- ElasticSearch Cookbook
- Alberto Paro
- 227字
- 2021-04-02 10:10:02
Mapping an IP field
ElasticSearch is used in a lot of networking systems to collect and search logs, such as Kibana (http://kibana.org/) and LogStash (http://logstash.net/). To improve search in these scenarios, it provides the IPv4 type that can be used to store an IP address in an optimized way.
Getting ready
You need a working ElasticSearch cluster.
How to do it...
You need to define the type of the field that contains IP address as "ip".
Using the above order example we can extend it by adding the customer IP address with the following code snippet:
"customer_ip": {
"type": "ip",
"store": "yes",
"index": "yes"
}
The IP must be in the standard point notation form, as follows:
"customer_ip":"19.18.200.201"
How it works...
When ElasticSearch is processing a document, if a field is an IP one, it tries to convert its value to a numerical form and generates tokens for fast-value searching.
The IP has the following special properties:
The other properties (store, boot, null_value, and include_in_all) work as other base types.
The advantages of using IP fields versus strings are its faster speed in every range and filter and lower resources usage (disk and memory).
- Citrix XenApp Performance Essentials
- 每天5分鐘玩轉(zhuǎn)Kubernetes
- Windows Vista基礎(chǔ)與應(yīng)用精品教程
- Designing Purpose:Built Drones for Ardupilot Pixhawk 2.1
- Linux集群和自動化運(yùn)維
- Python基礎(chǔ)教程(第3版)
- RESS Essentials
- Windows Server 2012網(wǎng)絡(luò)操作系統(tǒng)項(xiàng)目教程(第4版)
- Kali Linux高級滲透測試
- Distributed Computing with Go
- 跟老男孩學(xué)Linux運(yùn)維:Shell編程實(shí)戰(zhàn)
- Windows 10從新手到高手
- HTML5 Enterprise Application Development
- Ubuntu Linux操作系統(tǒng)實(shí)用教程
- 電腦辦公(Windows 10 + Office 2016)入門與提高(超值版)