在Docker中启动 Elastic-SQL 命令行
/usr/share/elasticsearch/jdk/bin/java -cp elasticsearch-sql-cli-7.9.0.jar org.elasticsearch.xpack.sql.cli.Cli
# 发现乱码,加上参数,解决乱码问题
/usr/share/elasticsearch/jdk/bin/java -Dfile.encoding=UTF-8 -cp elasticsearch-sql-cli-7.9.0.jar org.elasticsearch.xpack.sql.cli.Cli
kibana中使用 Elastic-SQL
# 基本查询
POST _sql?format=json
{
"query":"select * from es_biz_trade_product"
}
# format 格式化输出
?format=
参数有 csv json tsv txt yaml cbor smile 这几种
# 转换
POST _sql/translate
{
"query": "SELECT * FROM es_biz_trade_product",
"fetch_size": 10
}
# DSL 过滤
POST _sql?format=json
{
"query": """
SELECT * FROM "es_biz_trade_product"
""",
"filter": {
"range": {
"original_price": {
"gte": 10,
"lte": 80
}
}
},
"fetch_size": 2
}
# columnar
POST _sql?format=json
{
"query": "SELECT * FROM es_biz_trade_product",
"fetch_size": 10,
"columnar": true
}
# scroll 分页,带上 scroll=1m
# 第一次查询
POST es_biz_trade_product/_search?scroll=1m
{
"size": 2
}
# 获取 _scroll_id 中的值,做为 POST 请求参数
POST _search/scroll?scroll=1m
{
"scroll_id" : "FGluY2x1ZGVfY29udGV4dF91dWlkDXF1ZXJ5QW5kRmV0Y2gBFGdWYklNM1FCZzVNR1ZIUlRzTTFEAAAAAAAAjWAWWXFVTEJFUjVUZlM0NHpEaVZHSTZYdw=="
}
# 用 _scroll_id 发送请求,直到 hits 为空为止
# scroll 性能问题
1. 默认scroll有排序,可以用 "sort": [ "_doc" ]
POST es_biz_trade_product/_search?scroll=1m
{
"size": 2,
"sort": [ "_doc" ]
}
2. scroll 占用系统资源,务必用完就关闭。
DELETE _search/scroll
{
"scroll_id": "FGluY2x1ZGVfY29udGV4dF91dWlkDXF1ZXJ5QW5kRmV0Y2gBFElGYk9NM1FCZzVNR1ZIUlQ2TTVFAAAAAAAAjf8WWXFVTEJFUjVUZlM0NHpEaVZHSTZYdw=="
}
# 加上 fetch_size 就会有 cursor
# cursor 分页例子,获取 cursor 值发送请求
POST _sql?format=json
{
"query": "SELECT * FROM es_biz_trade_product",
"fetch_size": 2,
"columnar": true
}
POST _sql?format=json
{
"cursor" : "s9+wAwFaAXN4RkdsdVkyeDFaR1ZmWTI5dWRHVjRkRjkxZFdsa0RYRjFaWEo1UVc1a1JtVjBZMmdCRkhCc1ltVk5NMUZDWnpWTlIxWklVbFJVWXpockFBQUFBQUFBajRVV1dYRlZURUpGVWpWVVpsTTBOSHBFYVZaSFNUWllkdz09/////w8FAWYNY3VycmVudF9wcmljZQENY3VycmVudF9wcmljZQEGZG91YmxlAAAAAWYCaWQBAmlkAQRsb25nAAAAAWYEbmFtZQEEbmFtZQEEdGV4dAAAAAFmDm9yaWdpbmFsX3ByaWNlAQ5vcmlnaW5hbF9wcmljZQEGZG91YmxlAAAAAWYJc2Nyb2xsX2lkAQlzY3JvbGxfaWQBBHRleHQAAAABHw==",
"columnar": true
}
# cursor 用完,也要关闭
POST /_sql/close
{
"cursor": "s9+wAwFaAXN4RkdsdVkyeDFaR1ZmWTI5dWRHVjRkRjkxZFdsa0RYRjFaWEo1UVc1a1JtVjBZMmdCRkhCc1ltVk5NMUZDWnpWTlIxWklVbFJVWXpockFBQUFBQUFBajRVV1dYRlZURUpGVWpWVVpsTTBOSHBFYVZaSFNUWllkdz09/////w8FAWYNY3VycmVudF9wcmljZQENY3VycmVudF9wcmljZQEGZG91YmxlAAAAAWYCaWQBAmlkAQRsb25nAAAAAWYEbmFtZQEEbmFtZQEEdGV4dAAAAAFmDm9yaWdpbmFsX3ByaWNlAQ5vcmlnaW5hbF9wcmljZQEGZG91YmxlAAAAAWYJc2Nyb2xsX2lkAQlzY3JvbGxfaWQBBHRleHQAAAABHw=="
}
# 参数
query
fetch_size
filter
request_timeout
page_timeout
time_zone
columnar
field_multi_value_leniency
index_include_frozen
params
params 参数解析例子
POST _sql?format=json
{
"query": """
SELECT * FROM "es_biz_trade_product" where original_price > ?
""",
"params": [100]
}
Elasticsearch
Stella981
• 阅读
706
点赞
收藏
