elasticsearch,Curl,elasticsearch" /> elasticsearch,Curl,elasticsearch" />
Fatal编程技术网
  • curl/
  • 如何在elasticsearch 5.1中获取指定字段(使用curl)?

如何在elasticsearch 5.1中获取指定字段(使用curl)?

curl

如何在elasticsearch 5.1中获取指定字段(使用curl)?,curl,elasticsearch,Curl,elasticsearch,我想在elasticsearch 5.1中获取指定字段。 例如 从表中选择x,y 样本文件 { "_index": "logstash-2017.01.05", "_type": "logs", "_id": "AVltoGqz-zTtgAXZybOK", "_version": 1, "found": true, "_source": { "sourcePORT": "55645", "EndTime": "2016-11-08T03:00:43.033

我想在elasticsearch 5.1中获取指定字段。 例如 从表中选择x,y

样本文件

{
  "_index": "logstash-2017.01.05",
  "_type": "logs",
  "_id": "AVltoGqz-zTtgAXZybOK",
  "_version": 1,
  "found": true,
  "_source": {
    "sourcePORT": "55645",
    "EndTime": "2016-11-08T03:00:43.033",
    "StartTime": "2016-11-08T03:00:43.033",
    "message": "10.215.56.162,55645,161.202.1.13,443,base.ip.tcp,2016-11-08T03:00:43.033,2016-11-08T03:00:43.033,0,74,0.000000,0,0-0:",
    "DestinationPORT": "443",
    "tags": [],
    "path": "C:/Users/akshay.patil/Desktop/DataDump01.csv",
    "DestinationIP": "161.202.1.13",
    "@timestamp": "2017-01-05T07:55:46.710Z",
    "sourceIP": "10.215.56.162",
    "received_at": "2017-01-05T07:55:46.710Z",
    "@version": "1",
    "host": "3299D11",
    "ProtocolPath": "base.ip.tcp"
  }
}
非常简单,您可以这样使用:

curl localhost:9200/index/type/_search?_source=x,y
这将返回要打印的特定字段

GET/\u搜索

{“query”:{“match_all”:{},“docvalue_fields”:[“field_name”]}

其返回的不同内容,如{“index”:“logstash-2017.01.05”、“_type”:“logs”、“_id”:“AVltm47D zTtgAXZvLCn”、“_score”:1、“_source”:{}但我希望此字段中显示实际值。您应该使用
logstash-2017.01.05
索引的映射更新您的问题,可能您已禁用源的存储。如何启用源的存储?我们需要在URL中提到什么作为类型。首先使用
curl-XGET localhost:9200/logstash-2017.01.05来显示索引映射。您可以使用
curl-XGET localhost:9200/logstash-2017.01.05/logs/AVltm47D zTtgAXZvLCn来显示单个文档吗?