首先记录一个学习es的时候遇到的一个坑,错误是
[1]: max file descriptors [4096] for elasticsearch process is too low, increase to at least [65536]
网上的解答都是修改
etc/security/limits.conf sudo vi /etc/security/limits.conf 在文件最后面加上 soft nofile 65536 hard nofile 65536 soft nproc 4096 hard nproc 4096 注:*后面有空格
可是修改后,发现root用户的值变大了,可是普通用户还是4096,那还是不能运行es啊,网上基本没有说如何让普通用户的值发生变化,卡了我很长时间,直到我在知乎上看到下面的内容,
才清楚原来我是本地部署还要有普通用户权限才行,哎,怪自己linux学的不好,只要su + 普通用户的名字就可以让普通用户有管理员权限,之后就可成功运行es.
在网上看到了一个博主写的关于es的安装和相关软件的安装的教程,比如安装node.js,ik分词器,可视化工具head。和kibana,转载一下。
https://www.cnblogs.com/yijialong/p/9717593.html
#通配符查询?用来匹配一个任意的字符*用来匹配多个字符 GET /ems/_search { "query": { "wildcard": { "content": { "value": "sp*" } } } } GET /ems/_search { "query": { "wildcard": { "content": { "value": "框*" } } } } #多id进行查询,不过一般不会声明id GET ems/_search { "query": { "ids": { "values": [ "AoUFPHUBwStJbspbRiwc","A4UFPHUBwStJbspbRiwc"] } } } #模糊查询。此时当查询的内容与被查询的内容之间的编辑距离不大于2时可以成功的进行模糊匹配,具体是2个字符一下的要完全正确,2到4个只能错1个,五个以上最多错2个,其中编辑距离的概念是是指两个字串之间,由一个转成另一个(增删改)所需的最少编辑操作次数 GET /ems/_search { "query": { "fuzzy": { "content": "架构" } } } #布尔查询,是对多个条件实现复杂查询,bool表达式 #must 相当于&&同时成立,should: 相当于||成立一个就可以 #must not: 相当于!不能满足任何一个 GET /ems/_search { "query": { "bool": { "must": [ {"term": { "content": "语" }} ] , "must_not": [ {"term": { "age": { "value": "43" } }} ] } } } #多字段查询。得分是根据文章长度,和匹配到的次数,文章越短匹配次数越多越正确 #对于字段来说类型是text的需要对query进行分词处理,对于address则需要整体进行匹配 GET /ems/_search { "query": { "multi_match": { "query": "上海框架", "fields": ["content","address"] } } } #多字段分词查询,这种查询方式需要先设定好分词器的类型 GET /ems/_search { "query": { "multi_match": { "analyzer": "simple", "query": "架构", "fields": ["content","address"] } } } GET _analyze#分成的结果是一个字或一个词 { "analyzer": "standard", "text": "spring is a " } GET _analyze#做最细粒度分词 { "analyzer": "ik_max_word", "text": "五常大米" } GET _analyze#做粗粒度分词 { "analyzer": "ik_max_word", "text": "五常大米" } GET _analyze#分成的结果是个整体,对中文不分词,对英文分成单词,去掉数字 { "analyzer": "simple", "text": "这是个框架" } #高亮查询,一般把类型设置为text方便进行匹配 GET /ems/_search { "query": {"term": { "content": { "value": "开" } }}, "highlight": { "fields": {"*": {}}, "pre_tags": ["<span style='color:red'>"], "post_tags": ["</span>"], "require_field_match": "false" } } PUT /log #给数据库提前声明使用的分词器是ik { "mappings": { "properties": { "id":{ "type": "integer" }, "ip":{ "type": "text" , "analyzer": "ik_max_word" }, "content":{ "type": "text" , "analyzer": "ik_max_word" } } } } PUT /log/_doc/_bulk {"index":{}} {"id":12,"ip":"1.1.1.1","content":"我想看刘德华演的电视剧"} GET /log/_search { "query": { "term": { "content": { "value": "电视剧" } } } } GET _analyze#碰瓷被拆开了,要引入扩展词。包括静态扩展和动态扩展 { "analyzer": "ik_max_word", "text": "打击估计碰瓷的违法犯罪人员" } GET _analyze#碰瓷被拆开了,要引入扩展词。包括静态扩展和动态扩展 { "analyzer": "ik_max_word", "text": "no space in the queue" } GET _analyze#去停用词,同样在ik的yml文件里面进行配置,这次把百里守约当做停用词,百里守约被去除 { "analyzer": "ik_max_word", "text": "hello world 好学生,真的很优秀" } #更多的是使用远程扩展词典和去停用词,动态进行更新,不需要每次都启动es,但是需要开启一个服务,如Tomcat、具体操作可以百度,就是在配置文件里面加一个URL DELETE b_log PUT /b_log { "mappings": { "properties": { "id":{ "type": "integer" }, "log_id":{ "type":"keyword" }, "ip":{ "type": "ip" }, "sysname":{ "type": "keyword" }, "modulename":{ "type": "text" }, "level":{ "type": "keyword" }, "logtime":{ "type": "date", "format": "yyyy-MM-dd HH:mm:ss||yyyy-MM-dd||epoch_millis" }, "createtime":{ "type": "date", "format": "yyyy-MM-dd HH:mm:ss||yyyy-MM-dd||epoch_millis" }, "content":{ "analyzer": "ik_max_word", "type": "text" } } } } PUT /b_log/_bulk {"index":{}} {"id":16,"ip":"1.1.1.1","sysname":"abc","modulename":"module1","level":"1","logtime":"2019-10-10 10:10:10","createtime":"2019-10-10 10:10:10","content":"我想看刘德华演的电视剧"} {"index":{}} {"id":17,"ip":"1.1.1.1","sysname":"abc","modulename":"module2","level":"2","logtime":"2020-10-10 10:10:10","createtime":"2020-10-10 10:10:10","content":"this is a test."