elastaicsearch demo 模糊查詢,分頁
阿新 • • 發佈:2019-02-10
- 本文對elastaicsearch5.x版本的出現的精準,模糊,分頁等查詢demo,提供工具以供參考。
一、引用pom.xml
<dependency> <groupId>org.elasticsearch</groupId> <artifactId>elasticsearch</artifactId> <version>5.4.0</version> </dependency> <!-- s升級需要依賴的 --> <dependency> <groupId>org.elasticsearch.client</groupId> <artifactId>transport</artifactId> <version>5.4.0</version> </dependency> <dependency> <groupId>org.apache.logging.log4j</groupId> <artifactId>log4j-core</artifactId> <version>2.8.2</version> </dependency> <dependency> <groupId>org.apache.logging.log4j</groupId> <artifactId>log4j-api</artifactId> <version>2.8.2</version> </dependency> <!-- gson 支援 json 串首字元大寫的方式.fastjson 不支援--> <dependency> <groupId>com.google.code.gson</groupId> <artifactId>gson</artifactId> <version>2.8.1</version> </dependency>
二、程式碼
一、連線es客戶端
package es; import org.apache.log4j.Logger; import org.elasticsearch.client.Client; import java.net.UnknownHostException; /** * @author Comsys-xiefg * @ClassName: ESClient * @Description: es 客戶端 * @date 2017年4月18日 下午1:48:10 */ public class ESClient { private static Logger logger = Logger.getLogger(ESClient.class); /** * es伺服器的host */ private static String HOST="192.168.186.229"; /** * es伺服器暴露給client的port */ private static Integer PORT=9300; private static String CLUSTER_NAME="cluster.name"; private static String CLUSTER_NAME_VALUE="elasticsearch.cluster2"; private static final String CLUSTER_CLIENT_SNIFF = "client.transport.sniff"; private static final String SYSTEM_CONFIG_PATH = "system/config"; private ESClient() { } /** * 獲得連線 * * @return * @throws UnknownHostException */ public static synchronized Client getClient() { return ESClientFactory.getClient(CLUSTER_NAME, CLUSTER_NAME_VALUE, HOST, PORT); } public static void close(Client client) { ESClientFactory.close(); if (client != null) { client.close(); } } }
2、建立es 工廠ESClientFactory
package es; import org.elasticsearch.client.Client; /** * Created by Dare on 2017/7/20. */ public class ESClientFactory { public static Client getClient(String clusterName, String clusterNameValue, String host, int port){ EsClientBuilder clientBuilder = new EsClientBuilder(); return clientBuilder.buildClient(clusterName,clusterNameValue,host,port); } public static void close() { EsClientBuilder.client.close(); } }
3、客戶端建立EsClientBuilder
package es;
import org.elasticsearch.client.Client;
import org.elasticsearch.client.transport.TransportClient;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.transport.InetSocketTransportAddress;
import org.elasticsearch.transport.client.PreBuiltTransportClient;
import java.net.InetAddress;
import java.net.UnknownHostException;
/**
* @author xiefg
*
*/
public class EsClientBuilder {
public static TransportClient client = null;
public Client buildClient(String clusterName, String clusterNameValue, String host, int port) {
try {
Settings settings = Settings.builder()
.put(clusterName, clusterNameValue).build();
client = new PreBuiltTransportClient(settings);
client.addTransportAddress(
new InetSocketTransportAddress(InetAddress
.getByName(host), port));
} catch (UnknownHostException e) {
e.printStackTrace();
}
return client;
}
}
4、索引物件
package es;
import java.util.List;
import java.util.Map;
import java.util.Set;
/**
*
* @ClassName: ESIndexObj
* @Description: 索引物件
* @author Comsys-xiefg
