惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

博客园_首页
N
News and Events Feed by Topic
P
Privacy International News Feed
The Hacker News
The Hacker News
Schneier on Security
Schneier on Security
C
Cybersecurity and Infrastructure Security Agency CISA
Security Latest
Security Latest
L
LINUX DO - 最新话题
阮一峰的网络日志
阮一峰的网络日志
Cisco Talos Blog
Cisco Talos Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Simon Willison's Weblog
Simon Willison's Weblog
The Cloudflare Blog
博客园 - 【当耐特】
博客园 - Franky
P
Privacy & Cybersecurity Law Blog
Attack and Defense Labs
Attack and Defense Labs
云风的 BLOG
云风的 BLOG
月光博客
月光博客
D
Docker
Webroot Blog
Webroot Blog
The GitHub Blog
The GitHub Blog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
W
WeLiveSecurity
S
Security Affairs
Martin Fowler
Martin Fowler
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Security Archives - TechRepublic
Security Archives - TechRepublic
Microsoft Azure Blog
Microsoft Azure Blog
C
CERT Recently Published Vulnerability Notes
B
Blog
L
Lohrmann on Cybersecurity
T
Threatpost
量子位
S
Schneier on Security
V
Visual Studio Blog
S
Securelist
T
The Exploit Database - CXSecurity.com
Scott Helme
Scott Helme
V
Vulnerabilities – Threatpost
aimingoo的专栏
aimingoo的专栏
The Register - Security
The Register - Security
I
Intezer
Stack Overflow Blog
Stack Overflow Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
博客园 - 聂微东
小众软件
小众软件
罗磊的独立博客
雷峰网
雷峰网
Recorded Future
Recorded Future

芈亓的Blog

Docker迁移数据教程 – 芈亓的Blog CentOS安装记录之固定IP – 芈亓的Blog CentOS安装记录之无线网卡 – 芈亓的Blog IDEA通用激活码,有效期一年 – 芈亓的Blog Intellij IDEA激活码 – 芈亓的Blog 阿里云服务器学生合集,赶快看过来!!! – 芈亓的Blog ChatGPT-NEXT-Web免费使用 – 芈亓的Blog swagger使用教程 – 芈亓的Blog SpringBoot项目集成QuartzJob任务 – 芈亓的Blog Maven加载本地Jar包的实操记录 – 芈亓的Blog MySQL主从复制学习小记 – 芈亓的Blog 免费搭建自己的私人ChatGPT小助手 – 芈亓的Blog 宝塔面板使用记录分享 – 芈亓的Blog “七七事变”86周年!勿忘国耻,吾辈自强! – 芈亓的Blog NVM安装步骤及使用方法 – 芈亓的Blog 炒菜的一个坏习惯,很多人还在做! – 芈亓的Blog 早上吃粽子,要多久才能消化完? – 芈亓的Blog 长夏如意,逢考必赢 – 芈亓的Blog 公司砍的就剩我俩了,万万没想到... – 芈亓的Blog
Elasticsearch 保姆级入门篇 – 芈亓的Blog
芈亓 · 2023-08-25 · via 芈亓的Blog

d55a9c64c6c5041f8778059a16f6d619
Elasticsearch 是一个分布式的、面向生产规模工作负载优化的搜索引擎。

Kibana 可以将 Elasticsearch 中的数据转化为直观的图表、图形和仪表盘。

这篇文章,您将学习本地安装 Elasticsearch 和 Kibana,以及使用开发工具/ Java SDK 创建索引和搜索数据。

1 本地安装

1.1 创建网络

我们需要创建一个供 Elasticsearch 和 Kibana 使用的 network。这个 network 将被用于 Elasticsearch 和 Kibana 之间的通信。

docker network create elastic

1.2 安装 ES

拉取 Elasticsearch 镜像

docker pull docker.elastic.co/elasticsearch/elasticsearch:{version}

这里的版本 version ,我们选取:8.9.0

docker pull docker.elastic.co/elasticsearch/elasticsearch:8.9.0

启动 docker elasticsearch 镜像

docker run --name elasticsearch --net elastic -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" -t docker.elastic.co/elasticsearch/elasticsearch:8.9.0 

