Elk的查询使用方法

1 elk通过调用其api的使用方法

elasticsearch官网提供了这个cat的api方法，具体使用如下：

elasticsearch本身提供了9200端口（如果未做修改的话）,可以在es的ip和端口后加/_cat查看可用的cat api

以下为列举出的一般用法，更多用法可以在/_cat来查看

1.1 /_cat/indices?index=a_log_*&v 查询指定index的状态，documents数量，占用大小等信息

[root@es2-6conf]# curl '172.31.182.127:9200/_cat/indices?index=logstash-2019.03&v'

health status index uuid pri rep docs.countdocs.deleted store.size pri.store.size

green open logstash-2019.03Un_vcYjaQSeB5RLiYXtLEw 5 1 1761866 0 673.2mb 337mb

1.2 /_cat/indices?v 查询所有index的状态，documents数量，占用大小，等信息

[root@es2-6conf]# curl '172.31.182.127:9200/_cat/indices?v'

health status index uuid pri rep docs.countdocs.deleted store.size pri.store.size

green open metricbeat-6.5.4-2019.03.03 vJag6asmS0ifG6Ty-AEj9Q 1 1 270319 0 86.6mb 43.3mb

green open .monitoring-es-6-2019.03.01 eLpZBY0cTk6XOgKuJNgsUQ 1 1 111017 128 133.2mb 67.2mb

green open .monitoring-es-6-2019.02.28 U7_Ct9HfTsCKYzB8H5QBng 1 1 493554 1436 559.8mb 279.9mb

green open metricbeat-6.5.2-2019.03.01 HZypdjWOSnCMwc8K6pjS0A 1 1 3145778 0 1.6gb 862.1mb

green open .monitoring-kibana-6-2019.03.01 RFE_LA3rTGSL4l8g50AWfA 1 1 15421 0 8.5mb 4.2mb

green open metricbeat-6.5.4-2019.03.01 TS8rSj6HSXWOy96va5U8lw 1 1 154844 0 50.6mb 25.4mb

green open logstash-2019.03 Un_vcYjaQSeB5RLiYXtLEw 5 1 1761676 0 670.5mb 337mb

green open metricbeat-6.5.2-2019.03.03 jfScLYzMSLiBC4_xi_OlZQ 1 1 5578728 0 2.9gb 1.4gb

green open .monitoring-kibana-6-2019.03.04 8aFHIaF4R8un1VV1AbtODw 1 1 1284 0 852kb 376.3kb

green open .monitoring-kibana-6-2019.03.02 1uiWDq28T9eDun8KLMxu8A 1 1 17261 0 9.2mb 4.5mb

green open metricbeat-6.5.4-2019.03.04 mduHD1JoR_WG9jCZ7DsbWg 1 1 111434 0 35.5mb 17.7mb

green open metricbeat-6.5.2-2019.03.04 o0ng_Xb4QQOfKMi40z9AJg 1 1 2292421 0 1.6gb 677.6mb

green open .monitoring-kibana-6-2019.03.03 hmWFv9ykQEyJxZbXCOE5XQ 1 1 17258 0 7.4mb 3.6mb

green open metricbeat-6.5.2-2019.03.02 7YvwpDDdT1a4oAhXIt6lAw 1 1 5577032 0 3gb 1.4gb

green open .monitoring-es-6-2019.03.02 iVHyzaqvSoCTAMFEp1rQPQ 1 1 152831 234 195.2mb 97.4mb

green open .monitoring-es-6-2019.03.04 OulM1NwWQ7yLhRtoVNdpqg 1 1 16398 138 24.2mb 12.1mb

green open .monitoring-es-6-2019.03.03 RoeZ5g1uTM6fQM38GY0AOA 1 1 187386 420 249.8mb 124.9mb

green open .kibana dH7_KDcLTM27femts5bjoA 1 1 4 0 39.2kb 19.6kb

green open metricbeat-6.5.4-2019.03.02 vpFfj92gR8qiZ4t2iAAWzw 1 1 271854 0 87.2mb 43.5mb

1.3 /_cat/allocation?v 查询当前索引的filter以及routing所配置的别名信息

[root@es2-6conf]# curl '172.31.182.127:9200/_cat/allocation?v'

shards disk.indices disk.used disk.availdisk.total disk.percent host ip node

16 5.4gb 23.1gb 26.7gb 49.9gb 46 172.31.182.104 172.31.182.104es2-6.5-2

15 2.4gb 19.2gb 30.7gb 49.9gb 38 172.31.182.134 172.31.182.134es2-6.5-3

15 3.4gb 29.6gb 20.3gb 49.9gb 59 172.31.182.127 172.31.182.127es2-6.5-1

1.4 /_cat/count?v&index=a_log_* 查询index=a_log_* 的所有日志总数

[root@es2-6conf]# curl '172.31.182.127:9200/_cat/count?v&index=logstash-2019.03'

epoch timestamp count

1551664576 01:56:16 1764178

1.5 查看别名接口(_cat/aliases): 查看索引别名

[root@es2-6conf]# curl '172.31.182.127:9200/_cat/aliases/'

