ElasticSearch 精确查询统计

ElasticSearch 精确查询统计

match_phrase:短语匹配,不分词

GET logback-2022-08/_search
{
  "size": 1, //显示1条记录
  "query": {
    "bool": {
      "must": [
        {
          "match_phrase": {
            "app": "xxx" //按app精确查询
          }
        },
        {
          "match_phrase": {
            "data_source": "xxx" //按data_source精确查询
          }
        },
        {
          "match_phrase": {
            "proc_status": "suc" //按proc_status精确查询
          }
        },
        {
          "match_phrase": {
            "proc_phase": "collect" //按proc_phase精确查询
          }
        },
        {
          "range": {
            "@timestamp": { //按时间范围查询
              "gte": "2022-08-29T00:00:00.000+0800",
              "lte": "2022-08-29T23:59:59.999+0800"
            }
          }
        },
        {
          "range": {
            "aggCount": { //按aggCount值的范围查询
              "gte": 0,
              "lte": 1000000
            }
          }
        }
      ]
    }
  },
  "sort": {
    "@timestamp": "asc" //按@timestamp排序
  },
  "aggs": {
    "sumAggCount": {
      "sum": { //求和
        "field": "aggCount" //统计aggCount
      }
    }
  }
}

时间范围 指定format

{
  "range": {
    "@timestamp": {
      "gte": "2022-08-28 16:00:00", //开始时间2022-08-29 00:00:00(设置的时间加8小时)
      "lte": "2022-08-29 15:59:59", //结束时间2022-08-29 23:59:59(设置的时间加8小时)
      "format": "yyyy-MM-dd HH:mm:ss"
    }
  }
}
posted @ 2022-08-30 09:27  0611163  阅读(249)  评论(0编辑  收藏  举报