我在 Elasticsearch 中有以下示例文档
[
{
"_index": "beatbox-2018.11.19",
"_source": {
"connection": "10",
"user": "op-dashboard",
"key": "monolith_connection_sniffer"
}
},
{
"_index": "beatbox-2018.11.19",
"_source": {
"connection": "10",
"user": "op-dashboard",
"key": "monolith_connection_sniffer"
}
}
]
当我查询user时,我得到了预期的结果。
curl -X GET \
'http://127.0.0.1:9200/beatbox-2018.11.19/_search?q=user:op-dashboard'
在格拉法纳:
我试图为用户字段添加一些带有变量的查询。
{ "find": "terms", "field": "user" }
但是我得到了用户字段的标记化值。
`op`, `dashboard`
在后台,以下有效负载正在发送以供查询
{
"size": 0,
"query": {
"bool": {
"filter": [
{
"query_string": {
"analyze_wildcard": true,
"query": "*"
}
}
]
}
},
"aggs": {
"1": {
"terms": {
"field": "user",
"size": 500,
"order": {
"_term": "asc"
}
}
}
}
}
查询返回标记化结果。我怎样才能阻止它?
我已经尝试过以下模板
{
"index_patterns": [
"beatbox*"
],
"mappings": {
"doc":
"properties": {
"user": {
"type": "text",
"fielddata": true,
"analyzer":"whitespace",
"search_analyzer": "whitespace"
}
}
}
}
}
还有分析仪
{
"index": {
"analysis": {
"default": {
"analyzer": {
"analyzer_keyword": {
"tokenizer": "whitespace"
}
}
}
}
}
}
索引映射:
{
"beatbox-2018.11.19":{
"mappings":{
"doc":{
"_all":{
"enabled":false
},
"numeric_detection":true,
"properties":{
"connection":{
"type":"long"
},
"key":{
"type":"text",
"norms":false,
"index_options":"freqs"
},
"user":{
"type":"text",
"fielddata":true
}
}
}
}
}
}
有什么帮助吗?