* @date 2017年3月30日 下午4:26:04
*
*/
public class ESIndexObj {
/**
* 索引
*/
private String index;
/**
* 型別
*/
private String type;
/**
* 關鍵詞
*/
private String keyWordName;
/**
* 關鍵詞值
*/
private String keyWordValue;
/**
* 開始時間
*/
private String startTime;
/**
* 結束時間
*/
private String endTime;
private String dateFlag;
/**
* 排序列
*/
private String sortColum;
/**
* 精準查詢欄位封裝
*/
private Map<String ,String> queryMap;
/**
* 萬用字元Map
*/
private Map<String ,String> wildcardQueryMap;
/**
* 不包含 精準
*/
private Map<String,Set> queryNotSetMap;
/**
* 相當於 a in ('','','')
*/
private Map<String,List> queryShouldInList;
public Map<String, List> getQueryShouldInList() {
return queryShouldInList;
}
public void setQueryShouldInList(Map<String, List> queryShouldInList) {
this.queryShouldInList = queryShouldInList;
}
public ESIndexObj() {
}
public ESIndexObj(String index, String type) {
this.index = index;
this.type = type;
}
public Map<String, Set> getQueryNotSetMap() {
return queryNotSetMap;
}
public void setQueryNotSetMap(Map<String, Set> queryNotSetMap) {
this.queryNotSetMap = queryNotSetMap;
}
public String getIndex() {
return index;
}
public void setIndex(String index) {
this.index = index;
}
public String getType() {
return type;
}
public void setType(String type) {
this.type = type;
}
public String getKeyWordName() {
return keyWordName;
}
public void setKeyWordName(String keyWordName) {
this.keyWordName = keyWordName;
}
public String getKeyWordValue() {
return keyWordValue;
}
public void setKeyWordValue(String keyWordValue) {
this.keyWordValue = keyWordValue;
}
public String getStartTime() {
return startTime;
}
public void setStartTime(String startTime) {
this.startTime = startTime;
}
public String getEndTime() {
return endTime;
}
public void setEndTime(String endTime) {
this.endTime = endTime;
}
public Map<String, String> getQueryMap() {
return queryMap;
}
public void setQueryMap(Map<String, String> queryMap) {
this.queryMap = queryMap;
}
public String getDateFlag() {
return dateFlag;
}
public void setDateFlag(String dateFlag) {
this.dateFlag = dateFlag;
}
public String getSortColum() {
return sortColum;
}
public void setSortColum(String sortColum) {
this.sortColum = sortColum;
}
public Map<String, String> getWildcardQueryMap() {
return wildcardQueryMap;
}
public void setWildcardQueryMap(Map<String, String> wildcardQueryMap) {
this.wildcardQueryMap = wildcardQueryMap;
}
}
5、工具類ESUtils
package es;
import com.fasterxml.jackson.core.JsonParseException;
import com.fasterxml.jackson.databind.JsonMappingException;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.ultrapower.secsight.view.bean.base.Pagination;
import org.apache.commons.lang.StringUtils;
import org.elasticsearch.action.search.SearchRequestBuilder;
import org.elasticsearch.action.search.SearchResponse;
import org.elasticsearch.client.Client;
import org.elasticsearch.index.query.BoolQueryBuilder;
import org.elasticsearch.index.query.QueryBuilders;
import org.elasticsearch.search.SearchHit;
import org.elasticsearch.search.SearchHits;
import org.elasticsearch.search.sort.SortOrder;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.ObjectOutputStream;
import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Set;
/**
* @author Comsys-xiefg
* @ClassName: ESUtils
* @Description: elasticsearch
* @date 2017年3月23日 下午4:53:58
*/