} {"index":{}} {"id":18,"ip":"1.1.1.1","sysname":"abc","modulename":"module3","level":"1","logtime":"2019-10-10 10:10:10","createtime":"2019-10-10 10:10:10","content":"no space in the queue"} {"index":{}} {"id":19,"ip":"1.1.1.1","sysname":"abc","modulename":"module1","level":"1","logtime":"2018-10-10 10:10:10","createtime":"2018-10-10 10:10:10","content":"linkindex=0,connindex=0,Proto_Connect: socket connect failed. HostName=127.0.0.1, port=10004,socketid=1964"} {"index":{}} {"id":20,"ip":"1.1.1.1","sysname":"abc","modulename":"module1","level":"1","logtime":"2018-10-10 10:10:10","createtime":"2018-10-10 10:10:10","content":"linkindex=0,connindex=0,Proto_Connect: socket connect failed. HostName=127.0.0.1, port=10004,socketid=1964"} {"index":{}} {"id":21,"ip":"1.1.1.1","sysname":"abc","modulename":"module1","level":"1","logtime":"2018-10-10 10:10:10","createtime":"2018-10-10 10:10:10","content":"linkindex=0,connindex=0,Proto_Connect: socket connect failed. HostName=127.0.0.1, port=10004,socketid=1964"} {"index":{}} {"id":22,"ip":"10.3.8.211","sysname":"sys1","modulename":"child.c","level":"2","logtime":"2020-10-10 10:10:10","createtime":"2020-10-10 10:10:10","content":"[2836] ThreadID[0] SocketCount[0] Status[2]"} {"index":{}} {"id":23,"ip":"10.3.8.211","sysname":"sys1","modulename":"child.c","level":"2","logtime":"2020-10-10 10:10:10","createtime":"2020-10-10 10:10:10","content":"[2836] ThreadID[0] SocketCount[0] Status[2]"} {"index":{}} {"id":24,"ip":"10.3.8.211","sysname":"sys1","modulename":"child.c","level":"2","logtime":"2020-10-10 10:10:10","createtime":"2020-10-10 10:10:10","content":"[2836] ThreadID[0] SocketCount[0] Status[2]"} {"index":{}} {"id":25,"ip":"10.3.8.211","sysname":"sys1","modulename":"child.c","level":"2","logtime":"2020-10-10 10:10:10","createtime":"2020-10-10 10:10:10","content":"[2836] ThreadID[0] SocketCount[0] Status[2]"} {"index":{}} {"id":26,"ip":"10.3.8.211","sysname":"sys1","modulename":"child.c","level":"2","logtime":"2020-10-10 10:10:10","createtime":"2020-10-10 10:10:10","content":"[2836] ThreadID[0] SocketCount[0] Status[2]"} {"index":{}} {"id":22,"ip":"10.3.8.211","sysname":"sys1","modulename":"child.c","level":"2","logtime":"2020-10-10 10:10:10","createtime":"2020-10-10 10:10:10","content":"[2836] ThreadID[0] SocketCount[0] Status[2]"} {"index":{}} {"id":22,"ip":"10.3.8.211","sysname":"sys1","modulename":"child.c","level":"2","logtime":"2020-10-10 10:10:10","createtime":"2020-10-10 10:10:10","content":"[2836] ThreadID[0] SocketCount[0] Status[2]"} {"index":{}} {"id":22,"ip":"10.3.8.211","sysname":"sys1","modulename":"child.c","level":"2","logtime":"2020-10-10 10:10:10","createtime":"2020-10-10 10:10:10","content": "[2836] ThreadID[0] SocketCount[0] Status[2]"} {"index":{}} {"id":22,"ip":"10.3.8.211","sysname":"sys1","modulename":"child.c","level":"2","logtime":"2020-10-10 10:10:10","createtime":"2020-10-10 10:10:10","content":"[2836] ThreadID[0] SocketCount[0] Status[2]"} {"index":{}} {"id":22,"ip":"10.3.8.211","sysname":"sys1","modulename":"child.c","level":"2","logtime":"2020-10-10 10:10:10","createtime":"2020-10-10 10:10:10","content":"[2836] ThreadID[0] SocketCount[0] Status[2]"} {"index":{}} {"id":22,"ip":"10.3.8.211","sysname":"sys1","modulename":"child.c","level":"2","logtime":"2020-10-10 10:10:10","createtime":"2020-10-10 10:10:10","content":"[2836] ThreadID[0] SocketCount[0] Status[2]"} {"index":{}} {"id": 10009, "ip": "127.0.0.1", "sysname": "systest", "modulename": "MsgLocQue.c", "level": "4", "logtime": "2020-10-16 12:45:12", "createtime": "2020-11-03 17:59:57", "content": "MoniLocMsgDes:msg[54] msgid=[ID:d6a9581f800035f89216f29800000] que[lq] Expire is over,will delete msg}x"} GET /b_log/_search { "query": { "term": { "content": "电视剧" } } } GET /b_log/_search {"query": {"bool":{"must":[ {"match_phrase":{"content":"linkindex=0,connindex=0,Proto_Connect: socket connect failed. HostName=127.0.0.1, port=10004,socketid="}} ]}}} GET /b_log/_search { "query": { "bool": { "must": [ {"term": { "content": "语"}}, {"age": { "value": "43" }} ] } } } GET /b_log/_count { }