ElasticSearch

问题 How do I tell query_string which analyzer to use in a search? I've created my index with an analyzer like so: "analysis": { "analyzer": { "std_analyzer": { "tokenizer": "whitespace", "filter": [ "stemmer" ] } } } I do not predefine any mappings. Instead, I rely mappings to be dynamically added upon inserting a document. The mappings appear like so after calling /my_index/_mapping "short_bio" : { "type" : "text", "fields" : { "keyword" : { "type" : "keyword", "ignore_above" : 256 } } }, You

问题 I am new to Elasticsearch and I have to make a query that queries that two indexes. I want to return all the People with eye_color hazel from a nested data object within a polygon and I want the results to be sorted by name . I have looked at many questions on Stackoverflow, but can't get the query right. My data object is nested in the mapping. Can someone tell me what I am doing wrong? I am getting a failed to create query exception. The geojson is in one index and the data.eye_color is in

问题 We have a search engine for text content which contains strings like c++ or c# . The switch to Elasticsearch has shown that the search does not match on terms like 'c++'. ++ is removed. How can we teach elasticsearch to match correctly in a full text search and not to remove special characters? Characters like comma , should of course still be removed. 回答1: You need to create your own custom-analyzer which generates token as per your requirement, for your example I created a below custom

问题 I have few read heavy indices(started seeing performance issues on these indices) in my ES cluster which has ~50 million docs and noticed most of them have around 25% of total documents as deleted, I know that these deleted document count decrease over time when background merge operation happens , But in my case these count is always around ~25% of total documents and I have below questions/concerns: Will these huge no of deleted count affects the search performance as they are still part of

问题 I'm using C# NEST with ElasticSearch. I'm able to query an index of Products and look in their Name and CategoryName fields for matches. I can also extend the query using Highlights . Now in my IQueryResponse response I have two collections: (1) .Documents and (2) .Highlights . e.g.: Consider the search for: "cat" which has 3 document results: { { Name: "Cat product", CategoryName: "Category1" }, { Name: "Some product", CategoryName: "Category2" }, { Name: "Some product2", CategoryName:

问题 I have a single node el cluster. a few hours ago I have lost 2 indexes. these are the logs I have from the docker. I don't know of all the logs are there. the logs are too large for here: https://pastebin.com/YiLiQkPC here is sampled log: {"log":"{"type": "server", "timestamp": "2020-12-16T05:16:00,561Z", "level": "WARN", "component": "o.e.b.JNANatives", "cluster.name": "docker-cluster", "node.name": "37f65704d9bb", "message": "Unable to lock JVM Memory: error=12, reason=Cannot allocate

问题 Is it possible to do bulk atomic updates in ElasticSearch? I am aware that regular bulk updates are not atomic as noted here: https://www.elastic.co/guide/en/elasticsearch/guide/current/bulk.html#bulk Is there any other way to atomically update multiple documents? i.e. Either all the updates happen or none of them do. 回答1: Elasticsearch doesn't currently have a way to do what you're asking for. There are several responses to this question on the Elasticsearch site. https://discuss.elastic.co

问题 I have Kubernetes system in Azure and used the following instrustions to install fluent, elasticsearch and kibana: https://github.com/kubernetes/kubernetes/tree/master/cluster/addons/fluentd-elasticsearch I am able to see my pods logs in kibana but when i send logs more then 16k chars its just split. if i send 35k chars . its split into 3 logs. how can i increase the limit of 1 log? I want to able to see the 36k chars in one log. image here 回答1: https://github.com/fluent-plugins-nursery

问题 I am facing a problem in Kibana how to correctly filter a data. Basically my aim is to filter PASSED or FAILED tests from the following data structure. { "_index":"qa-reporting-2020-04", "_type":"qa-reporting", "_id":"456.0", "_version":1, "_score":null, "_source":{ "TestId":"CXXX01", "TestStatus":0, "Issues":[ ], "MetaData":{ "TestName":"Test1", "LastException":null, "DurationMs":1980.5899000000002, "Platform":{ "BrowserName":"chrome", "OS":"windows", "OsVersion":"10" }, "Categories":[ "Cat1

问题 java-version: 1.8 elastic-version: 7.10 ubuntu: 18.04LTS I am trying to connect to the elasticsearch using java, we already setup the security in elastic by using xpack security and elastic is password protected and working fine but problem occurs when I try to establish secure elastic connection using java. NOTE: Elasticsearch and java both are in different linux machine. I added these parameter in elasticsearch.yml cluster.name: la-test-elastic-2 network.host: 0.0.0.0 http.port: 9200 xpack