public class ESUtils {
/**
* 獲得客戶端
*/
public static Client client = ESClient.getClient();
public static long searchTotal(ESIndexObj indexObj)
throws IOException {
String startTime = indexObj.getStartTime();
String endTime = indexObj.getEndTime();
BoolQueryBuilder bqb = new BoolQueryBuilder();
//精準查詢
Map<String, String> queryMap = indexObj.getQueryMap();
toQuery(bqb,queryMap);
//對時間進行範圍查詢
toRangeQuery(bqb,indexObj);
SearchRequestBuilder srb = client.prepareSearch(indexObj.getIndex());
srb.setTypes(indexObj.getType());
srb.setQuery(bqb);
if (StringUtils.isNotBlank(endTime)
|| StringUtils.isNotBlank(startTime)) {
srb.addSort(indexObj.getSortColum(), SortOrder.DESC);
}
SearchResponse response = srb.execute().actionGet();
SearchHits hits = response.getHits();
return hits.getTotalHits();
}
/**
* 查詢所有
*
* @return
* @throws JsonParseException
* @throws JsonMappingException
* @throws IOException
*/
@SuppressWarnings("rawtypes")
public static List searchAll(ESIndexObj indexObj, Class clazz)
throws IOException {
String startTime = indexObj.getStartTime();
String endTime = indexObj.getEndTime();
BoolQueryBuilder bqb = new BoolQueryBuilder();
//精準查詢
Map<String, String> queryMap = indexObj.getQueryMap();
toQuery(bqb,queryMap);
//萬用字元
Map<String, String> wildcardMap=indexObj.getWildcardQueryMap();
toWildcardQuery(bqb,wildcardMap);
//對時間進行範圍查詢
toRangeQuery(bqb,indexObj);
SearchRequestBuilder srb = client.prepareSearch(indexObj.getIndex());
srb.setTypes(indexObj.getType());
srb.setQuery(bqb);
if (StringUtils.isNotBlank(endTime)
|| StringUtils.isNotBlank(startTime)) {
//根據欄位排序
srb.addSort(indexObj.getSortColum(), SortOrder.DESC);
}
SearchResponse response = srb.execute().actionGet();
SearchHits hits = response.getHits();
int totalRecordNum = (int) hits.getTotalHits();
// 設定總數,es支援一次查詢最大10000條,再多出現異常
totalRecordNum=totalRecordNum>10000?10000:totalRecordNum;
srb.setFrom(0).setSize(totalRecordNum).setExplain(true);
SearchHits hitsAll = srb.execute().actionGet().getHits();
List<Object> noauthList = new ArrayList<Object>();
Gson gson = new GsonBuilder()
.setDateFormat("yyyy-MM-dd HH:mm:ss:SSS")
.create();
for (SearchHit searchHit : hitsAll) {
Map<String, Object> source = searchHit.getSource();
/**
* 採用gson,因為fastjson 不支援 首字元大寫的 json 串
*/
Object entity =gson.fromJson(gson.toJson(source),clazz);
noauthList.add(entity);
}
return noauthList;
}
/***
* @param pageSize
* @param pageNo
* @param clazz
* @param indexObj
* @return Pagination 返回型別
* @throws Exception 設定檔案
* @throws
* @Title: findByPage
* @Description: 分頁查詢
*/
@SuppressWarnings({"rawtypes", "unchecked"})
public static Pagination findByPage(Integer pageSize, Integer pageNo,
Class clazz, ESIndexObj indexObj) throws Exception {
Pagination page = new Pagination<>();
pageNo = null == pageNo ? 1 : pageNo;// 當前頁
page.setPageCount(pageNo);
page.setPageSize(pageSize);
SearchData searchData = searchData(indexObj, pageSize, pageNo, clazz);
page.setTotalRecordNum(searchData.getTotalRecordNum());// 總記錄數
int totalPageNum = 1;
int totalRecordNum = searchData.getTotalRecordNum();
if (totalRecordNum > pageSize) {
totalPageNum = totalRecordNum / pageSize + 1;
}
page.setTotalPageNum(totalPageNum);// 設定總頁數
page.setDatas(searchData.getSearchList());
return page;
}
@SuppressWarnings("rawtypes")
private static SearchData searchData(ESIndexObj indexObj, Integer pageSize,
