Example 11 with TermsAggregationBuilder
use of org.graylog.shaded.elasticsearch7.org.elasticsearch.search.aggregations.bucket.terms.TermsAggregationBuilder in project metron by apache.
the class ElasticsearchDao method buildGroupRequest.
/**
* Builds a group search request.
* @param groupRequest The Metron group request.
* @param queryBuilder The search query.
* @return An Elasticsearch search request.
*/
private org.elasticsearch.action.search.SearchRequest buildGroupRequest(GroupRequest groupRequest, QueryBuilder queryBuilder) {
// handle groups
TermsAggregationBuilder groups = getGroupsTermBuilder(groupRequest, 0);
final SearchSourceBuilder searchSourceBuilder = new SearchSourceBuilder().query(queryBuilder).aggregation(groups);
// return the search request
String[] indices = wildcardIndices(groupRequest.getIndices());
return new org.elasticsearch.action.search.SearchRequest().indices(indices).source(searchSourceBuilder);
}
Also used :
SearchRequest(org.apache.metron.indexing.dao.search.SearchRequest)
TermsAggregationBuilder(org.elasticsearch.search.aggregations.bucket.terms.TermsAggregationBuilder)
SearchSourceBuilder(org.elasticsearch.search.builder.SearchSourceBuilder)
Example 12 with TermsAggregationBuilder
use of org.graylog.shaded.elasticsearch7.org.elasticsearch.search.aggregations.bucket.terms.TermsAggregationBuilder in project metron by apache.
the class ElasticsearchDao method getGroupsTermBuilder.
private TermsAggregationBuilder getGroupsTermBuilder(GroupRequest groupRequest, int index) {
List<Group> groups = groupRequest.getGroups();
Group group = groups.get(index);
String aggregationName = getGroupByAggregationName(group.getField());
TermsAggregationBuilder termsBuilder = AggregationBuilders.terms(aggregationName);
termsBuilder.field(group.getField()).size(accessConfig.getMaxSearchGroups()).order(getElasticsearchGroupOrder(group.getOrder()));
if (index < groups.size() - 1) {
termsBuilder.subAggregation(getGroupsTermBuilder(groupRequest, index + 1));
}
Optional<String> scoreField = groupRequest.getScoreField();
if (scoreField.isPresent()) {
SumAggregationBuilder scoreSumAggregationBuilder = AggregationBuilders.sum(getSumAggregationName(scoreField.get())).field(scoreField.get()).missing(0);
termsBuilder.subAggregation(scoreSumAggregationBuilder);
}
return termsBuilder;
}
Also used :
SumAggregationBuilder(org.elasticsearch.search.aggregations.metrics.sum.SumAggregationBuilder)
Group(org.apache.metron.indexing.dao.search.Group)
TermsAggregationBuilder(org.elasticsearch.search.aggregations.bucket.terms.TermsAggregationBuilder)
Example 13 with TermsAggregationBuilder
use of org.graylog.shaded.elasticsearch7.org.elasticsearch.search.aggregations.bucket.terms.TermsAggregationBuilder in project metron by apache.
the class ElasticsearchDao method buildSearchRequest.
/**
* Builds an Elasticsearch search request.
* @param searchRequest The Metron search request.
* @param queryBuilder
* @return An Elasticsearch search request.
*/
private org.elasticsearch.action.search.SearchRequest buildSearchRequest(SearchRequest searchRequest, QueryBuilder queryBuilder) throws InvalidSearchException {
if (LOG.isDebugEnabled()) {
LOG.debug("Got search request; request={}", ElasticsearchUtils.toJSON(searchRequest).orElse("???"));
}
SearchSourceBuilder searchBuilder = new SearchSourceBuilder().size(searchRequest.getSize()).from(searchRequest.getFrom()).query(queryBuilder).trackScores(true);
List<String> fields = searchRequest.getFields();
// column metadata needed to understand the type of each sort field
Map<String, FieldType> meta;
try {
meta = getColumnMetadata(searchRequest.getIndices());
} catch (IOException e) {
throw new InvalidSearchException("Unable to get column metadata", e);
}
// handle sort fields
for (SortField sortField : searchRequest.getSort()) {
// what type is the sort field?
