php - 尽管查询正确，ElasticSearch没有返回任何结果

我在elasticsearch中创建了一个名为filebeat的索引。日志数据是由filebeat代理在elasticsearch中发送的。
我想基于名为value_of_type的特定列/字段来过滤结果。使用PHP API:

$json =
    '{
        "query" : {
            "bool" : {
                "filter": [
                    {
                        "term" : 
                        {
                            "value_of_type" : "sound"
                        }
                    }
                ]
            }
        }
    }';

但是它返回0结果。

{"took":4,"timed_out":false,"_shards":{"total":5,"successful":5,"failed":0},"hits":{"total":0,"max_score":null,"hits":[]}}

在浏览器中点击myurl:9200/filebeat的结果如下所示:

{
    "filebeat": {
        "aliases": {},
        "mappings": {
            "doc": {
                "properties": {
                    "@timestamp": {
                        "type": "date"
                    },
                    "beat": {
                        "properties": {
                            "hostname": {
                                "type": "text",
                                "fields": {
                                    "keyword": {
                                        "type": "keyword",
                                        "ignore_above": 256
                                    }
                                }
                            },
                            "name": {
                                "type": "text",
                                "fields": {
                                    "keyword": {
                                        "type": "keyword",
                                        "ignore_above": 256
                                    }
                                }
                            },
                            "version": {
                                "type": "text",
                                "fields": {
                                    "keyword": {
                                        "type": "keyword",
                                        "ignore_above": 256
                                    }
                                }
                            }
                        }
                    },
                    "fields": {
                        "properties": {
                            "node": {
                                "type": "text",
                                "fields": {
                                    "keyword": {
                                        "type": "keyword",
                                        "ignore_above": 256
                                    }
                                }
                            },
                            "value_of_type": {
                                "type": "text",
                                "fields": {
                                    "keyword": {
                                        "type": "keyword",
                                        "ignore_above": 256
                                    }
                                }
                            }
                        }
                    },
                    "input_type": {
                        "type": "text",
                        "fields": {
                            "keyword": {
                                "type": "keyword",
                                "ignore_above": 256
                            }
                        }
                    },
                    "message": {
                        "type": "text",
                        "fields": {
                            "keyword": {
                                "type": "keyword",
                                "ignore_above": 256
                            }
                        }
                    },
                    "offset": {
                        "type": "long"
                    },
                    "source": {
                        "type": "text",
                        "fields": {
                            "keyword": {
                                "type": "keyword",
                                "ignore_above": 256
                            }
                        }
                    },
                    "type": {
                        "type": "text",
                        "fields": {
                            "keyword": {
                                "type": "keyword",
                                "ignore_above": 256
                            }
                        }
                    }
                }
            }
        },
        "settings": {
            "index": {
                "creation_date": "1494116541083",
                "number_of_shards": "5",
                "number_of_replicas": "1",
                "uuid": "IdhWgIqiQ-GNrZK3AvCP9g",
                "version": {
                    "created": "5020199"
                },
                "provided_name": "filebeat"
            }
        }
    }
}

最佳答案

您的查询是正确的，但是它与索引中的任何内容都不匹配:您已建立索引的文档结构不正确。

为了查询匹配的文档，索引中的文档应具有value_of_type字段，其值为"sound"(如下面的示例响应中返回的)。

一个简单的GET /filebeat/_search查询(不带任何过滤器)应给出如下结果:

{
   "took": 28,
   "timed_out": false,
   "hits": {
      "total": N, // the number of documents in your index
      "max_score": 1,
      "hits": [
         ...
         {
            "_index": "filebeat",
            "_type": "some_doc_type",
            "_id": "some_id",
            "_score": 1,
            "_source": {
               ...
               "value_of_type": "sound", // that's what you query will match
               ...
            }
     ]
 }

关于php - 尽管查询正确，ElasticSearch没有返回任何结果，我们在Stack Overflow上找到一个类似的问题： https://stackoverflow.com/questions/43826862/

php - 尽管查询正确，ElasticSearch没有返回任何结果

上一篇：android - 如何在Android Studio中从WAV获取字节

下一篇：javascript - 在HTML幻灯片中使用jQuery触发音频播放吗？