查询Elasticsearch JSON_Json_<img Src="//i.stack.imgur.com/RUiNP.png" Height="16" Width="18" Alt="" Class="sponsor Tag Img">elasticsearch_Logstash_Elastic Stack

查询Elasticsearch JSON

json logstash

查询Elasticsearch JSON,json,elasticsearch,logstash,elastic-stack,Json,elasticsearch,Logstash,Elastic Stack,我正在尝试查询elasticsearch，以找出使用特定产品购买的产品我的数据从平面文件进入日志存储。 OrderNumber ProductName order1 Chicken order2 Banana order3 Chicken order1 Cucumber order2 Chicken order3 Apples order1 Flour order2 Rice

我正在尝试查询elasticsearch，以找出使用特定产品购买的产品

我的数据从平面文件进入日志存储。

 OrderNumber ProductName
    order1   Chicken    
    order2   Banana
    order3   Chicken   
    order1   Cucumber   
    order2   Chicken 
    order3   Apples
    order1   Flour
    order2   Rice
    order3   Nuts

正如您在上面所看到的，我有一个产品名的鸡，它出现在不同的订单号中

OrderNumber ProductName order1 Chicken order3 Chicken order2 Chicken
这就是我想要实现的目标：
步骤1：查找包含鸡肉的所有订单号

OrderNumber ProductName order1 Chicken order3 Chicken order2 Chicken

"hits" : { "total" : 3, "max_score" : 11.378191, "hits" : [ { "_index" : "hello", "_type" : "logs", "_id" : "AVmxaChupyZuCjD89xPX", "_score" : 11.378191, "_source" : { "message" : "order1\Chicken\r", "path" : "C:\\utils\\Elk\\logstash\\bin\\product.log", "OrderNumber" : "order1", "ProductName" : "Chicken\r" }}, { "_index" : "hello", "_type" : "logs", "_id" : "AVmxaChupyZuCjD89xPX", "_score" : 11.378191, "_source" : { "message" : "order3\Chicken\r", "path" : "C:\\utils\\Elk\\logstash\\bin\\product.log", "OrderNumber" : "order3", "ProductName" : "Chicken\r" } }, { "_index" : "hello", "_type" : "logs", "_id" : "AVmxaChupyZuCjD89xPX", "_score" : 11.378191, "_source" : { "message" : "order2\Chicken\r", "path" : "C:\\utils\\Elk\\logstash\\bin\\product.log", "OrderNumber" : "order2", "ProductName" : "Chicken\r" }
第2步：如果上述订单中有鸡肉，请将与之一起购买的所有其他产品告诉我
结果:

OrderNumber ProductName order1 Cucumber order2 Banana order3 Apples order1 Flour order2 Rice order3 Nuts
这就是我迄今为止为步骤1所做的尝试：
查询

{ "query" : { "match" : { "ProductName" : "Chicken" } } }
结果

OrderNumber ProductName order1 Chicken order3 Chicken order2 Chicken

"hits" : { "total" : 3, "max_score" : 11.378191, "hits" : [ { "_index" : "hello", "_type" : "logs", "_id" : "AVmxaChupyZuCjD89xPX", "_score" : 11.378191, "_source" : { "message" : "order1\Chicken\r", "path" : "C:\\utils\\Elk\\logstash\\bin\\product.log", "OrderNumber" : "order1", "ProductName" : "Chicken\r" }}, { "_index" : "hello", "_type" : "logs", "_id" : "AVmxaChupyZuCjD89xPX", "_score" : 11.378191, "_source" : { "message" : "order3\Chicken\r", "path" : "C:\\utils\\Elk\\logstash\\bin\\product.log", "OrderNumber" : "order3", "ProductName" : "Chicken\r" } }, { "_index" : "hello", "_type" : "logs", "_id" : "AVmxaChupyZuCjD89xPX", "_score" : 11.378191, "_source" : { "message" : "order2\Chicken\r", "path" : "C:\\utils\\Elk\\logstash\\bin\\product.log", "OrderNumber" : "order2", "ProductName" : "Chicken\r" }
我对如何完成步骤2感到非常困惑，因为我对Elasticsearch非常陌生，请帮助

感谢
要搜索包含
鸡肉
订单号和除
鸡肉
以外的产品名称的文档，您可以使用以下查询：

{ "query" : { "and" : [ { "terms" : { "OrderNumber" : ["order1", "order2", "order3"] } }, { "not" : { "term" : { "ProductName" : "Chicken" } } } ] } }

@卡奇克，谢谢你