进入ES容器,修改 elasticsearch 用户密码

bin/elasticsearch-reset-password --username elastic -i

1.3 安装 Kibana

拉取 Kibana 镜像

docker pull docker.elastic.co/kibana/kibana:8.9.0

启动 Kibana 镜像

docker run --name kibana --net elastic -p 5601:5601 docker.elastic.co/kibana/kibana:8.9.0

因为启动安装 Kibana ,需要 token , 所以进入 elasticsearch 容器 ,执行:

bin/elasticsearch-create-enrollment-token -s kibana

8cb3cf344877fdba54fce2d2725eb3d5
输入 token 之后,刷新页面,进入登录页面:

7d6c45141d0e3f58bc9f730d7057f399

2 接口测试

我们可以使用 Kibana Dev tools 来进行接口测试。

2.1 添加

向索引添加单个文档,提交一个 HTTP POST 请求,目标是该索引。

POST /customer/_doc/1
{
  "firstname": "Jennifer",
  "lastname": "Walters"
}

810a1147e81d3e142e35dc6c74462c0e
该请求会自动创建名为customer的索引(如果不存在),然后添加一个 ID 为 1的新文档,同时存储并建立firstnamelastname字段的索引。

新文档可以立即从集群中的任何节点获取。您可以使用 GET 请求来检索它,请求中需指定其文档 ID :

GET /customer/_doc/1

0de4de9289be64a9a8a3b25ae3c41d42
要一次性添加多个文档,请使用 _bulk API。批量数据必须是以换行分隔的 JSON(NDJSON)格式。每一行必须以换行字符(\n)结尾,包括最后一行。

PUT customer/_bulk
{ "create": { } }
{ "firstname": "Monica","lastname":"Rambeau"}
{ "create": { } }
{ "firstname": "Carol","lastname":"Danvers"}
{ "create": { } }
{ "firstname": "Wanda","lastname":"Maximoff"}
{ "create": { } }
{ "firstname": "Jennifer","lastname":"Takeda"}

3bfaea8f38d9f6d40646d2abe441d219

2.2 搜索

已索引的文档可以在准实时的情况下进行搜索。下面的搜索将在customer索引中匹配所有名为 Jennifer 的顾客。

GET customer/_search
{
  "query" : {
    "match" : { "firstname": "Jennifer" }
  }
}

ca03461411dea3aca94b7bb759073600

2.3 视图

进入 Kibana Data Views :

c10b08a28c908979b62904131b13c7c0
然后创建数据视图 :

0ac1a48b37220c3a50f4f29ba8fd8e70
创建数据视图之后,可以在 **Analytics > Discover ** 查看索引数据。

b861d280279812d7e89838e2743544d0

3 Java SDK 实战

3.1 依赖

<dependency>
    <groupId>co.elastic.clients</groupId>
    <artifactId>elasticsearch-java</artifactId>
    <version>8.9.0</version>
</dependency>

<dependency>
    <groupId>io.github.hakky54</groupId>
    <artifactId>sslcontext-kickstart</artifactId>
    <version>7.1.0</version>
</dependency>

<dependency>
    <groupId>com.fasterxml.jackson.core</groupId>
    <artifactId>jackson-databind</artifactId>
    <version>2.12.3</version>
</dependency>

<dependency>
    <groupId>com.fasterxml.jackson.core</groupId>
    <artifactId>jackson-core</artifactId>
    <version>2.12.3</version>
</dependency>

<dependency>
    <groupId>com.fasterxml.jackson.core</groupId>
    <artifactId>jackson-annotations</artifactId>
    <version>2.12.3</version>
</dependency>

<dependency>
    <groupId>jakarta.json</groupId>
    <artifactId>jakarta.json-api</artifactId>
    <version>2.0.1</version>
</dependency>