Integer pageNo, Class entityClass) throws UnknownHostException {
// 構建查詢條件
SearchRequestBuilder srb = getQueryBuilder(indexObj, pageSize, pageNo,
client);
SearchResponse response = srb.execute().actionGet();
SearchHits hits = response.getHits();
int totalRecordNum = (int) hits.getTotalHits();
List<Object> list = new ArrayList<Object>();
Gson gson = new GsonBuilder()
.setDateFormat("yyyy-MM-dd HH:mm:ss:SSS")
.create();
for (SearchHit searchHit : hits) {
Map<String, Object> source = searchHit.getSource();
//Gson gson=new Gson();
Object entity =gson.fromJson(gson.toJson(source),entityClass);
list.add(entity);
}
SearchData searchData = new SearchData();
searchData.setSearchList(list);
searchData.setTotalRecordNum(totalRecordNum);
return searchData;
}
/**
* 執行搜尋(帶分組)
*
* @return
* @throws Exception
*/
public static Map<String, String> searcherGroup(ESIndexObj indexObj,
Integer pageSize, Integer pageNo, Class<?> entityClass,
String aggsField) throws Exception {
Client client = ESClient.getClient();
SearchRequestBuilder searchRequestBuilder = getQueryBuilder(indexObj,
pageSize, pageNo, client);
return ESClientUtils.searchGroup(searchRequestBuilder, pageSize, pageNo, entityClass, aggsField);
}
/**
* 構建查詢條件(帶分頁)
*
* @param indexObj
* @param pageSize
* @param pageNo
* @param client
* @return
*/
private static SearchRequestBuilder getQueryBuilder(ESIndexObj indexObj,
Integer pageSize, Integer pageNo, Client client) {
String startTime = indexObj.getStartTime();
String endTime = indexObj.getEndTime();
BoolQueryBuilder bqb = new BoolQueryBuilder();
//精準查詢相應欄位
Map<String, String> queryMap = indexObj.getQueryMap();
toQuery(bqb,queryMap);
//萬用字元wildcard
Map<String, String> wildcardMap=indexObj.getWildcardQueryMap();
toWildcardQuery(bqb,wildcardMap);
//不包含 精準
Map<String, Set> queryNotSetMap = indexObj.getQueryNotSetMap();
toMustNotQuery(bqb,queryNotSetMap);
// 相當於 a in ('','','')
Map<String, List> shouldInList = indexObj.getQueryShouldInList();
toTermsQuery(bqb,shouldInList);
//對時間進行範圍查詢
toRangeQuery(bqb,indexObj);
SearchRequestBuilder srb = client.prepareSearch(indexObj.getIndex());
srb.setTypes(indexObj.getType());
srb.setQuery(bqb);
srb.setFrom((pageNo - 1) * pageSize).setSize(pageSize).setExplain(true);
if (StringUtils.isNotBlank(startTime)
|| StringUtils.isNotBlank(endTime)) {
if(indexObj.getSortColum()!=null){
srb.addSort(indexObj.getSortColum(), SortOrder.DESC);
}
}
return srb;
}
/**
* @desc 一個欄位 不包含
* @param bqb
* @param queryNotSetMap
*/
private static void toMustNotQuery(BoolQueryBuilder bqb ,Map<String ,Set> queryNotSetMap){
if(queryNotSetMap!=null){
for (Map.Entry<String, Set> entry : queryNotSetMap.entrySet()) {
String keyStr= entry.getKey().toString();
Set<String> setVal=entry.getValue();
for (String str : setVal) {
bqb.mustNot(QueryBuilders.termQuery(keyStr, str));
}
}
}
}
/**
* @desc 萬用字元匹配 例如 *hello*
* @param bqb
* @param wildcardMap
*/
private static void toWildcardQuery(BoolQueryBuilder bqb ,Map<String ,String> wildcardMap){
Set<String> keySet = null;
if (wildcardMap != null && (keySet = wildcardMap.keySet()) != null) {
for (String key : keySet) {
bqb.must(QueryBuilders.wildcardQuery(key, "*"+wildcardMap.get(key)+"*"));
}
}
}
/**
* @desc 相當於 a in(‘1’,‘2’)
* @param bqb
* @param termsInList
*/
private static void toTermsQuery(BoolQueryBuilder bqb ,Map<String ,List> termsInList){
