堆栈内存溢出
  简体   繁体   English

在 Elasticsearch 中重新索引

[英]Reindex in Elasticsearch

 原文  2021-05-26 07:32:12       arrays/ elasticsearch/ reindex/ elasticsearch-painless

问题描述

I've created an index template, and now trying to reindex my logs according to that index template.我创建了一个索引模板,现在尝试根据该索引模板重新索引我的日志。 This is a log just for instance:例如,这是一个日志:

  "_score": null,
  "_source": {
    "@timestamp": "2021-05-25T08:38:36",
    "host": "172.18.20.22",
    "Level": "Debug",
    "events": [
      "MessageTemplate": "{TimeoutTransactionLogsCount} transactions have timed-out.",
      "Properties": {
        "MachineName": "Monitoring",
        "Source": "NOC",
        "ProcessName": "LogService",
        "SourceContext": "LogSvc.TimeoutManager",
        "ThreadId": 10,
        "TimeoutTransactionLogsCount": 0
      }],
    "Level": "Debug",
    "Timestamp": "2021-05-25T13:07:40.7495940+04:30"
    },

As you see, the events field is an array and all content bellow it is [0] I want to write a reindex API script to specify the source and dest and also split the events field into document not an array.如您所见,事件字段是一个数组,它下面的所有内容都是 [0] 我想编写一个重新索引 API 脚本来指定源和目标,并将事件字段拆分为文档而不是数组。 For example this is what I need:例如,这就是我需要的:

  "_score": null,
  "_source": {
    "@timestamp": "2021-05-25T08:38:36",
    "host": "172.18.20.22",
    "Level": "Debug",
    "events": {
      "MessageTemplate": "{TimeoutTransactionLogsCount} transactions have timed-out.",
      "Properties": {
        "MachineName": "Monitoring",
        "Source": "NOC",
        "ProcessName": "LogService",
        "SourceContext": "LogSvc.TimeoutManager",
        "ThreadId": 10,
        "TimeoutTransactionLogsCount": 0
      }},
    "Level": "Debug",
    "Timestamp": "2021-05-25T13:07:40.7495940+04:30"
    },

How can I write the script in the dev tools?如何在开发工具中编写脚本?

POST _reindex
{
  "source": {
    "index":"testlog-2020.05.03"
  },
  "dest": {
    "index": "testlog-2020.05.03-reindexed"
  },
  "script": {
    "lang": "painless", 
    "source": "a script for changing `events` array to document..."
  }
}

Thanks in advance提前致谢

1 个解决方案

解决方案1
 0 已采纳  2021-05-26 07:44:08

Your script can simply do this:您的脚本可以简单地执行此操作:

POST _reindex
{
  "source": {
    "index":"testlog-2020.05.03"
  },
  "dest": {
    "index": "testlog-2020.05.03-reindexed"
  },
  "script": {
    "lang": "painless", 
    "source": "if (ctx._source.events != null) { ctx._source.events = ctx._source.events[0];}"
  }
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何重新索引过滤的数组 - How to reindex filted Array 重新索引PHP嵌套数组 - Reindex PHP Nested Array 按值重新索引数组 - Reindex array by values PHP重新索引数组方法 - PHP reindex array method 删除元素并重新索引 - Remove element and reindex 重新索引多维数组 - Reindex multidimensional array 如何重新索引数组? - How to reindex an array? 通过属性对对象数组重新排序,重新索引 - Reorder, reindex array of objects by a property Python:使用负索引对数组重新索引 - Python: reindex an array with negative index 从特定数字重新索引数组 - Reindex an array from a specific number
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM