1、查看索引字段映射
curl -u : --negotiate -H "Content-Type: application/json" sdsec20034:9200/threat-intelligence-office-domain-data-2023/_mapping2、登录kbers认证
账号密码在记录在容器内/opt/jass.conf文件中
kinit -kt /opt/mr.keytab mr/[email protected]3、查询时间范围内数据
curl -u : --negotiate -H "Content-Type: application/json" jtsec124135:9200/ailpha-baas-alarm-2023*/_search -d '
{
"from": 0,
"size": 0,
"query": {
"bool": {
"must": [
{
"range": {
"startTime": {
"gte": "2023-12-08 00:00:00",
"lte": "2023-12-08 16:00:00"
}
}
},
{
"terms": {
"modelName": [
"dbappThreatIntelligenceDomain",
"dbappThreatIntelligenceIP"
],
"boost":1.0
}
}
]
}
}
}' 4、查询指定索引内自定字段的最大值和最小值
curl -u : --negotiate -H "Content-Type: application/json" sdsec20034:9200/ailpha-baas-alarm-2023-000001/_search -d '
{
"size": 0,
"aggs": {
"min_startTime": {
"min": {
"field": "startTime"
}
},
"max_startTime": {
"max": {
"field": "startTime"
}
}
}
}'