[root@es2-6 conf]#

1.6 查看分配资源接口(_cat/allocation)

[root@es2-6 conf]# curl -XGEThttp://172.31.182.127:9200/_cat/allocation

16 5.4gb 23.1gb 26.7gb 49.9gb 46172.31.182.104 172.31.182.104 es2-6.5-2

15 3.4gb 29.6gb 20.3gb 49.9gb 59172.31.182.127 172.31.182.127 es2-6.5-1

15 2.3gb 19.1gb 30.7gb 49.9gb 38172.31.182.134 172.31.182.134 es2-6.5-3

1.7 查看文档个数接口(_cat/count)

[root@es2-6conf]# curl -XGET http://172.31.182.127:9200/_cat/count

1551663506 01:38:26 20137956

1.8 查看字段分配情况接口(_cat/fielddata)

[root@es2-6conf]# curl -XGET http://172.31.182.127:9200/_cat/health

1551663439 01:37:19 master green 3 3 46 230 0 0 0 - 100.0%

[root@es2-6 conf]# curl -XGEThttp://172.31.182.127:9200/_cat/fielddata

IwenSyBeS16QE9Z7WBvnFQ 172.31.182.104172.31.182.104 es2-6.5-2 kibana_stats.kibana.status 728b

IwenSyBeS16QE9Z7WBvnFQ 172.31.182.104172.31.182.104 es2-6.5-2 shard.index 1.9kb

IwenSyBeS16QE9Z7WBvnFQ 172.31.182.104172.31.182.104 es2-6.5-2 shard.node 544b

1.9 查看健康状态接口(_cat/health)

[root@es2-6conf]# curl -XGET http://172.31.182.127:9200/_cat/health

1551663439 01:37:19 master green 3 3 46 230 0 0 0 - 100.0%

1.10 查看索引信息接口(_cat/indices)

[root@es2-6 conf]# curl -XGEThttp://172.31.182.127:9200/_cat/indices

green open metricbeat-6.5.4-2019.03.03 vJag6asmS0ifG6Ty-AEj9Q 1 1 270319 0 86.6mb 43.3mb

green open .monitoring-es-6-2019.03.01 eLpZBY0cTk6XOgKuJNgsUQ 1 1 111017 128 133.2mb 67.2mb

1.11 查看master信息接口(_cat/master)

[root@es2-6conf]# curl -XGET http://172.31.182.127:9200/_cat/master

1r7UJOsPS-ufZyLGlaa2vw 172.31.182.127172.31.182.127 es2-6.5-1

1.12 查看nodes信息接口(_cat/nodes)

[root@es2-6conf]# curl -XGET http://172.31.182.127:9200/_cat/nodes

172.31.182.127 44 57 2 0.05 0.08 0.14 mdi *es2-6.5-1

172.31.182.104 51 98 3 0.02 0.12 0.19di - es2-6.5-2

172.31.182.134 56 98 1 0.78 0.33 0.24di - es2-6.5-3

1.13 查看正在挂起的任务接口(_cat/pending_tasks)

[root@es2-6conf]# curl -XGET http://172.31.182.127:9200/_cat/pending_tasks

[root@es2-6 conf]#

1.14查看插件接口(_cat/plugins)

[root@es2-6conf]# curl -XGET http://172.31.182.127:9200/_cat/plugins

[root@es2-6 conf]#

1.15 查看修复状态接口(_cat/recovery)

[root@es2-6conf]# curl -XGET http://172.31.182.127:9200/_cat/recovery

.monitoring-es-6-2019.03.01 0 5.1s peer done 172.31.182.134es2-6.5-3 172.31.182.127 es2-6.5-1 n/a n/a 32 32 100.0% 32 2285670 2285670100.0% 2285670 8363 8363 100.0%

.monitoring-es-6-2019.03.01 0 59ms existing_store done n/a n/a 172.31.182.134 es2-6.5-3 n/a n/a 0 0 100.0% 32 0 0 100.0% 2285670 0 0 100.0%

.monitoring-es-6-2019.03.04 0 111ms empty_store done n/a n/a 172.31.182.104 es2-6.5-2 n/a n/a 0 0 0.0% 0 0 0 0.0% 0 0 0 100.0%