FieldType sortFieldType = meta.getOrDefault(sortField.getField(), FieldType.OTHER);
// sort order - if ascending missing values sorted last. otherwise, missing values sorted first
org.elasticsearch.search.sort.SortOrder sortOrder = getElasticsearchSortOrder(sortField.getSortOrder());
String missingSortOrder;
if (sortOrder == org.elasticsearch.search.sort.SortOrder.DESC) {
missingSortOrder = SORT_MISSING_LAST;
} else {
missingSortOrder = SORT_MISSING_FIRST;
}
// sort by the field - missing fields always last
FieldSortBuilder sortBy = new FieldSortBuilder(sortField.getField()).order(sortOrder).missing(missingSortOrder).unmappedType(sortFieldType.getFieldType());
searchBuilder.sort(sortBy);
}
// handle search fields
if (fields != null) {
searchBuilder.fetchSource("*", null);
} else {
searchBuilder.fetchSource(true);
}
List<String> facetFields = searchRequest.getFacetFields();
// handle facet fields
if (facetFields != null) {
// https://www.elastic.co/guide/en/elasticsearch/client/java-api/current/_bucket_aggregations.html
for (String field : facetFields) {
String name = getFacetAggregationName(field);
TermsAggregationBuilder terms = AggregationBuilders.terms(name).field(field);
// new TermsBuilder(name).field(field);
searchBuilder.aggregation(terms);
}
}
// return the search request
String[] indices = wildcardIndices(searchRequest.getIndices());
if (LOG.isDebugEnabled()) {
LOG.debug("Built Elasticsearch request; indices={}, request={}", indices, searchBuilder.toString());
}
return new org.elasticsearch.action.search.SearchRequest().indices(indices).source(searchBuilder);
}
Also used :
SearchRequest(org.apache.metron.indexing.dao.search.SearchRequest)
SortField(org.apache.metron.indexing.dao.search.SortField)
FieldSortBuilder(org.elasticsearch.search.sort.FieldSortBuilder)
IOException(java.io.IOException)
SearchSourceBuilder(org.elasticsearch.search.builder.SearchSourceBuilder)
FieldType(org.apache.metron.indexing.dao.search.FieldType)
TermsAggregationBuilder(org.elasticsearch.search.aggregations.bucket.terms.TermsAggregationBuilder)
InvalidSearchException(org.apache.metron.indexing.dao.search.InvalidSearchException)
Example 14 with TermsAggregationBuilder
use of org.graylog.shaded.elasticsearch7.org.elasticsearch.search.aggregations.bucket.terms.TermsAggregationBuilder in project pancm_project by xuwujing.
the class EsHighLevelRestSearchTest method search.
/**
* search查询使用示例
*
* @throws IOException
*/
private static void search() throws IOException {
/*
* 全文查询使用示例
*/
// 查询指定的索引库
SearchRequest searchRequest = new SearchRequest("user");
SearchSourceBuilder sourceBuilder = new SearchSourceBuilder();
// 搜索字段user为pancm的数据
MatchQueryBuilder matchQueryBuilder = new MatchQueryBuilder("user", "pancm");
// 设置模糊查询
matchQueryBuilder.fuzziness(Fuzziness.AUTO);
// 设置前缀长度
matchQueryBuilder.prefixLength(3);
// 设置最大扩展选项来控制查询的模糊过程
matchQueryBuilder.maxExpansions(10);
/*
* QueryBuilder也可以
*/
// QueryBuilder matchQueryBuilder = QueryBuilders.matchQuery("user", "kimchy")
// .fuzziness(Fuzziness.AUTO)
// .prefixLength(3)
// .maxExpansions(10);
SearchSourceBuilder searchSourceBuilder2 = new SearchSourceBuilder();
searchSourceBuilder2.query(matchQueryBuilder);
SearchRequest searchRequest2 = new SearchRequest();
searchRequest2.source(searchSourceBuilder2);
// 同步查询
SearchResponse searchResponse2 = client.search(searchRequest, RequestOptions.DEFAULT);
SearchHits hits = searchResponse2.getHits();
// 总条数和分值
long totalHits = hits.getTotalHits();
float maxScore = hits.getMaxScore();
