有一个基于微服务的体系结构,其中每个服务具有不同类型的实体。例如:
服务1:
{
"entity_type": "SKU",
"sku": "123",
"ext_sku": "201",
"store": "1",
"product": "abc",
"timestamp": 1564484862000
}
服务2:
{
"entity_type": "PRODUCT",
"product": "abc",
"parent": "xyz",
"description": "curd",
"unit_of_measure": "gm",
"quantity": "200",
"timestamp": 1564484863000
}
服务三:
{
"entity_type": "PRICE",
"meta": {
"store": "1",
"sku": "123"
},
"price": "200",
"currency": "INR",
"timestamp": 1564484962000
}
服务4:
{
"entity_type": "INVENTORY",
"meta": {
"store": "1",
"sku": "123"
},
"in_stock": true,
"inventory": 10,
"timestamp": 1564484864000
}
我想编写一个由 elasticsearch 支持的审计服务,它将吸收所有这些实体,并将基于
entity_type,store,sku和timestamp进行索引。Elasticsearch在这里会是一个不错的选择吗?另外,索引将如何工作?因此,例如,如果我搜索
store=1,它将返回所有具有store的不同实体作为1。其次,我能否获取2 timestamps之间的所有实体?ES和Kibana(可视化)在这里会是不错的选择吗?
最佳答案
是。您的用例几乎就是described in the docs under filter context:
In filter context, a query clause answers the question “Does this document match this query clause?” The answer is a simple Yes or No — no scores are calculated. Filter context is mostly used for filtering structured data, e.g.
- Does this timestamp fall into the range 2015 to 2016?
- Is the status field set to
published?
关于elasticsearch - 在ElasticSearch中建立索引以进行审核,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/57270966/