.monitoring-es-6-2019.03.04 0 257ms peer done 172.31.182.104 es2-6.5-2172.31.182.127 es2-6.5-1 n/a n/a 1 1 100.0% 1 230 230 100.0% 230 1 1 100.0%

.monitoring-es-6-2019.03.03 0 111ms empty_store done n/a n/a 172.31.182.127 es2-6.5-1 n/a n/a 0 0 0.0% 0 0 0 0.0% 0 0 0 100.0%

.monitoring-es-6-2019.03.03 0 648ms peer done 172.31.182.127 es2-6.5-1172.31.182.134 es2-6.5-3 n/a n/a 1 1 100.0% 1 230 230 100.0% 230 1 1 100.0%

.monitoring-es-6-2019.03.02 0 261ms peer done 172.31.182.134 es2-6.5-3172.31.182.104 es2-6.5-2 n/a n/a 1 1 100.0% 1 230 230 100.0% 230 1 1 100.0%

.monitoring-es-6-2019.03.02 0 64ms empty_store done n/a n/a 172.31.182.134 es2-6.5-3 n/a n/a 0 0 0.0% 0 0 0 0.0% 0 0 0 100.0%

.monitoring-es-6-2019.02.28 0 350ms existing_store done n/a n/a 172.31.182.104 es2-6.5-2 n/a n/a 0 0 100.0% 93 0 0 100.0% 293511693 0 0 100.0%

.monitoring-es-6-2019.02.28 0 156ms peer done 172.31.182.104 es2-6.5-2172.31.182.134 es2-6.5-3 n/a n/a 0 0 0.0% 0 0 0 0.0% 0 0 0 100.0%

metricbeat-6.5.4-2019.03.04 0 123ms empty_store done n/a n/a 172.31.182.127 es2-6.5-1 n/a n/a 0 0 0.0% 0 0 0 0.0% 0 0 0 100.0%

1.16查看线城池接口(_cat/thread_pool)