hits.forEach(hit -> {
String index = hit.getIndex();
String type = hit.getType();
String id = hit.getId();
float score = hit.getScore();
Map<String, Object> sourceAsMap = hit.getSourceAsMap();
String string = hit.getSourceAsString();
System.out.println("Match查询的Map结果:" + sourceAsMap);
System.out.println("Match查询的String结果:" + string);
String documentTitle = (String) sourceAsMap.get("title");
// List<Object> users = (List<Object>) sourceAsMap.get("user");
Map<String, Object> innerObject = (Map<String, Object>) sourceAsMap.get("innerObject");
});
System.out.println("\n=================\n");
/*
* 高亮查询
*/
SearchSourceBuilder searchSourceBuilder3 = new SearchSourceBuilder();
HighlightBuilder highlightBuilder = new HighlightBuilder();
HighlightBuilder.Field highlightTitle = new HighlightBuilder.Field("title");
// 设置字段高亮字体
highlightTitle.highlighterType("user");
highlightBuilder.field(highlightTitle);
HighlightBuilder.Field highlightUser = new HighlightBuilder.Field("user");
highlightBuilder.field(highlightUser);
searchSourceBuilder3.highlighter(highlightBuilder);
SearchRequest searchRequest3 = new SearchRequest();
searchRequest3.source(searchSourceBuilder3);
// 同步查询
SearchResponse searchResponse3 = client.search(searchRequest3, RequestOptions.DEFAULT);
searchResponse3.getHits().forEach(hit -> {
Map<String, Object> map = hit.getSourceAsMap();
String string = hit.getSourceAsString();
System.out.println("Highlight查询的Map结果:" + map);
System.out.println("Highlight查询的String结果:" + string);
});
System.out.println("\n=================\n");
/**
* 聚合查询
*/
SearchSourceBuilder searchSourceBuilder4 = new SearchSourceBuilder();
// terms 就是分组统计 根据user进行分组并创建一个新的聚合user_
TermsAggregationBuilder aggregation = AggregationBuilders.terms("user_").field("user");
aggregation.subAggregation(AggregationBuilders.avg("average_age").field("age"));
searchSourceBuilder4.aggregation(aggregation);
SearchRequest searchRequest4 = new SearchRequest();
searchRequest4.source(searchSourceBuilder4);
// 同步查询
SearchResponse searchResponse4 = client.search(searchRequest4, RequestOptions.DEFAULT);
// 聚合查询返回条件
Aggregations aggregations = searchResponse4.getAggregations();
System.out.println("聚合查询");
for (Aggregation agg : aggregations) {
String type = agg.getType();
String name = agg.getName();
Terms terms = (Terms) aggregations.get(name);
for (Terms.Bucket bucket : terms.getBuckets()) {
System.out.println("条数:" + bucket.getDocCount());
System.out.println("key:" + bucket.getKey());
System.out.println("num:" + bucket.getKeyAsNumber());
Avg avg = bucket.getAggregations().get("average_age");
System.out.println("value:" + avg.getValue());
}
if (type.equals(TermsAggregationBuilder.NAME)) {
Bucket elasticBucket = ((Terms) agg).getBucketByKey("average_age");
long numberOfDocs = elasticBucket.getDocCount();
System.out.println("条数:" + numberOfDocs);
}
}
/*
* 建议查询
*/
SearchSourceBuilder searchSourceBuilder5 = new SearchSourceBuilder();
SuggestionBuilder termSuggestionBuilder = SuggestBuilders.termSuggestion("user").text("pancm");
SuggestBuilder suggestBuilder = new SuggestBuilder();
suggestBuilder.addSuggestion("suggest_user", termSuggestionBuilder);
searchSourceBuilder5.suggest(suggestBuilder);
SearchRequest searchRequest5 = new SearchRequest();
searchRequest5.source(searchSourceBuilder5);
// 同步查询
SearchResponse searchResponse5 = client.search(searchRequest5, RequestOptions.DEFAULT);
Suggest suggest = searchResponse5.getSuggest();
TermSuggestion termSuggestion = suggest.getSuggestion("suggest_user");