if (termsInList != null && (termsInList.keySet()) != null) {
for (Map.Entry<String, List> entry : termsInList.entrySet()) {
String keyStr = entry.getKey().toString();
List<String> setVal = entry.getValue();
bqb.must(QueryBuilders.termsQuery(keyStr,setVal));
}
}
}
/**
* @desc 精準查詢 相應的欄位
* @param bqb
* @param queryMap
*/
private static void toQuery(BoolQueryBuilder bqb ,Map<String ,String> queryMap){
Set<String> keySet = null;
if (queryMap != null && (keySet = queryMap.keySet()) != null) {
for (String key : keySet) {
bqb.must(QueryBuilders.termQuery(key, queryMap.get(key)));
}
}
}
/**
* @desc 精準查詢 對 時間範圍
* @param bqb
* @param indexObj
*/
private static void toRangeQuery(BoolQueryBuilder bqb , ESIndexObj indexObj){
// 關鍵欄位,關鍵詞
String startTime = indexObj.getStartTime();
String endTime = indexObj.getEndTime();
String dateFlag = indexObj.getDateFlag();
if (StringUtils.isNotBlank(startTime)
&& StringUtils.isNotBlank(dateFlag)) {
bqb.must(QueryBuilders.rangeQuery(dateFlag).gte(startTime));
}
if (StringUtils.isNotBlank(endTime) && StringUtils.isNotBlank(dateFlag)) {
bqb.must(QueryBuilders.rangeQuery(dateFlag).lte(endTime));
}
}
/**
* 物件轉陣列
*
* @param obj
* @return
*/
public static byte[] toByteArray(Object obj) {
byte[] bytes = null;
ByteArrayOutputStream bos = new ByteArrayOutputStream();
try {
ObjectOutputStream oos = new ObjectOutputStream(bos);
oos.writeObject(obj);
oos.flush();
bytes = bos.toByteArray();
oos.close();
bos.close();
} catch (IOException ex) {
ex.printStackTrace();
}
return bytes;
}
}
6、分頁
package com.ultrapower.secsight.view.bean.base;
import java.util.List;
/**
*
* @Title:Pagination
* @Description:分頁實體類
* @author xiefg
*/
public class Pagination<T> {
/**
* 每頁顯示總記錄數,預設為10
*/
private int pageSize = 10;
/**
* 當前頁數:預設值從1開始的
*/
private int pageCount = 1;
/**
* 總記錄數
*/
private long totalRecordNum;
/**
* 總頁數
*/
private int totalPageNum;
/**
* 分頁查詢到的資料
*/
private List<T> datas;
/**
* 操作錯誤資訊
*/
private String errorMsg;
public int getPageSize() {
return pageSize;
}
public void setPageSize(int pageSize) {
this.pageSize = pageSize;
}
public int getPageCount() {
return pageCount;
}
public void setPageCount(int pageCount) {
this.pageCount = pageCount;
}
public long getTotalRecordNum() {
return totalRecordNum;
}
public void setTotalRecordNum(long totalRecordNum) {
this.totalRecordNum = totalRecordNum;
}
public int getTotalPageNum() {
return totalPageNum;
}
public void setTotalPageNum(int totalPageNum) {
this.totalPageNum = totalPageNum;
}
public List<T> getDatas() {
return datas;
}
public void setDatas(List<T> datas) {
this.datas = datas;
}
public String getErrorMsg() {
return errorMsg;
}
public void setErrorMsg(String errorMsg) {
this.errorMsg = errorMsg;
}
@Override
public String toString() {
return "Pagination [pageSize=" + pageSize + ", pageCount=" + pageCount + ", totalRecordNum=" + totalRecordNum
+ ", totalPageNum=" + totalPageNum + "]";
}
}
7、分頁封裝返回資料SearchData
package es;
import java.util.ArrayList;
import java.util.List;
/**
*
* @ClassName: SearchData
* @Description: 搜尋返回的資料實體
* @author Comsys-xiefg
* @date 2017年3月27日 下午5:46:25
*
*/
public class SearchData {
private int totalRecordNum;
private List<?> searchList=new ArrayList<>();
public int getTotalRecordNum() {
return totalRecordNum;
}
public void setTotalRecordNum(int totalRecordNum) {
