碼上快樂

相關內容    簡體    繁體

elasticsearch復合查詢

本文轉載自   查看原文   2019-07-04 16:39   469    Elasticsearch

查詢最近一小時內data.@level字段為Error的日志並按date倒序排列,輸出最近10條,只輸出[date,message]兩個字段

GET events*/_search
{
     "query" : {
                 "bool" : {
                     "must" : [
                         {
                             "query_string" : {
                                 "fields" : [ "data.@level" ],
                                 "query" "Error"
                             
                         }
                         }
                         
                     ],
                 "filter" : {
                            "range" : {
                       "date" : {
                         "gte" "now-1h" ,
                         "lte" "now"
                       }
                     }
                 }
                   
                 }
                 },
                 "sort" : [
                   {
                     "date" : {
                       "order" "desc" ,
                       "missing" "_last"
                     }
                   }],
                   "_source" : [ "date" , "message" ],
                   "size" : 10
     }


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 elasticsearch 復合查詢 Elasticsearch(7) --- 復合查詢 ElasticSearch:組合查詢或復合查詢 Elasticsearch實現復合查詢,高亮結果等技巧 Elasticsearch 復合查詢——多字符串多字段查詢 【ElasticSearch(七)進階】multi_match多字段匹配、bool復合查詢 ES 復合查詢 MongoTemplate復合條件查詢 tp3.2 復合查詢or Thinkphp 查詢條件 and 和 or同時使用即復合查詢
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM