets/image-20210721223859419.png new file mode 100644 index 0000000..c87dbd3 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721223859419.png differ diff --git a/elk/elasticsearch/assets/image-20210721224033789.png b/elk/elasticsearch/assets/image-20210721224033789.png new file mode 100644 index 0000000..5a37411 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721224033789.png differ diff --git a/elk/elasticsearch/assets/image-20210721224112708.png b/elk/elasticsearch/assets/image-20210721224112708.png new file mode 100644 index 0000000..efb4ff5 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210721224112708.png differ diff --git a/elk/elasticsearch/assets/image-20210722091940726.png b/elk/elasticsearch/assets/image-20210722091940726.png new file mode 100644 index 0000000..5e48478 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210722091940726.png differ diff --git a/elk/elasticsearch/assets/image-20210722092051994.png b/elk/elasticsearch/assets/image-20210722092051994.png new file mode 100644 index 0000000..d62bcdc Binary files /dev/null and b/elk/elasticsearch/assets/image-20210722092051994.png differ diff --git a/elk/elasticsearch/assets/image-20210722092935453.png b/elk/elasticsearch/assets/image-20210722092935453.png new file mode 100644 index 0000000..29a6f44 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210722092935453.png differ diff --git a/elk/elasticsearch/assets/image-20210722093414542.png b/elk/elasticsearch/assets/image-20210722093414542.png new file mode 100644 index 0000000..be2d089 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210722093414542.png differ diff --git a/elk/elasticsearch/assets/image-20210722093642382.png b/elk/elasticsearch/assets/image-20210722093642382.png new file mode 100644 index 0000000..d1273b8 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210722093642382.png differ diff --git a/elk/elasticsearch/assets/image-20210722095227059.png b/elk/elasticsearch/assets/image-20210722095227059.png new file mode 100644 index 0000000..243cb2f Binary files /dev/null and b/elk/elasticsearch/assets/image-20210722095227059.png differ diff --git a/elk/elasticsearch/assets/image-20210722095648542.png b/elk/elasticsearch/assets/image-20210722095648542.png new file mode 100644 index 0000000..9593ada Binary files /dev/null and b/elk/elasticsearch/assets/image-20210722095648542.png differ diff --git a/elk/elasticsearch/assets/image-20210722095902314.png b/elk/elasticsearch/assets/image-20210722095902314.png new file mode 100644 index 0000000..3ba41f8 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210722095902314.png differ diff --git a/elk/elasticsearch/assets/image-20210722100040674.png b/elk/elasticsearch/assets/image-20210722100040674.png new file mode 100644 index 0000000..4c8ad7e Binary files /dev/null and b/elk/elasticsearch/assets/image-20210722100040674.png differ diff --git a/elk/elasticsearch/assets/image-20210722100613966.png b/elk/elasticsearch/assets/image-20210722100613966.png new file mode 100644 index 0000000..fbbc368 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210722100613966.png differ diff --git a/elk/elasticsearch/assets/image-20210722100838604.png b/elk/elasticsearch/assets/image-20210722100838604.png new file mode 100644 index 0000000..d818a27 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210722100838604.png differ diff --git a/elk/elasticsearch/assets/image-20210722100947292.png b/elk/elasticsearch/assets/image-20210722100947292.png new file mode 100644 index 0000000..5696ffb Binary files /dev/null and b/elk/elasticsearch/assets/image-20210722100947292.png differ diff --git a/elk/elasticsearch/assets/image-20210722101908062.png b/elk/elasticsearch/assets/image-20210722101908062.png new file mode 100644 index 0000000..69be9fe Binary files /dev/null and b/elk/elasticsearch/assets/image-20210722101908062.png differ diff --git a/elk/elasticsearch/assets/image-20210722102850818.png b/elk/elasticsearch/assets/image-20210722102850818.png new file mode 100644 index 0000000..18fb383 Binary files /dev/null and b/elk/elasticsearch/assets/image-20210722102850818.png differ diff --git a/elk/elasticsearch/assets/vZrdKAh19C.gif b/elk/elasticsearch/assets/vZrdKAh19C.gif new file mode 100644 index 0000000..94e6df2 Binary files /dev/null and b/elk/elasticsearch/assets/vZrdKAh19C.gif differ diff --git a/elk/elasticsearch/基础ES-DSL语句.md b/elk/elasticsearch/基础ES-DSL语句.md index 1e2454a..4c24bcc 100644 --- a/elk/elasticsearch/基础ES-DSL语句.md +++ b/elk/elasticsearch/基础ES-DSL语句.md @@ -1,6 +1,8 @@ # 基础索引库、文档ES-DSL语句 -## 基础概念 +[TOC] + +# 基础概念 我们把mysql与elasticsearch的概念做一下对比: @@ -26,9 +28,9 @@ - 对查询性能要求较高的搜索需求,使用elasticsearch实现 - 两者再基于某种方式,实现数据的同步,保证一致性 -## 基础语法 +# 基础语法 -### 索引基础语法 +## 索引基础语法 - 创建索引库:PUT /索引库名 - 查询索引库:GET /索引库名 @@ -37,7 +39,7 @@ - PUT /索引库名/_mapping - POST /索引库名/_mapping -### 文档基础语法 +## 文档基础语法 - 创建文档:POST /{索引库名}/_doc/文档id { json文档 } - 查询文档:GET /{索引库名}/_doc/文档id @@ -46,7 +48,7 @@ - 全量修改 (如果索引库中不存在则新增):PUT /{索引库名}/_doc/文档id { json文档 } - 局部修改(如果索引库中不存在则修改失败):POST /{索引库名}/_update/文档id { "doc": {字段}} -## 示例 +# 示例 ```apl #分词器