1、删除query匹配的doc
POST /rally-results-2021-04/_delete_by_query
{
"query": {
"match": {
"user-tags.tag_cluster_name": "es-benchmark-search3data1replicas"
}
}
}
2、前缀查询
{
"query": {
"prefix": {
"user-tags.tag_cluster_name": "es-benchmark-search"
}
}
}
3、删除index
4、查看分片状态
GET /_cat/shards?h=index,shard,prirep,state,unassigned.reason| grep UNASSIGNED
5、正则匹配
{
"query": {
"wildcard": {
"user-tags.tag_cluster_name": "es-benchmark-search?*2replicas"
}
}
}
6、查看es集群的http接口
GET /_cat/nodes?v&h=n,r,http
7、多条件组合查询
bool常用于多条件组合查询
filter:返回必须满足子条件的doc,搜索结果不计算得分,会用缓存
term常用于精确值搜索
POST 索引名/_search
{
"query": {
"bool": {
"filter": [
{
"term": {
"log_id": "xxxxxx"
}
},
{
"term": {
"space": "gddd_001"
}
},
{
"range": {
"ice_level": {
"gte": 0,
"lt": 6
}
}
},
{
"range":{
"client_timestamp": {
"gte": 1612137806000,
"lte": 1612184606000
}
}
}
]
}
},
"sort": { "@timestamp": { "order": "desc" }}
}
8、查询metricbeat中old gc time
GET /metricbeat-*/_search
{
"query":{
"bool":{
"filter":[
{
"exists": {
"field": "elasticsearch.node.stats.jvm.gc.collectors.old.collection.ms"
}
},
{
"range": {
"@timestamp": {
"gte": "2021-06-23T02:34:00.000Z",
"lte": "2021-06-23T02:35:00.000Z"
}
}
}
]
}
}
}