this.totalRecordNum = totalRecordNum;
}
public List<?> getSearchList() {
return searchList;
}
public void setSearchList(List<?> searchList) {
this.searchList = searchList;
}
}
針對以上是整個工具用的,後續需要呼叫相關API
ESUtils.findByPage(Integer pageSize, Integer pageNo, Class clazz, ESIndexObj indexObj
)
引數說明:
pageSize 設定頁數大小。
pageNo設定第幾頁 。
Class 為需要查詢的相關物件(封裝的欄位要和elasticserach索引欄位對應相同)
ESIndexObj 為過濾物件,可以設定索引名稱,型別,精準,模糊,in 等查詢支援
三、測試demo
1、es索引資料如下圖:
2、索引實體類
package com.ultrapower.secsight.view.bean.base;
import java.io.Serializable;
public class AttackLog implements Serializable {
private String logId;
private String srcip;
private String srcPort;
private String destip;
private String destPort;
private String proto;
private String time;
private String type;
private String subject;
private String year;
private String month;
private String week;
private String day;
private Long dayofweek;
private Long hour;
private String count;
private String eventkmid;
private String biz;
private String host;
public String getHost() {
return host;
}
public void setHost(String host) {
this.host = host;
}
public String getBiz() {
return biz;
}
public void setBiz(String biz) {
this.biz = biz;
}
public AttackLog() {
}
public String getLogId() {
return logId;
}
public void setLogId(String logId) {
this.logId = logId;
}
public String getSrcip() {
return srcip;
}
public void setSrcip(String srcip) {
this.srcip = srcip;
}
public String getSrcPort() {
return srcPort;
}
public void setSrcPort(String srcPort) {
this.srcPort = srcPort;
}
public String getDestip() {
return destip;
}
public void setDestip(String destip) {
this.destip = destip;
}
public String getDestPort() {
return destPort;
}
public void setDestPort(String destPort) {
this.destPort = destPort;
}
public String getProto() {
return proto;
}
public void setProto(String proto) {
this.proto = proto;
}
public String getTime() {
return time;
}
public void setTime(String time) {
this.time = time;
}
public String getType() {
return type;
}
public void setType(String type) {
this.type = type;
}
public String getSubject() {
return subject;
}
public void setSubject(String subject) {
this.subject = subject;
}
public String getYear() {
return year;
}
public void setYear(String year) {
this.year = year;
}
public String getMonth() {
return month;
}
public void setMonth(String month) {
this.month = month;
}
public String getWeek() {
return week;
}
public void setWeek(String week) {
this.week = week;
}
public String getDay() {
return day;
}
public void setDay(String day) {
this.day = day;
}
public Long getDayofweek() {
return dayofweek;
}
public void setDayofweek(Long dayofweek) {
this.dayofweek = dayofweek;
}
public Long getHour() {
return hour;
}
public void setHour(Long hour) {
this.hour = hour;
}
public String getCount() {
return count;
}
public void setCount(String count) {
this.count = count;
}
public String getEventkmid() {
return eventkmid;
}
public void setEventkmid(String eventkmid) {
this.eventkmid = eventkmid;
}
@Override
public String toString() {
return "AttackLog{" +
"logId='" + logId + '\'' +
", srcip='" + srcip + '\'' +
", srcPort='" + srcPort + '\'' +
", destip='" + destip + '\'' +
", destPort='" + destPort + '\'' +
", proto='" + proto + '\'' +
", time='" + time + '\'' +
", type='" + type + '\'' +
", subject='" + subject + '\'' +
", year='" + year + '\'' +
