我正在尝试搜索索引,但是使用记录的match语法失败。
这是结果
GET apm-7.6.2-transaction-000001/_search
{
"_source": ["transaction.custom.campaign_name"],
"query": {
"match_all": {}
}
}
退货
{
"took" : 1,
"timed_out" : false,
"_shards" : {
"total" : 1,
"successful" : 1,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : {
"value" : 6,
"relation" : "eq"
},
"max_score" : 1.0,
"hits" : [
...
但是当我尝试过滤结果并仅获取值时,transaction.custom.campaign_name处于某个特定值,
GET apm-7.6.2-transaction-000001/_search
{
"query": {
"match" : {
"transaction.custom.campaign_name": "ca*"
}
}
}
我得到零点击:
{
"took" : 0,
"timed_out" : false,
"_shards" : {
"total" : 1,
"successful" : 1,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : {
"value" : 0,
"relation" : "eq"
},
"max_score" : null,
"hits" : [ ]
}
}
有人可以在这里指出我的问题吗?
非常感谢你!
PS:这是使用math_all时单次点击的示例:
...
{
"_index" : "apm-7.6.2-transaction-000001",
"_type" : "_doc",
"_id" : "8gX_B3IB6W5uorYBtJHZ",
"_score" : 1.0,
"_source" : {
"agent" : {
"name" : "rum-js",
"version" : "5.1.1"
},
"processor" : {
"name" : "transaction",
"event" : "transaction"
},
"labels" : {
"label1" : "ahoi"
},
"observer" : {
"hostname" : "c99d7caa67e7",
"id" : "74cdd7ab-e3e5-4794-972d-cfd54f5f48d4",
"ephemeral_id" : "bab410d0-501b-4a4e-93e8-0b1520992451",
"type" : "apm-server",
"version" : "7.6.2",
"version_major" : 7
},
"trace" : {
"id" : "59986f27506d0ab53a82f74f2669ff0a"
},
"@timestamp" : "2020-05-12T08:28:17.000Z",
"ecs" : {
"version" : "1.4.0"
},
"service" : {
"name" : "test",
"language" : {
"name" : "javascript"
}
},
"client" : {
"ip" : "172.22.0.1"
},
"user" : {
"name" : "mojovski",
"id" : "aabbxx",
"email" : "hi@mail.de"
},
"transaction" : {
"duration" : {
"us" : 425000
},
"custom" : {
"campaign_name" : "campaign_1_welt.de_max-price:4eur",
"stuff" : "stuff"
},
"name" : "Unknown",
"marks" : {
"agent" : {
"domInteractive" : 301,
"domComplete" : 416,
"timeToFirstByte" : 35
},
"navigationTiming" : {
"responseEnd" : 35,
"responseStart" : 35,
"domainLookupEnd" : 1,
"domInteractive" : 301,
"domContentLoadedEventStart" : 317,
"domComplete" : 416,
"domainLookupStart" : 1,
"connectEnd" : 1,
"connectStart" : 1,
"loadEventStart" : 416,
"requestStart" : 34,
"fetchStart" : 0,
"domContentLoadedEventEnd" : 342,
"loadEventEnd" : 421,
"domLoading" : 38
}
},
"page" : {
"referer" : "",
"url" : "http://localhost:8080/"
},
"span_count" : {
"started" : 23
},
"id" : "a6b27cdc0e2299b5",
"type" : "page-load",
"sampled" : true
},
"user_agent" : {
"original" : "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0",
"os" : {
"name" : "Ubuntu"
},
"name" : "Firefox",
"device" : {
"name" : "Other"
},
"version" : "76.0."
},
"timestamp" : {
"us" : 1589272097000246
}
}
}
...
更新
这是索引的映射,通过
GET apm-7.6.2-transaction-000001/_mapping(由于文件太大,我将其放入要点:)
https://gist.github.com/mojovski/143fe5f87b54e2c020a3217ea55e3bbf
最佳答案
match查询不支持通配符。
如果您要搜索前缀,则可以尝试使用prefix查询。
GET apm-7.6.2-transaction-000001/_search
{
"query": {
"prefix" : { <-- change this
"transaction.custom.campaign_name": "ca"
}
}
}
关于elasticsearch - 未能匹配/搜索索引,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/61748430/