for (TermSuggestion.Entry entry : termSuggestion.getEntries()) {
for (TermSuggestion.Entry.Option option : entry) {
String suggestText = option.getText().string();
System.out.println("返回结果:" + suggestText);
}
}
}
Also used :
SearchRequest(org.elasticsearch.action.search.SearchRequest)
Aggregations(org.elasticsearch.search.aggregations.Aggregations)
Suggest(org.elasticsearch.search.suggest.Suggest)
SearchSourceBuilder(org.elasticsearch.search.builder.SearchSourceBuilder)
Aggregation(org.elasticsearch.search.aggregations.Aggregation)
Bucket(org.elasticsearch.search.aggregations.bucket.terms.Terms.Bucket)
SuggestBuilder(org.elasticsearch.search.suggest.SuggestBuilder)
MatchQueryBuilder(org.elasticsearch.index.query.MatchQueryBuilder)
TermSuggestion(org.elasticsearch.search.suggest.term.TermSuggestion)
SearchHits(org.elasticsearch.search.SearchHits)
Terms(org.elasticsearch.search.aggregations.bucket.terms.Terms)
SearchResponse(org.elasticsearch.action.search.SearchResponse)
TermsAggregationBuilder(org.elasticsearch.search.aggregations.bucket.terms.TermsAggregationBuilder)
Avg(org.elasticsearch.search.aggregations.metrics.avg.Avg)
Bucket(org.elasticsearch.search.aggregations.bucket.terms.Terms.Bucket)
Map(java.util.Map)
SuggestionBuilder(org.elasticsearch.search.suggest.SuggestionBuilder)
HighlightBuilder(org.elasticsearch.search.fetch.subphase.highlight.HighlightBuilder)
Example 15 with TermsAggregationBuilder
use of org.graylog.shaded.elasticsearch7.org.elasticsearch.search.aggregations.bucket.terms.TermsAggregationBuilder in project pancm_project by xuwujing.
the class EsAggregationSearchTest method sumGroupSearch.
private static void sumGroupSearch() throws IOException {
String agg = "t_class_sum";
String buk = "t_grade";
// terms 就是分组统计 根据student的grade成绩进行分组并创建一个新的聚合
TermsAggregationBuilder aggregation = AggregationBuilders.terms(agg).field("class");
aggregation.subAggregation(AggregationBuilders.sum(buk).field("grade"));
logger.info("根据班级求总分:");
agg(aggregation, agg, buk);
}
Also used :
TermsAggregationBuilder(org.elasticsearch.search.aggregations.bucket.terms.TermsAggregationBuilder)
Aggregations
TermsAggregationBuilder (org.elasticsearch.search.aggregations.bucket.terms.TermsAggregationBuilder)64
SignificantTermsAggregationBuilder (org.elasticsearch.search.aggregations.bucket.significant.SignificantTermsAggregationBuilder)20
SearchResponse (org.elasticsearch.action.search.SearchResponse)14
Terms (org.elasticsearch.search.aggregations.bucket.terms.Terms)14
BoolQueryBuilder (org.elasticsearch.index.query.BoolQueryBuilder)13
Test (org.junit.Test)11
SearchRequestBuilder (org.elasticsearch.action.search.SearchRequestBuilder)8
FilterAggregationBuilder (org.elasticsearch.search.aggregations.bucket.filter.FilterAggregationBuilder)8
SearchSourceBuilder (org.elasticsearch.search.builder.SearchSourceBuilder)8
LinkedList (java.util.LinkedList)7
AggregationBuilder (org.elasticsearch.search.aggregations.AggregationBuilder)6
IncludeExclude (org.elasticsearch.search.aggregations.bucket.terms.IncludeExclude)6
Arrays (java.util.Arrays)4
Map (java.util.Map)4
SearchRequest (org.apache.metron.indexing.dao.search.SearchRequest)4
AbstractAggregationBuilder (org.elasticsearch.search.aggregations.AbstractAggregationBuilder)4
AggregationBuilders (org.elasticsearch.search.aggregations.AggregationBuilders)4
Sum (org.elasticsearch.search.aggregations.metrics.sum.Sum)4
Nullable (javax.annotation.Nullable)3
Bucket (org.elasticsearch.search.aggregations.bucket.terms.Terms.Bucket)3