", month='" + month + '\'' +
", week='" + week + '\'' +
", day='" + day + '\'' +
", dayofweek=" + dayofweek +
", hour=" + hour +
", count='" + count + '\'' +
", eventkmid='" + eventkmid + '\'' +
", biz='" + biz + '\'' +
", host='" + host + '\'' +
'}';
}
}
3、Test類
package es;
import com.ultrapower.secsight.constant.Systemconstant;
import com.ultrapower.secsight.util.date.LocalDateUtil;
import com.ultrapower.secsight.util.xls.ExcelUtil;
import com.ultrapower.secsight.view.bean.base.AttackLog;
import com.ultrapower.secsight.view.bean.base.Pagination;
import org.junit.Test;
import java.io.IOException;
import java.lang.reflect.Field;
import java.util.*;
/**
* @author xiefg
* @create 2018-07-20 15:00
* @desc
**/
public class EsTest {
@Test
public void testPage() {
/**
* 分頁查詢
*/
ESIndexObj esIndexObj=new ESIndexObj();
esIndexObj.setIndex("attacklog");
esIndexObj.setType("attacklog");
/***
* 設定精準查詢 過濾欄位
*/
Map queryMap=new HashMap();
queryMap.put("destip","172.16.6.212");
esIndexObj.setQueryMap(queryMap);
try {
Pagination<AttackLog> pagination= ESUtils.findByPage(10,1,AttackLog.class,esIndexObj);
List<AttackLog> attackLogList=pagination.getDatas();
//函數語言程式設計遍歷物件
attackLogList.stream().forEach(attackLog -> {
System.out.println(attackLog.toString());
});
} catch (Exception e) {
e.printStackTrace();
}
}
}
結果如下:
AttackLog{logId='4295239709', srcip='124.126.244.146', srcPort='0', destip='172.16.6.212', destPort='0', proto='HTTP', time='2017-12-06 09:58:43', type='HTTP_SQL注入攻擊', subject='SQL注入攻擊', year='2017', month='201712', week='201749', day='20171206', dayofweek=3, hour=9, count='255', eventkmid='6', biz='null', host='null'}
AttackLog{logId='4295239709', srcip='', srcPort='', destip='172.16.6.212', destPort='80', proto='', time='2017-12-06 15:07:00', type='waf_log_urihits', subject='URL攻擊', year='2017', month='201712', week='201749', day='20171206', dayofweek=3, hour=15, count='', eventkmid='6', biz='null', host='null'}
AttackLog{logId='4295239709', srcip='124.126.244.146', srcPort='0', destip='172.16.6.212', destPort='0', proto='HTTP', time='2017-12-07 09:14:17', type='HTTP_SQL注入攻擊', subject='SQL注入攻擊', year='2017', month='201712', week='201749', day='20171207', dayofweek=4, hour=9, count='255', eventkmid='6', biz='null', host='null'}
AttackLog{logId='4295239709', srcip='', srcPort='', destip='172.16.6.212', destPort='80', proto='', time='2017-12-07 09:07:00', type='waf_log_urihits', subject='URL攻擊', year='2017', month='201712', week='201749', day='20171207', dayofweek=4, hour=9, count='', eventkmid='6', biz='null', host='null'}
AttackLog{logId='4295239709', srcip='220.181.125.98', srcPort='11041', destip='172.16.6.212', destPort='80', proto='HTTP', time='2017-12-06 09:58:43', type='HTTP_sogou_spider_爬取網頁', subject='sogou_spider爬取網頁', year='2017', month='201712', week='201749', day='20171206', dayofweek=3, hour=9, count='', eventkmid='6', biz='null', host='null'}
AttackLog{logId='4295239709', srcip='220.181.125.98', srcPort='11041', destip='172.16.6.212', destPort='80', proto='HTTP', time='2017-12-07 09:14:17', type='HTTP_sogou_spider_爬取網頁', subject='sogou_spider爬取網頁', year='2017', month='201712', week='201749', day='20171207', dayofweek=4, hour=9, count='', eventkmid='6', biz='null', host='null'}
如圖為經過精準過濾後的資料
以上工具,針對不同的索引,只需要物件和索引欄位對應,呼叫分頁方法即可。
其它查詢總數後續繼續........