[root@es2-6conf]# curl -XGET http://172.31.182.127:9200/_cat/thread_pool

es2-6.5-1 analyze 0 0 0

es2-6.5-1 ccr 0 0 0

es2-6.5-1 fetch_shard_started 0 0 0

es2-6.5-1 fetch_shard_store 0 0 0

es2-6.5-1 flush 0 0 0

es2-6.5-1 force_merge 0 0 0

es2-6.5-1 generic 0 0 0

es2-6.5-1 get 0 0 0

es2-6.5-1 index 0 0 0

es2-6.5-1 listener 0 0 0

es2-6.5-1 management 1 0 0

es2-6.5-1 ml_autodetect 0 0 0

es2-6.5-1 ml_datafeed 0 0 0

es2-6.5-1 ml_utility 0 0 0

es2-6.5-1 refresh 0 0 0

es2-6.5-1 rollup_indexing 0 0 0

es2-6.5-1 search 0 0 0

es2-6.5-1 search_throttled 0 0 0

es2-6.5-1 security-token-key 0 0 0

es2-6.5-1 snapshot 0 0 0

es2-6.5-1 warmer 0 0 0

es2-6.5-1 watcher 0 0 0

es2-6.5-1 write 0 0 0

es2-6.5-2 analyze 0 0 0

es2-6.5-2 ccr 0 0 0

es2-6.5-2 fetch_shard_started 0 0 0

es2-6.5-2 fetch_shard_store 0 0 0

es2-6.5-2 flush 0 0 0

es2-6.5-2 force_merge 0 0 0

es2-6.5-2 generic 0 0 0

es2-6.5-2 get 0 0 0

es2-6.5-2 index 0 0 0

es2-6.5-2 listener 0 0 0

es2-6.5-2 management 1 0 0

es2-6.5-2 ml_autodetect 0 0 0

es2-6.5-2 ml_datafeed 0 0 0

es2-6.5-2 ml_utility 0 0 0

es2-6.5-2 refresh 0 0 0

es2-6.5-2 rollup_indexing 0 0 0

es2-6.5-2 search 0 0 0

es2-6.5-2 search_throttled 0 0 0

es2-6.5-2 security-token-key 0 0 0

es2-6.5-2 snapshot 0 0 0

es2-6.5-2 warmer 0 0 0

es2-6.5-2 watcher 0 0 0

es2-6.5-2 write 0 0 0

es2-6.5-3 analyze 0 0 0

es2-6.5-3 ccr 0 0 0

es2-6.5-3 fetch_shard_started 0 0 0

es2-6.5-3 fetch_shard_store 0 0 0

es2-6.5-3 flush 0 0 0

es2-6.5-3 force_merge 0 0 0

es2-6.5-3 generic 0 0 0

es2-6.5-3 get 0 0 0

es2-6.5-3 index 0 0 0

es2-6.5-3 listener 0 0 0

es2-6.5-3 management 1 0 0

es2-6.5-3 ml_autodetect 0 0 0

es2-6.5-3 ml_datafeed 0 0 0

es2-6.5-3 ml_utility 0 0 0

es2-6.5-3 refresh 0 0 0

es2-6.5-3 rollup_indexing 0 0 0

es2-6.5-3 search 0 0 0

es2-6.5-3 search_throttled 0 0 0

es2-6.5-3 security-token-key 0 0 0

es2-6.5-3 snapshot 0 0 0

es2-6.5-3 warmer 0 0 0

es2-6.5-3 watcher 0 0 0

es2-6.5-3 write 0 0 0

1.17 查看分片信息接口(_cat/shards)

[root@es2-6conf]# curl -XGET http://172.31.182.127:9200/_cat/shards

metricbeat-6.5.2-2019.03.02 0 p STARTED 5577032 1.4gb 172.31.182.104 es2-6.5-2

metricbeat-6.5.2-2019.03.02 0 r STARTED 5577032 1.5gb 172.31.182.127 es2-6.5-1

.kibana 0 r STARTED 4 19.6kb 172.31.182.104 es2-6.5-2

.kibana 0 p STARTED 4 19.6kb 172.31.182.127 es2-6.5-1

1.18查看lucence的段信息接口(_cat/segments)

[root@es2-6conf]# curl -XGET http://172.31.182.127:9200/_cat/segments

.monitoring-es-6-2019.03.01 0 r 172.31.182.127 _hza 23302 98618 26 56.8mb 91334 true true 7.5.0 false

.monitoring-es-6-2019.03.01 0 r 172.31.182.127 _jya 25858 3062 26 2.2mb 40476 true true 7.5.0 true

.monitoring-es-6-2019.03.01 0 r 172.31.182.127 _jyk 25868 3067 26 2.2mb 40463 true true 7.5.0 true

.monitoring-es-6-2019.03.01 0 r 172.31.182.127 _jyu 25878 3077 26 2.2mb 40578 true true 7.5.0 true

.monitoring-es-6-2019.03.01 0 r 172.31.182.127 _jz4 25888 3121 0 2.2mb 45620 true true 7.5.0 true

.monitoring-es-6-2019.03.01 0 r 172.31.182.127 _jz5 25889 1 0 28.5kb 4198 true true 7.5.0 true

.monitoring-es-6-2019.03.01 0 r 172.31.182.127 _jz6 25890 14 28 69.8kb 9941 true true 7.5.0 true

.monitoring-es-6-2019.03.01 0 r172.31.182.127 _jz7 25891 1 0 28.5kb 4198 true true 7.5.0 true

.monitoring-es-6-2019.03.01 0 r 172.31.182.127 _jz8 25892 14 28 69.7kb 9941 true true 7.5.0 true

1.19 删除某个特定的索引文件

[root@es2-6

conf] curl '172.31.182.161:9200/_cat/indices?v' |grep metric

%Total % Received % Xferd Average Speed Time Time Time Current

Dload Upload Total Spent Left Speed

100 6858 100 6858 0 0 4744 0 0:00:01 0:00:01 --:--:-- 4746

green open metricbeat-2019.04.08 b7PuYCs2SMawRTL_W7Wquw 5 1 187059 0 218.6mb 110.7mb

green open metricbeat-2019.04.05 qEuxBKpgSrqyVKMafHf8pg 5 1 35796018 0 34.9gb 17.4gb

green open metricbeat-2019.04.07 M-YK93FCROy7QYFNRzlSYQ 5 1 34996420 0 36.4gb 18.1gb

green open metricbeat-2019.04.06 oK292DksRLqd5ikdfvNwqA 5 1 35785372 0 34.8gb 17.4gb

[root@elk1 indices]# curl -XDELETE'http://172.31.182.161:9200/metricbeat-2019.04.05'

{"acknowledged":true}

1.20 查看logstash安装的插件

[root@logstash6 bin]# pwd

/usr/share/logstash/bin

[root@logstash6 bin]# ./logstash-pluginlist

1.21 查询各个节点的cpu等使用情况

curl ‘172.31.125.104:9200/_nodes/stats’

Elk的查询使用方法

Elk的查询使用方法

相关阅读更多精彩内容

友情链接更多精彩内容