- ElasticSearch Cookbook
- Alberto Paro
- 227字
- 2021-04-02 10:10:02
Mapping an IP field
ElasticSearch is used in a lot of networking systems to collect and search logs, such as Kibana (http://kibana.org/) and LogStash (http://logstash.net/). To improve search in these scenarios, it provides the IPv4 type that can be used to store an IP address in an optimized way.
Getting ready
You need a working ElasticSearch cluster.
How to do it...
You need to define the type of the field that contains IP address as "ip".
Using the above order example we can extend it by adding the customer IP address with the following code snippet:
"customer_ip": {
"type": "ip",
"store": "yes",
"index": "yes"
}
The IP must be in the standard point notation form, as follows:
"customer_ip":"19.18.200.201"
How it works...
When ElasticSearch is processing a document, if a field is an IP one, it tries to convert its value to a numerical form and generates tokens for fast-value searching.
The IP has the following special properties:
The other properties (store, boot, null_value, and include_in_all) work as other base types.
The advantages of using IP fields versus strings are its faster speed in every range and filter and lower resources usage (disk and memory).
- Citrix XenApp Performance Essentials
- Implementing Cisco UCS Solutions
- Modern Web Testing with TestCafe
- 精解Windows8
- macOS效率手冊(cè)
- 蘋果OS X Mavericks 10.9應(yīng)用大全
- 深入淺出Node.js
- 精解Windows 10
- Linux內(nèi)核API完全參考手冊(cè)(第2版)
- Linux操作系統(tǒng)案例教程(第2版)
- Implementing Domain-Specific Languages with Xtext and Xtend(Second Edition)
- Implementing Cloud Design Patterns for AWS(Second Edition)
- 程序員必讀經(jīng)典(算法基礎(chǔ)+計(jì)算機(jī)系統(tǒng))
- Python機(jī)器學(xué)習(xí)系統(tǒng)構(gòu)建(原書第3版)
- 數(shù)字系統(tǒng)設(shè)計(jì)與VHDL