<!-- 强制走高版本 ,防止和springboot 依赖冲突  -->
<dependency>
    <groupId>org.elasticsearch.client</groupId>
    <artifactId>elasticsearch-rest-client</artifactId>
    <version>8.9.0</version>
</dependency>

3.2 创建客户端

1、通过用户名和密码创建客户端

RestClientBuilder builder = RestClient.builder(new HttpHost("localhost", 9200, "https"));

final CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("elastic", "ilxw@19841201"));

// Elasticsearch 提供了 Https 服务,创建 client 建立 SSL 链接时没有做证书验证 ;
SSLFactory sslFactory = SSLFactory.builder().withUnsafeTrustMaterial().withUnsafeHostnameVerifier().build();
builder = builder.setHttpClientConfigCallback(
                   httpClientBuilder -> httpClientBuilder.setDefaultCredentialsProvider(credentialsProvider)
                                 setSSLContext(sslFactory.getSslContext())
                                .setSSLHostnameVerifier(sslFactory.getHostnameVerifier())
        );

RestClient restClient = builder.build();

// Create the transport with a Jackson mapper
ElasticsearchTransport transport = new RestClientTransport(restClient, new JacksonJsonpMapper());

// And create the API client
ElasticsearchClient esClient = new ElasticsearchClient(transport);

2、通过 apikey 创建客户端

我们在安全目录的管理页面,创建 API key ,如下图:

4bb2c7ed47442ce51a43c1cad31bd3ce
示例代码如下:

// 自己创建的 apikey 
String apiKey = "cnRVUy1Ja0JZYUtuSTRuMG1oRkk6RVFSdTk2T2NRb1cyYVdLRTB4TjktQQ==";

RestClientBuilder builder = RestClient.builder(new HttpHost("localhost", 9200, "https"));

SSLFactory sslFactory = SSLFactory.builder().withUnsafeTrustMaterial().withUnsafeHostnameVerifier().build();

RestClient restClient = builder.setDefaultHeaders(new Header[]{new BasicHeader("Authorization", "ApiKey " + apiKey)}).setHttpClientConfigCallback(httpClientBuilder -> httpClientBuilder.setSSLContext(sslFactory.getSslContext()).setSSLHostnameVerifier(sslFactory.getHostnameVerifier())).build();

// Create the transport with a Jackson mapper
ElasticsearchTransport transport = new RestClientTransport(restClient, new JacksonJsonpMapper());

// And create the API client
ElasticsearchClient esClient = new ElasticsearchClient(transport);

3.3 创建文档

创建索引名为 products ,新建一个文档 id 为 1 。

ProductPo product = new ProductPo(1, "Bag", 42);

IndexRequest<Object> indexRequest = new IndexRequest.Builder<>().index("products").id(String.valueOf(product.getId())).document(product).build();

IndexResponse response = esClient.index(indexRequest);

System.out.println("Indexed with version " + response.version());

0aaec35d31c73e9237dbbfcbbcd9db76

3.4 查询文档

GetResponse<ProductPo> response = esClient.get(g -> g
                .index("products")
                .id(String.valueOf(1)),
        ProductPo.class
);

if (response.found()) {
    ProductPo product = response.source();
    System.out.println("Product name " + product.getName());
} else {
    System.out.println("Product not found");
}

3.5 修改文档

 Map<String, Object> doc = new HashMap<String, Object>();
 // 文档产品名称调整为 my bike
 doc.put("name", "my bike");
 doc.put("price", 100);

 BulkOperation op = new BulkOperation.Builder().update(
               i -> i.action(new UpdateAction.Builder<>().doc(doc).docAsUpsert(true).build()).id("1"))
                .build();

   List<BulkOperation> list = Collections.singletonList(op);
   BulkResponse response = esClient.bulk(bulkBuilder -> bulkBuilder.index("products").operations(list));

3.6 删除文档

esClient.delete(d -> d.index("products").id("1"));

参考文档:

1、Elasticsearch 官方文档:

https://www.elastic.co/guide/en/elasticsearch/client/java-api-client/current/getting-started-java.html

2、Github文档

https://github.com/elastic/elasticsearch