elasticsearch-aggregation

来源： https://stackoverflow.com/questions/61496439/unknown-baseaggregationbuilder-composite-error-when-running-elasticsearch-co

来源： https://stackoverflow.com/questions/61496439/unknown-baseaggregationbuilder-composite-error-when-running-elasticsearch-co

问题 I am using the file beat and able to successfully push the logs to the elasticsearch in a particular index. I have a use case where I need to find the duplicates in the logs, I tried using aggregation and I am able to find the duplicates in the logs for the exact log match like below, 2019-07-23 11:38:17,401 WARN [org.amazon.events] (default task-3) type=LOGIN_ERROR, realmId=amazon, clientId=angular-cors, userId=209fd7db-6964-41ff-bffd-3975ccbc03bb, ipAddress=44.44.44.44, error=invalid_user

问题 I am using the file beat and able to successfully push the logs to the elasticsearch in a particular index. I have a use case where I need to find the duplicates in the logs, I tried using aggregation and I am able to find the duplicates in the logs for the exact log match like below, 2019-07-23 11:38:17,401 WARN [org.amazon.events] (default task-3) type=LOGIN_ERROR, realmId=amazon, clientId=angular-cors, userId=209fd7db-6964-41ff-bffd-3975ccbc03bb, ipAddress=44.44.44.44, error=invalid_user

问题 I am using the file beat and able to successfully push the logs to the elasticsearch in a particular index. I have a use case where I need to find the duplicates in the logs, I tried using aggregation and I am able to find the duplicates in the logs for the exact log match like below, 2019-07-23 11:38:17,401 WARN [org.amazon.events] (default task-3) type=LOGIN_ERROR, realmId=amazon, clientId=angular-cors, userId=209fd7db-6964-41ff-bffd-3975ccbc03bb, ipAddress=44.44.44.44, error=invalid_user

问题 I have a logstash pipeline that fetches data from mysql using jdbc input connecter aggregates data for users based on user id pushes aggregated data to elasticsearch cluster It fetches large amount of data (e.g 2 million rows) from mysql server and uses cursor fetch with "jdbc_fetch_size" of 100000 so that it does not load all the rows at once (not page size, limit + offset but fetch_size) to avoid out of memory exception. Below is my configuration: input { jdbc { jdbc_driver_class => "com

问题 I was using elasticsearch 5.5 where I have one index and 3 types like below, Index Name : Main Types : TypeA, TypeB, TypeC In 5.5, I was running aggregation like this, AggregationBuilder ag = AggregationBuilders.terms("aggregatekey").field("field1").order(Terms.Order.aggregation("datafield", false)).size(100); SearchResponse response = eswrapper.prepareSearch("Main").addAggregation(ag).setSize(0) .execute().actionGet(); so It searches across the single index where 3 types were there. Then I

问题 I have data such as: { "_index": "user_log", "_type": "logs", "_id": "gdUJpXIBAoADuwvHTK29", "_score": 1, "_source": { "user_id": 105, "user_name": "prathameshsalap@gmail.com", "working_hours": "2019-10-21 09:00:01", "date": "2019-10-21", "working_minutes": 540 } { "_index": "user_log", "_type": "logs", "_id": "gtUJpXIBAoADuwvHTK29", "_version": 1, "_score": 0, "_source": { "user_id": 106, "user_name": "vaishusawant143@gmail.com", "working_hours": "2019-10-21 09:15:01", "date": "2019-10-21",

问题 I have Elasticsearch data like this- PUT /text/_doc/1 { "name": "pdf1", "text":"For the past six weeks. The unemployment crisis has unfolded so suddenly and rapidly." } PUT /text/_doc/2 { "name": "pdf2", "text":"The unemployment crisis has unfolded so suddenly and rapidly." } In this example I am making a full text search, I am searching for all the documents that have "unemployment" sub-string in the "text" field. And in the end i want all the documents sorted in the ascending order of the

问题 I tried two different approaches for creating index and both are returning anything if I search for part o the word. Basically, if I search for first letters or letters in the middle of the word I want get all the documents. FIRST TENTATIVE BY CREATING INDEX THAT WAY (other stackoverflow question a bit old): POST correntistas/correntista { "index": { "index": "correntistas", "type": "correntista", "analysis": { "index_analyzer": { "my_index_analyzer": { "type": "custom", "tokenizer":