zoukankan      html  css  js  c++  java

  • elasticsearch复合查询

    查询最近一小时内data.@level字段为Error的日志并按date倒序排列,输出最近10条,只输出[date,message]两个字段

    GET events*/_search
    {
        "query": {
                    "bool": {
                        "must": [
                            {
                                "query_string": {
                                    "fields": ["data.@level"],
                                    "query""Error"
                                 
                            }
                            }
                             
                        ],
                    "filter": {
                               "range": {
                          "date": {
                            "gte""now-1h",
                            "lte""now"
                          }
                        }
                    }
                       
                    }
                    },
                    "sort": [
                      {
                        "date": {
                          "order""desc",
                          "missing""_last"
                        }
                      }],
                      "_source": ["date","message"],
                      "size": 10
        }
  • 相关阅读:
    圖標網址
    webmethod Ajax请求格式和返回类型 汇总
    第一阶段图标动效打卡
    大数据可视化--控件设计
    Python 多任务(进程) day1(3)
    Python 多任务(进程) day1(2)
    Python 多任务(进程) day1(1)
    Python 多任务(线程) day2 (2)
    Python 多任务(线程) day1
    TCP和UDP的一些注意事项
  • 原文地址:https://www.cnblogs.com/larry-luo/p/11133308.html
Copyright © 2011-2022 走看看